`Branch.setTrackingDisabled` vs Privacy Manifest

Question

`Branch.setTrackingDisabled` vs Privacy Manifest

Closed this issue 4 months ago · 8 comments

Describe the bug

I updated the Branch SDK to version 3.0.0. Within the project we use Branch.setTrackingDisabled(true) method to disable tracking. However, when archiving the app and then generating a privacy report it says that the app is using:

Device ID for Third-Party Advertising, Developer's Advertising or Marketing and Analytics with Tracking set to YES.

If I understand correctly how setTrackingDisabled method works, this is not true, and so Tracking should be set to NO in a privacy report document.

Can this be somehow achieved, given that the privacy report is generated based on plist files? I'm afraid that this may negatively impact the App Store review process for apps that currently don't track users and have tracking disabled set to true.

Steps to reproduce

Update Branch SDK to version 3.0.0
Use Branch.setTrackingDisabled(true) within your project
Archive & export privacy report.

Expected behavior

Tracking should be set to NO.

SDK Version

3.0.0

Xcode Version

15.0

Device

iPhone 15

OS

iOS 17

Additional Information/Context

No response

Answer 1 · 2023-11-20T19:00:06.000Z

@lpikorhcp
Thanks for pointing this out. Our privacy manifest is not dynamically generated, so the list of collected data is based on apps that do opt into ads measurement and linking. For those only using linking, there are a lot of items that would never be collected. I'm gonna open a ticket to research what can be done about this.

In the short term, you may be able to workaround the issue by manually editing our privacy manifest to match the way you're using it. It's defined in our PrivacyInfo.xcprivacy.

Answer 2 · 2023-11-21T11:50:45.000Z

Thank you @echo-branch for taking a look at this. While editing PrivacyInfo.xcprivacy sounds interesting, for now I'll leave it as a last resort - our release process is automated and Branch SDK is not committed into our repo, so editing plist file would have to be scripted.

Answer 3 · 2024-01-21T00:07:29.000Z

This issue has been automatically marked as stale due to inactivity for 60 days. If this issue is still relevant, please respond with any updates or this issue will be closed in 7 days. If you believe this is a mistake, please comment to let us know. Thank you for your contributions.

Answer 4 · 2024-01-26T10:54:54.000Z

This issue is still valid.

Answer 5 · 2024-02-27T18:13:27.000Z

Hi, yes facing this issue as well. We only use the SDK for deeplinking and so the Privacy Manifest is not relevant for us. Currently this SDK is the only reason our app would require this label. Is it better for the default manifest to not include these and then developers can add it to their own manifests as needed? With something in the documentation to alert developers that they need to do it. Many thanks

@lpikorhcp Not sure what your set up is but have you tried a cocoapods-patch
https://github.com/doublesymmetry/cocoapods-patch

Answer 6 · 2024-03-05T13:52:56.000Z

Hi @LydGol90, nope, I'm using Branch via SPM. Thanks for the info about cocoapods-patch though, it may be helpful!

Answer 7 · 2024-05-05T00:07:15.000Z

This issue has been automatically marked as stale due to inactivity for 60 days. If this issue is still relevant, please respond with any updates or this issue will be closed in 7 days. If you believe this is a mistake, please comment to let us know. Thank you for your contributions.

Answer 8 · 2024-05-12T00:07:36.000Z

This issue has been closed due to inactivity. If this issue is still relevant, please reopen it or create a new one. Thank you for your contributions.