At a glance
- The SDK does not track users across other companies’ apps or websites. We do not use IDFA / advertising IDs.
- All data collected is linked to the user (if you call
identify()) and used solely for app functionality and analytics within your AppDNA workspace. - Tracking domains: the SDK communicates with
api.appdna.ai(production) andapi-sandbox.appdna.ai(sandbox). - The SDK ships an Apple
PrivacyInfo.xcprivacymanifest declaring all required-reason API usage and data types collected. Customers do not need to add anything for the SDK in their own manifest beyond declaring the same data types in their own app’s privacy disclosures (since the data is collected on the customer’s behalf).
App Store — App Privacy questionnaire
When you fill out App Privacy in App Store Connect for an app that uses the AppDNA SDK, declare the following data types as collected and linked to the user, and not used for tracking.| Data type (Apple category) | Examples in AppDNA | Linked to user | Used for tracking | Purposes |
|---|---|---|---|---|
| Device ID | idfv (vendor ID) | Yes | No | Analytics, App Functionality |
| User ID | user_id you pass to AppDNA.identify() | Yes | No | Analytics, App Functionality, Product Personalization |
| Product Interaction | events you call AppDNA.track() with (screens, buttons, flow steps) | Yes | No | Analytics, App Functionality, Product Personalization |
| Performance Data | event timing, SDK init latency, error counts | Yes | No | Analytics, App Functionality |
| Other Diagnostic Data | SDK self-error events, network failure tags | Yes | No | Analytics, App Functionality |
| Coarse Location | country code derived from Locale.current (no GPS, no IP geolocation) | Yes | No | Analytics, App Functionality, Product Personalization |
| Purchase History | purchase_completed, subscription_started, restore_completed events; product_id, price, currency | Yes | No | Analytics, App Functionality |
| Other User Content | answers to onboarding questions / surveys / form inputs that you configure in the AppDNA Console | Yes | No | App Functionality, Product Personalization |
What the SDK does not collect
- No advertising identifiers (IDFA / GAID). The SDK does not call
ASIdentifierManageror read the Android advertising ID. - No precise location (no GPS, no Core Location). Country derives from device locale only.
- No contacts, photos, audio, video, files, calendar, health, fitness, or financial info.
- No browsing or search history.
- No biometric data.
- No raw device sensor data.
- No raw payment-card or banking data. Purchase events contain product IDs and prices the user paid; never card numbers.
Play Store — Data Safety disclosures
For Play Console Data safety, declare the SDK’s data collection as follows. All items: collected, shared = no (AppDNA does not share customer data with other companies), encryption in transit = yes, users can request data deletion = yes (via your app’s account-deletion flow plus AppDNA’s data-deletion API).| Data type (Google category) | Subcategory |
|---|---|
| App activity | App interactions |
| App activity | In-app search history (only if you track search events) |
| App activity | Other actions (form inputs, survey responses) |
| App info and performance | Crash logs (only if your app forwards crashes) — AppDNA SDK does not collect crashes by default |
| App info and performance | Diagnostics |
| App info and performance | Other app performance data |
| Device or other IDs | Device or other IDs (Android Vendor ID equivalent / install-scoped fingerprint) |
| Personal info | User IDs (the ID you pass to AppDNA.identify()) |
| Location | Approximate location (country code only, derived from locale; not GPS) |
| Financial info | Purchase history |
What the SDK does not collect on Android
- No Advertising ID (the SDK does not use Google AdID).
- No precise location, no contacts, no SMS, no calendar, no photos / videos / files, no health/fitness, no audio, no body sensors, no installed apps.
iOS — Required Reason APIs
The SDK declares the following Apple Required Reason API usages in itsPrivacyInfo.xcprivacy:
| API category | Reason code | Why we use it |
|---|---|---|
NSPrivacyAccessedAPICategoryUserDefaults | CA92.1 | Store SDK state (anonymous ID, last config refresh time, sandbox flag) in app’s own UserDefaults bucket. |
NSPrivacyAccessedAPICategoryFileTimestamp | C617.1 | Manage event-store cache files inside the app’s container (event queue persistence). |
Required Reason APIs the SDK does not use
NSPrivacyAccessedAPICategoryDiskSpace— not used.NSPrivacyAccessedAPICategorySystemBootTime— not used (we useDate()for timestamps, notmach_absolute_timeorsystemUptime).NSPrivacyAccessedAPICategoryActiveKeyboards— not used.
App Tracking Transparency (ATT)
The AppDNA SDK does not require an ATT prompt. We do not use IDFA, do not link our analytics to data from other companies, and do not enable cross-app/web tracking. You do not need to callATTrackingManager.requestTrackingAuthorization on behalf of AppDNA.
If your app calls ATT for other purposes (Meta SDK, advertising attribution, etc.), AppDNA’s behavior does not change based on the ATT response.
Data residency, encryption, and deletion
- Encryption in transit: All SDK ↔ server traffic uses HTTPS / TLS 1.2+.
- Encryption at rest: Backend stores customer data in encrypted GCP Cloud SQL + BigQuery datasets.
- Data residency: US (us-east1) for current Cloud Run deployment; per-region deployment available for Enterprise plans.
- Data deletion: Users can request deletion of their data via AppDNA’s data-deletion API (or your own account-deletion flow that calls our deletion endpoint). See Data Deletion API.
- Retention: Default 24 months for raw events, then automatically deleted. Configurable per-tenant.
What the SDK transmits to AppDNA servers
| Endpoint | Payload includes | Purpose |
|---|---|---|
POST /api/v1/sdk/track (batched) | event name, properties, device fields, timestamp, session ID, experiment exposures | Analytics ingestion |
POST /api/v1/sdk/identify | user_id, traits | User identification + alias |
GET /api/v1/sdk/config | (response only — sends nothing customer-specific) | Fetch experiment + feature-flag + paywall + onboarding config |
POST /api/v1/billing/verify | StoreKit / Play Billing receipt blob, transaction_id, product_id | Server-side receipt validation |
POST /api/v1/feedback/responses | survey response (answers as configured by you in console), survey_id, completion timestamp | Survey storage |
POST /api/v1/sdk/push/delivered | push_id, delivery timestamp, foreground state | Push delivery analytics |
POST /api/v1/sdk/geocode/autocomplete | location query string (only when user types in a console-configured location field) | Location autocomplete for onboarding location inputs |
What the SDK does not do
- Open arbitrary URLs from remote config (no embedded WebViews loading remote-controlled URLs by default).
- Execute arbitrary code from remote config (configuration is parsed as data only — no
eval, noJavaScriptCore, noRuntime.exec, no reflection-driven instantiation of remote class names). - Read pasteboard / clipboard except for the deferred-deep-link handoff at app launch (where it reads a single visitor-ID string written by your web page before the App Store redirect, and immediately clears the pasteboard).
Verifying SDK data collection in your app
You can verify exactly what the SDK transmits in your environment:- Set
AppDNAOptions.logLevel = .debug. Every outbound request is logged with the body it sends. - Open the AppDNA Console → Settings → Live event stream to see events as they arrive.
- Run your app under a network proxy (Charles, Proxyman) to confirm only the endpoints listed above are called.
Customer obligations
You are the data controller for your end users (under GDPR / CCPA / etc.). AppDNA acts as a data processor under your Commercial Agreement. Your obligations include:- Disclosing the data types above in your app’s privacy policy.
- Obtaining consent where required (EU GDPR, CCPA opt-out, etc.).
- Honoring user data deletion requests via AppDNA’s deletion API.
- Filing the App Store and Play Store privacy disclosures using the tables above.
Questions
- General privacy questions: privacy@appdna.ai
- DPA / GDPR / CCPA contracts: legal@appdna.ai
- Data deletion requests on behalf of your users: privacy@appdna.ai
Last updated: 5 May 2026. We will revise this page when SDK data collection changes; subscribe to the changelog for notifications.