-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Apple Privacy Manifest File #18
Comments
Hi @mattiacantalu, we will look into this in March/April. |
Hi @mattiacantalu ! Thanks for your comment. Please review comments below:
|
Hi @ZahraMammadli , thank you for your response. |
@mattiacantalu our solution is web-view that wraps our web widget, so we are not using any native API directly. |
Hello, as this SDK is the way we consume the web widget, the SDK should include a privacy manifest file. This way it ensures we, as a user of a sdk, don't miss any way you use app user data. |
@zarghol thanks for the input. We will update it on our side and get back to you shortly. |
@zarghol this should be already solved, we made a new release with the added |
Thank you to add the file ! however it is missing in our end, because you need to add it to Podspec for Cocoapod, and Package.swift for SPM |
these changes seems okay to me 👍 |
yes the manifest is not correct and doesn't follow the Apple documentation for keys and values. Additionally @nicolasjuarezn check this EDIT: an example of the manifest available also here https://github.com/SDWebImage/SDWebImage/blob/master/WebImage/PrivacyInfo.xcprivacy |
Hey @mattiacantalu and @zarghol thanks for your help, I have a question because a few aspects of this topic remains unclear for me,
Base on my understanding, “Tracking” refers to linking data collected from your app about a particular end-user or device, such as a user ID, device ID, or profile, with Third-Party Data for targeted advertising or advertising measurement purposes, or sharing data collected from your app about a particular end-user or device with a data broker. In theory the SDK would "track" the user within a WebView, but with the purpose of understanding/creating a profile in FitFinder for a logged in (or not -session based-) user. However, this is not for targeted advertising or advertising measurement purposes or "data collection" as if were for analytics. On top of that we have business metrics that we trigger depending on different states of the widget, however everything runs under the same domain "fitanalytics.com", so it is a little bit unclear how to proceed here because I am afraid that I set the domain under Can you help me to clarify this topic?
|
@nicolasjuarezn afaik trackings domains relay on |
This is how I understand all this things:
I think, it should be changed for clarity in you end, in order to have a better comprehension of how all the data fits together (no pun intended), and allows to be deactivated on a per user base if needed. Before this change, maybe just don't add NSPrivacyTracking and NSPrivacyTrackingDomains in the file, as only NSPrivacyAccessedAPITypes seems mandatory |
According to the AppTrackingTransparency framework our app is not collecting data about the end users and share it with other companies for the purpose of tracking across apps and web sites. We are processing data on behalf of our clients in order to provide our services and thus we will set NSPrivacyTracking to No.
Based on my comment before:
After a deep review, even with out internal teams, we are not doing any of the four topics mentioned above. We are exclusively using the collected data to provide our functionally, we are not data brokers. So, I am going to update the manifest with <dict>
<key>NSPrivacyTracking</key>
<false/>
<key>NSPrivacyTrackingDomains</key>
<array/>
<key>NSPrivacyCollectedDataTypes</key>
<array>
<dict>
<key>NSPrivacyCollectedDataType</key>
<string>NSPrivacyCollectedDataTypeUserID</string>
<key>NSPrivacyCollectedDataTypeLinked</key>
<true/>
<key>NSPrivacyCollectedDataTypeTracking</key>
<false/>
<key>NSPrivacyCollectedDataTypePurposes</key>
<array>
<string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
</array>
</dict>
</array>
<key>NSPrivacyAccessedAPITypes</key>
<array/>
</dict> |
@nicolasjuarezn @ZahraMammadli i've left a comment here #23. Could you please take a look? |
Any update about the privacy manifest file?
The text was updated successfully, but these errors were encountered: