Question

Xcode 15's PrivacyInfo.xcprivacy/Privacy Manifest: What if developer uses anonymous app ids only?

  • 12 September 2023
  • 2 replies
  • 48 views

Badge +1

As Xcode 15/iOS 17 deployment is nearing, I have began looking at the new PrivacyInfo.xcprivacy / Privacy manifest stuff that will be mandated next year.

Having seen the latest commits in GitHub, I realise that NSPrivacyCollectedDataTypeLinked of PrivacyInfo.xcprivacy for NSPrivacyCollectedDataTypePurchaseHistory is set to true. (https://github.com/RevenueCat/purchases-ios/blob/7087218ed675e828fd1f97b5c25d4e1ef1609392/Sources/PrivacyInfo.xcprivacy#L21-L22)

However, if we look at https://www.revenuecat.com/docs/apple-app-privacy#2-purchase-history-linked-to-identity, the previous advice on this topic, when we need to fill the privacy labels for the App Store, Purchase History Linked to Identity does not apply to those using anonymous user ids only. 

In that case, provided that if a developer only made use of the anonymous user ids, wouldn’t the Privacy Manifest be somewhat inaccurate? (though, I have no idea on how one could avoid this, either.)


2 replies

Userlevel 3
Badge +8

The way that RevenueCat works is that we are only able to see the transaction history from the receipts that Apple sends us, we are unable to see any information regarding the user’s Apple account. So if you only use anonymous ids, then there will be nothing linking the user’s identity to their account. But if you were to use custom ids, you would need to map this custom id to some form of identification for the user in order to authorize their log in so you would then need to fill out the privacy labels.

Badge +5

What @Haley Pace points out is correct, and as you pointed out @Vincent that is inconsistent with our `PrivacyInfo.xcprivacy`. Thanks for letting us know!

I just went ahead and fixed it: https://github.com/RevenueCat/purchases-ios/pull/3242

Reply