Privacy preserving methods in the SDK

At a glance: Preserve the privacy of your users with one or more of the methods available through the AppsFlyer SDK.

 Note

The information presented in this article is intended solely to provide insight into the methods available to app developers for controlling the sharing of user-related data with app owners, ad networks, and social networks. This article does not include or constitute guidance on compliance with privacy regulations such as COPPA or GDPR or any specific privacy-preserving regulations.

The AppsFlyer SDK offers app owners several methods to protect user privacy and control data. In this article, we will explore these methods and assess how they impact user data and how to use them to preserve user privacy while still permitting attribution.

After considering which options you want to use, share the implementation information in our Dev Hub with your developers.

Let's discuss each method.

Use start and stop methods

The SDK sends installs and in-app events to AppsFlyer only after the start method is called. Any event preceding the start call will not be reported by the SDK. In a similar manner, if the start call is subsequently reversed by invoking the stop method, no events will be sent thereafter.

Impact on attribution

Attribution does not occur when:

  • the start method is not called.
  • the stop method is called to reverse a previous start.

Common use cases

Use case Description
Opt-in or opt-out on launch Call start after the user consents to share data on the first launch.
If the user does not consent to share data, don’t call
start at all.
Session opt-out In every app session, ask for consent and call or do not call start accordingly.
One-time opt-out (When a user opts-in and then decides to opt-out). Call stop to stop the SDK from sending further events.

Developer reference

Developer reference and documentation on how to use the start and stop methods see:

Prevent sharing data with networks

At the time of integration with an ad network or Self-Reporting Network (SRN), you can elect to share or not share user-level information with that partner. In the SDK, you can further filter data sharing with all or some partners according to end-user preferences by using the setSharingFilterForPartners method.

When you use this method, AppsFlyer will disable the sharing of user data with the excluded partner by any means, including postbacks, APIs, raw data reports, etc.

Impact on attribution

  • Installs from excluded ad networks (non-SRNs) are attributed in AppsFlyer, but the ad networks will not be notified in any form or manner.
  • Installs from excluded SRNs are not attributed, and their data is not shared with your integrated partners.

     Note

    AppsFlyer cannot attribute engagement data for any SRNs excluded from getting your data.

Developer reference

Developer reference and documentation on how to prevent sharing data with third parties see:

Anonymize user information

You can configure the SDK to instruct AppsFlyer to remove all user-identifying information by using the anonymizeUser method. In this case, the SDK sends install and in-app events to AppsFlyer, where all identifying information is then deleted or hashed:

  • Deleted: personal identifiers (GAID, IDFA, IDFV, and CUID)
  • Hashed: AppsFlyer ID and IP address

The following image shows an example row of raw data after anonymization (deletion and hashing).

Impact on Attribution

If you call anonymizeUser before calling start, no attribution will occur. All in-app events are counted as organic or disregarded completely depending on the reporting method.

 Tip

To attribute the install event, call the anonymizeUser function only after confirming that the SDK has sent the install event to AppsFlyer. This flow guarantees that any in-app events occurring after the install are sent without identifiers, and consequently, they are not attributed.

Developer reference

Developer reference and documentation on how to anonymize user information see:

Remove specific device identifiers

You can prevent the SDK from collecting and sending specific device identifiers to AppsFlyer. In contrast to using the anonymizeUser method, disabling specific identifiers lets you decide on the identifiers you want to keep.

The SDK API includes the following methods to disable identifiers.

Android identifiers

Method Identifiers disabled
setdisableadvertisingIdentifiers * Google Advertising ID (GAID)
* Open Anonymous Device Identifier (OAID)
* Amazon Advertising ID (AAID)
setcollectoaid Open Anonymous Device Identifier (OAID)

iOS identifiers

Method Identifier disabled
disableAdvertisingIdentifier IDFA (iOS 13 and below)
disableIDFVCollection IDFV

Developer reference

Developer reference and documentation on how to remove specific device identifiers see:

 Questions about AppsFlyer privacy?

The privacy relationship between you and AppsFlyer is governed by the AppsFlyer Statement on Data Processing. For questions relating to this statement or to contact our data protection officer, send an email to dpo@appsflyer.com.