At a glance: Configure your user identifier policy to exercise account-level control over the data Audiences shares with partners.
About
Once you have defined an audience, AppsFlyer Audiences sends identifiers for the members of that audience to your selected advertising partners. This enables them to serve your ads only to these users.
In order to enable compliance with the privacy requirements of iOS 14.5 and other user privacy considerations, Audiences allows you full control to determine which identifiers are shared with partners:
- at the account level
- at the partner-connection level
This article explains the process for managing your user identifier policy at the account level. For more information about managing the identifiers shared at the partner-connection level, see the Manage connections section of the Audiences guide.
User identifiers
This section describes the identifiers that can be shared with partners.
Shared identifiers
By default, Audiences shares the following identifiers with partners:
- iOS: IDFA (on iOS 14.5 and above, available only if a user permits sharing this identifier)
- Android: GAID
Some advertising partners also support the following identifiers:
- Email (hashed)
- Phone number (hashed)
- OAID and IMEI (both relevant only for non-Google Play Android stores)
Certain other additional identifiers can be useful for your internal processes (such as CRM or analytics):
- CUID
- IDFV (relevant only for iOS)
For additional information (including requirements for using specific identifiers in AppsFlyer), see the identifiers table below.
Identifiers table
Identifier | OS | Shared by default? |
Requirements for use/ |
---|---|---|---|
IDFA | iOS | See note (right) |
By default, only shared for users with ATT status: authorized or not determined |
GAID | Android | Y | None |
OAID | Android (non-Google Play) |
N | Must be configured in the AppsFlyer SDK |
IMEI | Android (non-Google Play) |
N | Must be configured in the AppsFlyer SDK |
CUID | iOS Android |
N |
|
IDFV | iOS | N |
|
Email (hashed) | iOS Android |
N |
|
Phone number (hashed) | iOS Android |
N |
Setting account-level user identifier policy
User identifier policy can only be set by an admin user.
To set or modify your policy, follow these steps:
- In AppsFlyer, from the side menu, select Engage > Audiences.
- Click the settings (gear) icon in the top right corner.
-
In the User identifier policy window, select the settings that comply with your organization's privacy policies.
- If you elect to allow sharing of identifiers other than IDFA, GAID, OAID, and IMEI, you must first review and accept the Additional Identifiers Terms of Use.
- If you elect to disallow identifier(s) that are uploaded by existing partner connections, you will be asked to confirm that you wish to stop uploading these identifiers.
- Click Save.
Changes to your IDFA policy will take effect starting with Apple's release of iOS 14.5. All other changes to your user identifier policy will take effect starting with the next upload to partners.
Privacy regulations
This section describes privacy regulations that affect how user identifiers can be shared.
iOS
Starting with version 14.5, iOS requires that every app offer the user an option to allow/disallow sharing of their IDFA device identifier for advertising purposes (App Tracking Transparency). Whether or not a user has seen and responded to this option (the "ATT consent dialog") determines a user's ATT status.
Audiences policy options for sharing identifiers in iOS are based on a user's most recent ATT status. Your sharing options are as follows:
User policy option | Corresponding ATT status |
---|---|
Never upload |
This identifier is not uploaded to partners |
ATT status: authorized only |
The identifier is uploaded if the most recent ATT status is authorized or af_authorized |
ATT status: authorized or not determined |
The identifier is uploaded if the most recent ATT status is authorized, af_authorized, not_determined, or af_unavailable |
Always upload |
The identifier is uploaded independent of ATT status. Ensure compliance with your app’s terms of use. |
Note: Audiences treats a new user's ATT status as not determined until they have seen and responded to the ATT consent dialog.
For detailed ATT status definitions, see:
- Apple ATT status definitions
- AppsFlyer ATT status definitions (af_authorized, af_unavailable)
Additionally, all users from the European Economic Area (EEA) are subject to Google's enforcement of the Digital Markets Act (DMA).
Android
Android users from the European Economic Area (EEA) are subject to Google's enforcement of the Digital Markets Act (DMA).
EU Digital Markets Act
As part of Google’s enforcement of the Digital Markets Act (DMA) on March 6, 2024, Google is updating its EU user consent policy. As a Google App Attribution Partner, AppsFlyer is making the necessary changes to support their policy requirements, while ensuring that advertisers maximize the value from their Google Ads marketing channels. Learn more
This is how the changes will affect Audiences:
-
New AppsFlyer SDK
The latest AppsFlyer SDK will collect user consent from app owners for the European Economic Area (EEA) so their data can be shared with Google. For audiences created in AppsFlyer (such as Custom and Suggested audiences) consent information collected from the SDK will automatically be shared with Audiences, and then with Google. Once you’ve updated to the latest SDK, this process will happen automatically. -
Audiences connected to Google
- Consent granted - AppsFlyer will send the devices of EEA users who have granted consent to share their information with Google.
- Consent denied - AppsFlyer will not send the devices of EEA users who have denied consent to share their information with Google.
-
Consent unknown - AppsFlyer will send the devices of EEA users who have neither granted nor denied consent as “Unspecified”. Google will not likely accept them for inclusion in the audience on their side.
For more details, see Google’s FAQ.
-
Existing Audiences
All devices that were already part of an audience within Google before March 6, 2024 will not be impacted and will continue to be part of the audience. Only new Audiences or new EEA devices added to an existing audience will be uploaded to Google with consent. -
Audience upload size
The audience estimated and actual upload sizes may be affected depending on the number of users granting or denying consent. -
Importing audiences
- Import standard audience - AppsFlyer will add the consent data it collects from the AppsFlyer SDK, and will remove unconsented or unspecified devices from the audience before sending it to Google.
- Import “as is” audience - When importing an “as is” audience via CSV or API, two additional consent fields will need to be added. These fields are:
AppsFlyer field (1) | Google field (2) | Values | Field explained |
---|---|---|---|
ad_personalization_enabled | ad_personalization | true/false | Did the user give Google consent to use their data for personalized advertising? |
ad_user_data_enabled | ad_user_data | true/false | Did the user give consent to send their user data to Google? |
If the consent fields are not filled in with values, they will be sent to Google as “Unspecified”.
Note
Google’s enforcement of the Digital Markets Act (DMA) applies to both Android and iOS platforms.