Apple App Privacy details - App Store review

Apple is changing the information that is required when submitting new apps and app updates, starting December 8, 2020. Information about the app's privacy practices, integration, and data collection needs to be provided in App Store Connect.

Apple App privacy details on the App Store
Apple User Privacy and Data Use
Leanplum Privacy policy

According to Apple, Account Holders and Admins can enter their answers in App Store Connect. The answers can be edited without app update submit.
App Developers need to answer questions regarding:

141141 613613

You can choose what data to collect and how to use the data based on your implementation. Leanplum can be integrated in various ways, so the answers to the questionnaire may differ depending on your specific setup.

The below tables assume the default integration of the Leanplum platform. Some points can differ if our SDKs are used or not, or our API (incl. Batch uploads) is used and based on your integration. For example, if you are using Leanplum Location and Beacons SDK, in addition to the Leanplum iOS SDK, and track precise location.
If you are using Leanplum alongside other SDKs (CDP, Attribution, Crash reporting) you should also consider similar guidance on those SDK's side.

Data Collection

Data Type

Leanplum

Notes

Contact Info

  • Name
  • Email Address
  • Phone Number
  • Other User Contact Info

No, unless explicitly configured

If you use Email channel and gather email addresses, respond accordingly.

Health & Fitness

  • Health
  • Fitness

No, unless explicitly configured

Financial Info

  • Payment Info (such as form of payment, payment card number, or bank account number)
  • Credit Info
  • Other Financial Info

No, unless explicitly configured

Receipt validation does not persist and collect payment data.

Location

  • Precise Location
  • Coarse Location

Yes, if SDK is used or API with (detect) location.

Leanplum Start call detects IP location.
Precise Location can be tracked in Leanplum using additional configuration which is not enabled by default.

Sensitive info

  • Such as racial or ethnic data, sexual orientation, pregnancy or childbirth information, disability, religious or philosophical beliefs, political opinion and more.

No, unless explicitly configured

Contacts

  • Contacts
  • Address book
  • Social graph

No, unless explicitly configured

User Content

  • Emails or Text messages content
  • Photos or Videos
  • Audio Data
  • Gameplay Content (such as user-generated content in-game)
  • Customer support
  • Other User Content

No, unless explicitly configured

Browsing history

  • Content the user has viewed that is not part of the app, such as web sites.

No, unless explicitly configured

Search History

No, unless explicitly configured

Identifiers

  • User ID
  • Device ID

Yes, if SDK is used.

Leanplum iOS SDK uses IDFV by default.
Both device id and user id can use customer's defined identifiers.
If you send those using the Leanplum API, respond accordingly.

Purchases

  • An account's or individual's purchases or purchase tendencies

No, unless explicitly configured

If you use Leanplum purchase tracking, respond accordingly.

Usage Data

  • Product Interaction
  • Advertising Data
  • Other Usage Data

Yes, Product Interaction if SDK is used or you send such data using the API.

Leanplum iOS SDK gathers information about app launches.

Diagnostics

  • Crash Data
  • Performance Data
  • Other Diagnostic Data

Yes, Performance data.

Leanplum iOS SDK tracks Leanplum start time on 0.1% of starts.

Other Data

Yes

Device information (for example, OS, device type, device model, etc.) or network information (for example, IP address, HTTP user agent).

Data Usage

Indicate how the data collected from your app maps to your specific use.

13861386

Data Type

Apple Description

Leanplum

Third-Party Advertising

Such as displaying third-party ads in your app, or sharing data with entities who display third-party ads.

No, unless explicitly configured

Developer’s Advertising or Marketing

Such as displaying first-party ads in your app, sending marketing communications directly to your users, or sharing data with entities who will display your ads.

Yes, if used to send marketing communications directly to your users.

Analytics

Using data to evaluate user behavior, including to understand the effectiveness of existing product features, plan new features, or measure audience size or characteristics.

Yes

Product Personalization

Customizing what the user sees, such as a list of recommended products, posts, or suggestions

Yes, if used for personalization.

App Functionality

Such as to authenticate the user, enable features, prevent fraud, implement security measures, ensure server up-time, minimize app crashes, improve scalability and performance, or perform customer support

Yes, if used to enable features, authenticate the user or others.

Other Purposes

Any other purpose not listed

No, unless explicitly configured

Data linked to the user

Leanplum collected data is typically associated with an identifier such as Device Id or User Id (or both, if available). Consequently, when asked if the Data is linked to an identity, App developers should select Yes.
Note: “Personal Information” and “Personal Data”, as defined under relevant privacy laws, are considered linked to the user.

Tracking

Leanplum does not require tracking permissions and the use of IDFA.
Leanplum does not share any data with other developers’ apps.
Leanplum does not combine user data from your app with user data from other developers’ apps.