Swrve and your data
Document date: 1 January 2021
Swrve SDK version: 4.0. The information below can only be relied on for this version of Swrve and subsequent versions until a new Data Policy is published.
This article explains more specifically what data the Swrve Service collects either automatically or by default (which can be adjusted by you), from users of your apps.
Information collected automatically on deployment of the Swrve service
Swrve logs device properties as follows:
- Device type/model (for example, iPhone 11)
- Screen resolution and size
- OS platform and version
- Timezone as reported by the OS
- The device’s time offset from UTC
- User’s language preference
- Version of Swrve SDK installed
- Carrier name and geography
- User app session information, such as install time, session start and end times, number of sessions.
Users’ IP addresses are automatically sent to the Swrve system as a necessary component of the HTTP headers when the customer’s app makes API calls to the Swrve Service. Swrve does not permanently store IP addresses or make use of them for any purpose other than debugging or maintaining the Swrve Service.
For Push Notifications only (when enabled by the user):
- Device push token
For apps using geo-location services (when enabled by the user):
- Device lat/long
- Notifications when users enter or leave defined locations or regions
Default information collected on deployment of the Swrve Service
By default, Swrve assigns a per-app per-user unique SwrveID and this SwrveID is stored on the user’s device. Swrve’s customers can override this with their own unique UserID if desired. If a user of an app uninstalls the app, the SwrveID (and all other Swrve data for this app stored on the device) is deleted.
If a Swrve customer has enabled push notifications, it is necessary for Swrve to collect the push tokens for each user’s device. Note that device tokens are “online contact information” under COPPA (for more information, see COPPA and Swrve FAQ). Swrve does not request an end user for permission to receive push notifications; you are responsible for getting this authority from the end user or for enabling Swrve to collect this on your behalf.
There may be situations where you wish to use personal data (for example, an email address) for the purposes of matching users with your internal CRM or other systems (for example to integrate Swrve reporting with the reporting of your email provider). For these cases, to retain anonymity of data, we recommend using a hash of the personal data to avoid transmitting this personal data directly to Swrve.
All other information collected by the Swrve Service is at the discretion of each Swrve customer and can be adjusted at any time at the request of the customer.
Minimum information collected
Certain minimum information is required to be collected by Swrve on deployment of the Swrve Service. Also, certain features of the Swrve Service are dependent on certain specific data being collected. The following is the minimum list:
- Push notification functionality requires push tokens, the device’s timezone and offset from UTC.
- In-app messages and conversations require device resolution and screen size data to operate.
- Timezone targeting of messages and push notifications require the device’s timezone and offset from UTC.
- Language targeting of in-app messages, conversations and push notifications require the language setting of the device.
- Location targeting of push notifications, in-app messages and conversations requires the device lat/long information and the notifications regarding when the device is entering or leaving defined regions.
Older versions of Swrve
Older (pre 3.4) versions of Swrve collect ID4V and Android and Unity UserIDs by default. If a customer wishes to override this behavior they can supply their own UserID to Swrve.
Significantly older versions of Swrve collect MAC addresses and UDIDs, which is no longer permitted. It is required that developers upgrade to the latest version of Swrve when submitting new apps for distribution in order to comply with app guidelines from the platform manufacturers.
Does Swrve share data across customers?
No. Other than aggregated anonymized data, Swrve only shares data across apps from the same developer and only for the purposes of determining total monthly active user (MAU) counts across those apps for billing purposes.
Does Swrve track users across apps from different developers?
No. Swrve does use, store and report on aggregated data (for example, we know how many MAUs are being served for a given developer’s apps across our entire system; we know how many MAU are on iOS apps using the Swrve service, and so forth). We do not track users from app to app among/across different developers.
Does Swrve track users across apps from the same developer?
By default, no. Each user of an app is given a default SwrveID which is unique for that user and that app. A user using different apps from the same developer will have a unique SwrveID for each of these apps. Customers may choose to override this behavior and supply a UserID to Swrve which is consistent across multiple apps.
Does Swrve share data with any Third parties?
In the provision of the Swrve service we use Amazon Web Services; all data collected by Swrve is stored and processed on Amazon Web Services facilities. Swrve may also integrate with a number of third party services, as required by our customers (for example, Marketo and ExactTarget for email services). The data shared with these third parties is defined in the terms of service you will enter into in order to authorize Swrve’s sharing of data with these services.