Apple App Privacy
This guide helps you fill out the App Privacy section in App Store Connect.
When submitting your app to the App Store, you must accurately disclose the data types collected by your app and any third-party SDKs integrated within it. For more information, see Apple's App Privacy Details.
Why App Privacy Disclosure is Required
Apple requires all apps submitted to the App Store to disclose their data collection and usage practices. This information is displayed on the app’s product page as App Privacy details (often referred to as privacy nutrition labels), allowing users to understand what data an app collects before downloading it.
When integrating an SDK, you are responsible for disclosing any data types collected by the SDKs included in your app. The specific data collected depends on which optional modules are integrated and how they are configured.
For a complete list of available modules, see iOS SDK - Optional Module Versions.
CredoAppMaid Module
The CredoAppMaid module collects the Identifier for Advertisers (IDFA) to enhance fraud prevention capabilities. This module uses the advertising identifier to uniquely identify devices and detect fraudulent patterns.
Data Types Collected
When using the CredoAppMaid module, you must declare the following data types in App Store Connect:
| Category | Data Type | Description |
|---|---|---|
| Identifiers | Device ID | A unique identifier for the device (IDFA) used to identify the device for fraud prevention purposes. |
| Usage Data | Advertising Data | Data about the advertising identifier associated with the device. |
Data Use
For both data types, select the following purpose:
| Purpose | Description |
|---|---|
| App Functionality | Such as to authenticate the user, enable features, prevent fraud, implement security measures, ensure server up-time, minimize app crashes, improve scalability and performance, or perform customer support |
Data Linking and Tracking
| Question | Answer |
|---|---|
| Is this data linked to the user's identity? | No |
| Do you or your third-party partners use advertising data for tracking purposes? | No |
FAQ
Is user consent required for IDFA?
Yes. When using the CredoAppMaid module, you must request user permission via App Tracking Transparency (ATT) to access the IDFA. Include the NSUserTrackingUsageDescription key in your app's Info.plist with a description explaining why access is needed.
Does Credolab share this data with third parties?
Credolab processes this data internally for fraud prevention purposes. The data is not shared with third parties for advertising or marketing purposes.
Related Resources
Updated 1 day ago