Looking into the RC Privacy Policy, I found the following snippet:
If you are using our products or services as a developer, the following information regarding your end users may be received and processed by us:
- “End User Technical Information”: This refers to technical information related to an end user’s mobile device or computer, such as: device type, operating system,
- “End User Transaction Information”: This refers to transaction information related to an end user’s activities with respect to your app or other digital product, and may include:
- Last seen time that the end user used your app or digital product;
- Apple receipt file; and
- Google purchase token,
- “Optional End User Information”: This refers to information that we may receive if you select or enable this option in our products, which may include:
- User ID of the end user in your app or digital product; and
- Additional attribution or metadata associated with an end user.
End User Technical Information, End User Transaction Information, and Optional End User Information are collectively referred to as “End User Information”.
Firstly, is it safe to conclude that, if I don’t opt to store any optional user metadata with RevenueCat, or use any third-party integrations, and I only use the Anonymous IDs generated by RC, then only
- Basic info that only identifies the End User’s device make/model,
- the last time the End User opened the app, and
- either the End User’s Apple receipt file for the Apple App Store, or Google purchase token for Google Play
will be stored on RevenueCat servers?
Secondly, could someone elaborate on how personal in nature this data would be? For instance, by linking an app user to their Apple / Google account’s purchase history, does this in any way make the account / user themselves identifiable? e.g. could one determine the email address for the account that this is the purchase history of? Or is it more like the purchase history is identified by some anonymized ID, and RC receives this same ID from the user upon calling syncPurchases or restorePurchases, and sees if that ID is already stored on RC servers for that app? That is, does this only store a reference to the user’s purchases with that account? Or does it effectively store a reference to the user’s account in general?
Also, should the stored data effectively be the same regardless of how a user is added? I am both migrating paid users with the Get / Create User and Grant Entitlement endpoints, and using a paywall to incorporate new users. Would both methods store the same purchase history token?
Basically, I want to be transparent with users on what exactly is being stored on RC’s servers, to justify to users why we’re using RC. I tried to look into what exactly an Apple Receipt File and Google Purchase Token are, but I can’t find any good info from Apple or Google. This is probably a dumb question, but I just want to make sure I understand.
I did find the sections for Google Play's Data Safety and Apple's App Privacy helpful, and it seems like purchase history truly just means purchase history, for both Google and Apple. I guess I just wanted some reassurance before I make a legal misstep, and to make sure I otherwise have the full picture.
Thanks in advance, and sorry for the wall of text!
