With the introduction of the new version iOS 14.5, the use of the "AppTrackingTransparency framework" is mandatory for apps that collect and process user data, for example, in a personalised and cross-app manner.
In such a case, the provider is obliged to display a pop-up to all customers before the start of the app (and thus the collection of any data) that enables consent or rejection.
Some Examples for the mandatory integrations are:
- Displaying targeted advertisements in your app based on user data collected from apps and websites owned by other companies.
- Sharing device location data or email lists with a data broker.
- Sharing a list of emails, advertising IDs, or other IDs with a third-party advertising network that uses that information to retarget those users in other developers’ apps or to find similar users.
- Placing a third-party SDK in your app that combines user data from your app with user data from other developers’ apps to target advertising or measure advertising efficiency, even if you don’t use the SDK for these purposes. For example, using an analytics SDK that repurposes the data it collects from your app to enable targeted advertising in other developers’ apps.
These examples are just a few from the official announcement from Apple and do not cover all potential scenarios.
How do I activate this feature?
In Purple DS Manager, please go to the section Consent/Push/Analytics.
In the first entry "Privacy", settings for your iOS app can be made.
Below you will find an explanation of the individual settings:
- Activation of the privacy dialogue during the app start.
This option activates the pop-up
Enable display of HMTL info page before privacy dialogue
This setting makes it possible to display an info page before the selection dialogue, in which the effects of a "Yes or No" can be explained in more detail.
Configure path to HTML info page in dynamic resources
The info page is controlled via the dynamic contents. In this section you define the path to the info page.
A sample page can be downloaded here
In the last step, you select the third-party SDKs that fall under the specifications of Apples Transparency Framework.
You must rebuild the app once before the changes can be submitted to Apple.
How do I change the text of the pop-up?
You can change the text of the pop-up, like all other app text modules, using the textkeys.xls file.
To do this, go to the Translation section in Purple DS Manager, download textkeys.xls and edit the following parameters:
Pop up title
Default value: Hint
Body text of the pop-up
Default value: You have not consented to the use of your data. By allowing tracking, your data can be used for tracking services and third-party providers. If you want to allow it, you can do that in the app settings.
Default value: Allow tracking
Default value: Cancel
Once you have customised the texts, the textkeys.xls must be uploaded to the Translation section and the app rebuilt.
When do I have to activate the feature?
Let's take a look at two examples so that the use of the framework becomes clearer.
Case 1 - Display of the pop-up not required
A customer maintains a Purple DS app and has integrated Google Firebase as a tracking service to record download figures and send cloud messages. The client would like to submit with the latest Purple DS template to ensure system stability and to be able to use new features.
The AppTrackingTransparency framework is integrated as a fixed component in Purple Apps, and the pop-up is controlled via the Purple DS Manager.
However, since the customer records the data anonymously and has communicated this to Apple in the privacy setting in Appstore Connect, it is not necessary for the Firebase SDK to display a pop-up for the time being.
The feature therefore does not need to be activated in the Consent area of the Purple DS Manager.
Case 2 - Display of the pop-up required
Let us now assume that the customer from case 1 now wants to connect Google Analytics for a further evaluation in order to carry out a more precise evaluation of tracking data.
Google has published a list under which conditions the display of the dialogue is required.
In case 2, the setup now changes completely, because on Google's official page it says for the cloud messaging feature:
"When used with Google Analytics, Google Analytics will automatically log some FCM-related conversion events. Attribution for these events requires IDFA access."
Thus, activation of the Privacy Dialogue is therefore required.
The customer must activate setting 01 here and can decide whether the information page should be displayed optionally with item 02. In the last step, the SDK concerned must be selected. In this case Firebase.
After rebuilding the app, the necessary settings are now implemented.
The two cases are based on experience from dialogue with Apple and are no guarantee for a successful submit. Due to the complexity of the policy, some apps were rejected, depending on the review team. Other apps were approved without complaint.
The review of each SDK you use should be carefully checked for applicability by you.