Using Apple’s privacy manifest
With the release of iOS 17, Apple introduced privacy manifests, a file type that outlines the privacy practices of an app and its third party SDKs, their data-collection methods, and the reason it collects the data.
For more information, see the following Apple help articles:
Create your app privacy report
Your app’s third-party SDKs must declare the types of data they collect in their respective privacy manifests. Xcode 15+ automatically combines all installed third-party SDKs’ privacy manifests into a single privacy report. Developers can then use this comprehensive report to create more accurate Privacy Nutrition Labels.
For more information, see the Apple help article Create your app’s privacy report.
Privacy Nutrition Labels
Introduced in 2020 with iOS 14, Privacy Nutrition labels are an App Store feature designed to give users more transparency into what data an app collects and how that data is used.
When publishing an app through App Store Connect, developers are required to disclose predefined types of data that are:
- Used to track the user
- Linked to the user
- Not linked to the user
The privacy reports generated from the individual privacy manifest were designed to make it easier for developers to provide more accurate labels when submitting their applications.
Swrve privacy manifest
The following sections outline the default data tracking and required reason APIs utilized by the Swrve SDK(s). Additionally, you have the option to send supplementary user data to Swrve through the SDKs by utilizing custom events and user properties. You must identify all of the data categories based on their specific implementation of the Swrve SDKs and then update the Privacy Nutrition Label accordingly.
Swrve offers its own privacy manifest for iOS SDK 8.12.0+, Unity SDK 9.3.0+, and Geo SDK 5.1.0+. If you are using an earlier version of Swrve’s SDK(s), refer to the required reason APIs and collected data categories below when creating your app’s privacy manifest.
Tracking
Swrve does not track any data that requires the App Tracking Transparency framework. Furthermore, Privacy Tracking Enabled is set as false, and Privacy Tracking Domains are empty in Swrve’s privacy manifest.
Required reason API usage
Apple provides a list of required reason APIs that must be listed in the manifest with a reason for usage. The Swrve iOS and Unity SDKs use the following two APIs:
| API type | Reason |
|---|---|
| NSPrivacyAccessedAPICategoryUserDefaults | CA92.1 |
Collected data categories
The data types collected by the Swrve SDKs are not linked to the user’s identity or used for tracking purposes by default.
Collected by default
The following data categories are collected by default by Swrve’s SDKs:
| Data type | Usage | Description |
|---|---|---|
| User ID |
|
The Swrve SDKs generate an anonymous ID when it is initialized for the first time on a device. This ID is not associated with an end user by default |
| Device ID |
|
The Swrve SDKs generates a random Device ID when it is initialized for the first time on a device. This ID is not associated with an end user by default. |
| Product Interaction |
|
The Swrve SDKs collect events relating to app sessions and message interactions. The SDKs do not collect any custom events, purchase behavior, or user properties by default. |
Swrve Geo SDK
When initiated, Swrve’s Geo SDK will request permission to track a user’s coarse location. If authorized, it may then request permission to track the device’s precise location.
| Data type | Usage | Description |
|---|---|---|
| PreciseLocation |
|
For the SDK to record a user’s precise location, explicit authorization for precise location tracking must be granted by the user when requested by the application. A user can rescind permission at any point. |
| CoarseLocation |
|
To record a user’s coarse location, explicit authorization for location tracking must be granted by the user when requested by the application. A user can rescind permission at any point. |