I added the App Tracking Transparency dialog in my code to ask users if they allow tracking.
My app was rejected in the App Store Connect -
Your app contains NSUserTrackingUsageDescription, indicating that you will request permission to track users.
But now I'm not sure if I really need to use tracking?
I simply use Admob to show ads, and have only one app, so I don't need to collect data?
I have no idea what type of ads Admob shows the users (personalized/not personalized)
I assumed that everyone who uses Admob should show that User Tracking permission for ios14+, but do I really? Why do I need to collect data?
no you don't need NSUserTrackingUsageDescription if you use Admob.
you can use this permission like if you want to get advertising id of the device.
and remember to delete NSUserTrackingUsageDescription from info.plist if you don't use it so your app don't get rejected.
also if you used this permission remember to change the privacy of the app on apple store,
go to app privacy and in data types section click edit and select Identifiers (Device ID) and set this one as used for tracking purposes. and make sure that this is the only one selected as used for tracking.
Related
I keep getting my iOS app submission rejected by apple with the following message:
Guideline 5.1.2 - Legal - Privacy - Data Use and Sharing
The app privacy information you provided in App Store Connect still
indicates you collect data in order to track the user, including User
ID and Product Interaction. However, you do not use App Tracking
Transparency to request the user's permission before tracking their
activity.
Starting with iOS 14.5, apps on the App Store need to receive the
user’s permission through the AppTrackingTransparency framework before
collecting data used to track them. This requirement protects the
privacy of App Store users.
Next Steps
Here are two ways to resolve this issue:
If you do not currently track, or decide to stop tracking, update your app privacy information in App Store Connect. You must have the
Account Holder or Admin role to update app privacy information.
If you track users, you must implement App Tracking Transparency and request permission before collecting data used to track. When you
resubmit, indicate in the Review Notes where the permission request is
located.
Resources
Tracking is linking data collected from your app with third-party data for advertising purposes, or sharing the collected data with a
data broker. Learn more about tracking.
See Frequently Asked Questions about the new requirements for apps that track users.
Learn more about designing appropriate permission requests.
I already updated my app not to use any IDFA calls (including all the facebook and other SDKs) https://developer.apple.com/documentation/adsupport/asidentifiermanager/1614151-advertisingidentifier
When I try to set the checkboxes in App Privacy section of the app they can't be completely uncheck (i.e. at least one of the options has to be selected) so I can't state that my app is no using device id even though the codebase doesn't make advertisingidentifier at all.
Does App Tracking Transparency really mean that we can't track anything, even user clicks on buttons and screen views???? If so that's insane!
The main issue is that I want to have a better user experience for my users by not showing them an unnecessary ATT prompt.
You need to do the following 2 things:
Update the Data Types section to remove the Device Id. You can find it on the top of the privacy section, then hit Edit, navigate through till the last Nexts and uncheck the Device Id
Update the User ID and Product Interaction sections to uncheck - No, we do not track the user. You can find it at the end of the privacy section, then hit Edit, navigate through till the lastNexts and uncheck the above-mentioned box.
Submit the app again for review.
We were facing same issue when we removed Tracking from application and NSUserTrackingUsageDescription key from app.
Our app was already live on store with tracking enabled. In new version we faced this issue. When app was rejected we just replied them that we are not using this anymore in our application so we removed tracking authentication popup. We also told them that we were not able to update in App privacy because live version have tracking enabled.
After that reply they approved.
Sample Answer to apple when we removed from existing app:
"we have removed NSUserTrackingUsageDescription and tracking from this version, so we also removed Tracking Permission Popup from this version. We tried to remove it from App Privacy, but we could not change the Privacy data types in the Appstore connect because the current live version does use that permission. Please review our request and approve our application submission"
I just got mail from Apple stating that
"Data use & sharing" : Your app uses analytics software to collect and send user or device data to a third party without the user's consent. Apps must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity. This includes any use of the device camera, microphone, or other user inputs.
For your app to remain available on the App Store, you must remove any code, frameworks, or SDKs that collect, record or share a users data and resubmit your app for review.
Please let us know what is the recommended way to handle it,
My suggestions:
Can we just remove the data tracking(only for analytics & statistics which is the key to business) 3rd party SDKs ?
(or)
Just add permission alert stating that we are collecting information for so and so permission and track information ?
Apple has started a crackdown on the apps which tracks user activity through user inputs, screen recording etc.
The best way to get your app approved is to remove any code or the third party sdks which tracks user activity. I resubmitted an app today by removing a third party library and it got approved right away.
But if statistics are the key to your business then you can take a hint from here.
Apps must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.
If you use your own privacy policy then clearly state how you track your user and how user's data will be used. And in addition to that, also show some kind of alert in your app that how the user data will be used (maybe through a UIPageViewController)
We ended up keeping all of our analytics (MixPanel, Google, Crashlytics, Facebook, AppsFlyer).
We only removed AppSee - because of the screen recording, and got approved within 10 hours.
My conclusion is that the only thing to remove is the screen recoding and all he rest can remain as is.
In my iOS app, I am looking for a unique identifier to use to be able distinguish between users but for the users to be completely anonymous to us who are providing the app.
Scenario: I am building "make comments" function in the app which will be sent to a moderator before being published in the discussion area in the app. The user's identity should be anonymous to me and to anyone who may hack into my system storage that contains discussion content (think GDPR).
The best iOS library option seems to be identifierForVendor, but the user has no easy control over resetting that identifier.
I like the IDFA library more, as the user can be completely anonymous and at their discretion set their identifier to all zeroes using built-in Apple settings. BUT I am not serving advertising. Is Apple still rejecting apps that use IDFA but have no ads?
Other ideas?
Thanks.
I have problem passing the apple store review because my app should be available only to users already selected outside the app. So other random people essentially should not access the app. This flow however is tecnically against the apple policies. Here is the question: there are apps like innercircle (https://www.theinnercircle.co) that were able to overcome the policies. Do you know how they did it?
I am using facebook iOS ads to send install to my app.
I am using the following code to track the installs.
- (void)applicationDidBecomeActive:(UIApplication *)application {
[FBSession.activeSession handleDidBecomeActive];
[FBSettings publishInstall:[FBSession defaultAppID]];
}
Is there anyway to track that a new install actually came from Facebook? I want to plug it into Flurry and track what quality of user I am getting.
Typically when you track ad providers (be it facebook, greystripe, adcolony, etc) they will record some sort of device identifier for every device that clicks the ad. In the past it was UDID but moving forward Apple is pushing their advertiser identifier.
You will need to store your own list of identifiers for every device that installed your app and then cross reference with the list of devices that clicked on the advertisement. The ad provider should be able to provide this list, including Facebook.
I am not sure if Flurry supports making cohorts by advertiser but I do know Kontagent has some admin tools which allow you to drop in reports from the ad networks to enable tracking by provider. Alternatively you could always roll your own.
There is no way.
You could check wether the user liked your Fanpage or stuff like that, but you don't know the link the user opening the AppStore came from.
A possibility could be to not directly link the ad to the AppsStore, but link it via a private proxy that recognizes a user clicked on the link and if shortly after this time a user downloaded your app it may be a Facebook User that clicked the Ad
I figure you has read the SDK documentation.
If you go to Set up your app to measure mobile app install ads you can read that this information is stored in your App Dashboard.
In this link is explained clearly how the "app installs ads" works and how to manage this information.
Unfortunately isn't possible to export this information directly from your app to be sent to Flurry.
What you're talking about is attributing the source of installs for a mobile advertising campaign. In order to do this, you need to be able to determine that the person who installed the app was the same person that clicked on the relevant ad (on Facebook, or whatever other ad provider). In order to do this, you need an identifier that uniquely identifies the user--in the past this was the UDID, now it's moving towards the advertising identifier.
Many ad providers will calculate this figure for you if you report to them whenever a use installs the app for any reason, by comparing all the identifiers of the installs you send them with the identifiers of the users that clicked their ads.