Privacy manifest
Intro
At WWDC23 Apple introduces a new mechanism to help developers describe how app handles user data, and uses iOS SDK.
Main part of this mechanism is a privacy manifest, file named PrivacyInfo.xcprivacy that contains info about how user data is processed and which SDK API related to privacy are used.
AppSpector iOS SDK includes PrivacyInfo.xcprivacy file starting the 1.4.9 version. This file also available on our GitHub repo in case you are using older SDK versions.
If you don't want to add our manifest to your bundle you can add following info on API usage and data processing to your own manifest.
Data Use
| Data type | Description | Value |
|---|---|---|
| Device ID | Such as the device’s advertising identifier, or other device-level ID. | NSPrivacyCollectedDataTypeDeviceID |
| Precise location | Information that describes the location of a user or device with the same or greater resolution as a latitude and longitude with three or more decimal places. | NSPrivacyCollectedDataTypePreciseLocation |
| Product interaction | Such as app launches, taps, clicks, scrolling information, music listening data, video views, saved place in a game, video, or song, or other information about how the user interacts with the app. | NSPrivacyCollectedDataTypeProductInteraction |
| Crash data | Such as crash logs. | NSPrivacyCollectedDataTypeCrashData |
| Performance data | Such as launch time, hang rate, or energy use. | NSPrivacyCollectedDataTypePerformanceData |
| Other diagnostic data | Any other data collected for the purposes of measuring technical diagnostics related to the app. | NSPrivacyCollectedDataTypeOtherDiagnosticData |
Use of required reason API
| API Category | API Category Type | Reason | Comments |
|---|---|---|---|
| File Timestamp | NSPrivacyAccessedAPICategoryFileTimestamp | C617.1 | SDK access the timestamps, size, or other metadata of files inside the app container, app group container, or the app’s CloudKit container. |
| System Boot Time | NSPrivacyAccessedAPICategorySystemBootTime | 35F9.1 | SDK access the system boot time in order to measure the amount of time that has elapsed between events that occurred within the app or to perform calculations to enable timers. Information accessed for this reason, or any derived information, may not be sent off-device. There is an exception for information about the amount of time that has elapsed between events that occurred within the app, which may be sent off-device. |
| User Defaults | NSPrivacyAccessedAPICategoryUserDefaults | 1C8F.1 | SDK access user defaults to read and write information that is only accessible to the apps, app extensions, and App Clips that are members of the same App Group as the app itself. This reason does not permit reading information that was written by apps, app extensions, or App Clips outside the same App Group or by the system. This reason also does not permit writing information that can be accessed by apps, app extensions, or App Clips outside the same App Group. |
Updated 2 months ago