iOS SDK - Privacy manifest FAQ

Follow
Avatar
Product Team
Updated

Apple Privacy Manifest

Comply with Apple's privacy requirements by including a privacy manifest file that documents data collection practices and API usage in your app and third-party SDKs.

Required Since May 1, 2024: All new apps and app updates submitted to the App Store must include privacy manifest files for any third-party SDKs that use required reason APIs. Apps without proper privacy manifests will be rejected during App Store review.

Overview

What Is a Privacy Manifest

A privacy manifest is a property list file named PrivacyInfo.xcprivacy that documents the types of data collected by your app or third-party SDKs, along with the required reason APIs used.

Key Components:

  • Data Types Collected: Categories of user data accessed or stored
  • Required Reason APIs: Specific APIs that require usage justification
  • Tracking Disclosure: Whether data is used for tracking purposes
  • Data Linking: How collected data is linked to user identities

Distribution Process:

When you prepare your app for distribution, Xcode automatically combines all privacy manifests from your app and third-party SDKs into a single Privacy Report, which feeds into your App Store Privacy Nutrition Label.

Singular SDK Privacy Manifest

Included in SDK

The Singular SDK includes a PrivacyInfo.xcprivacy file that declares all data collection practices and API usage required by Apple.

Automatic Compliance: When you integrate the Singular SDK, its privacy manifest is automatically included in your app bundle and merged into your Privacy Report by Xcode. No additional configuration is required.

Required Reason APIs Used

The Singular SDK uses the following required reason APIs as documented in its privacy manifest:

1. UserDefaults API

  • API Category: NSPrivacyAccessedAPICategoryUserDefaults
  • Reason Code: CA92.1
  • Purpose: Reading and writing app-specific configuration and state information

2. File Timestamp APIs

  • API Category: NSPrivacyAccessedAPICategoryFileTimestamp
  • Reason Code: C617.1
  • Purpose: Accessing file creation and modification dates

App-Level Requirements

Create Your App Privacy Manifest

Your app must include its own PrivacyInfo.xcprivacy file to document data collection and API usage by your app code.

Implementation Steps:

  1. Create File: In Xcode, add a new Property List file named PrivacyInfo.xcprivacy to your app target
  2. Document APIs: Declare all required reason APIs your app uses with appropriate reason codes
  3. List Data Types: Document all data collection categories your app performs
  4. Review Report: Verify the combined Privacy Report in Xcode includes both app and SDK manifests

Important: Review your app's code to identify all required reason APIs you use. Failure to declare API usage will result in App Store rejection. See Apple's Required Reason API documentation for the complete list of APIs requiring declaration.

Verify Privacy Report

Before submitting to the App Store, generate and review your app's Privacy Report to ensure all manifests are properly combined.

Verification Process:

  1. Archive App: In Xcode, select Product → Archive
  2. Generate Report: Click "Distribute App" and select "App Store Connect"
  3. Review Contents: Xcode generates a Privacy Report showing all combined manifests
  4. Validate Completeness: Confirm Singular SDK entries and your app's declarations are present

Additional Resources