Notifications Guide v1
Notifications
Version 1

Apple Privacy Manifest

Copy link

This guide is for the developers publishing Apps to the Apple Store where Sendbird SDK has been implemented. For any application published on Apple Store, Apple requires service providers to disclose an application's privacy practices and the Required Reason APIs, including those employed by its third-party partners. This policy aims to help users understand the data the app and its SDKs may collect and whether the data is used to track them​​.

In compliance with Apple's privacy policy, this page provides details on Sendbird’s positioning, and finally, to provide guidance on completing a privacy manifest for the different Sendbird products you may be using in your application.

For more information on Apple's privacy policy, see Apple's guide on privacy policy and privacy manifest. To learn about how Sendbird handles data privacy, see our Privacy Notice.


Introduction of Apple’s Announcement

Copy link

Apple requires developers to disclose their app's and third-party partners' privacy practices on the App Store, including data collection and tracking details. Recent updates have introduced tools like third-party SDK signatures and privacy manifests, aiding developers in accurately reporting privacy practices. Developers must identify all collected data, ensure up-to-date privacy responses, and understand data usage and linkage to user identities. Privacy policy links and user choice options are listed in the below content. With WWDC 2023's introduction of privacy manifests, developers can better represent app dependencies' privacy practices. Apps using Sendbird SDK may need to label collected data types to align with Apple's privacy rules. However, this does not cover customer data processed through services, subject to individual customer policies and contracts.

  • App Privacy Details on App Store

Apple requires developers to disclose their app's privacy practices, including those of third-party partners, on each app's product page. This helps users understand the data types the app collects and whether the data is linked to or used to track them​​.

  • New Updates for Privacy Labels

Apple introduced signatures for third-party SDKs and privacy manifests, making it easier for developers to provide accurate Privacy Nutrition Labels. More data type options are now available for these labels​​. As for the data labels collected by Sendbird SDKs, see the tables in the Data collection per product section.

  • Responsibility of Developers

Developers are responsible for identifying all data collected by their app or third-party partners. This data must be disclosed unless it meets specific criteria for optional disclosure. Developers are responsible for keeping their privacy responses accurate and up to date​​.

  • Data Use and Linkage to User

Developers must understand how each data type is used and whether it's linked to the user’s identity. Specific privacy protections should be in place to de-identify or anonymize data​​.

  • Tracking and Third-Party Data

Developers must understand if their app or third-party partners use data to track users and declare such data. "Tracking" refers to linking data collected from the app with third-party data for targeted advertising or sharing with a data broker​​.

  • Privacy Policy and User Choices

Apple advises developers to add links on their product page for their privacy policy and an optional link for users to manage their privacy choices​​.

  • Additional Guidance

Specific guidelines are provided for different scenarios, such as apps with web views, IP address collection, in-app messaging, and Apple frameworks​​.

  • Privacy Manifests

Introduced in WWDC(Worldwide Developers Conference) 2023, privacy manifest helps developers identify the privacy practices of their app's dependencies. They declare what data types are collected by SDKs, how they are used, and if they are linked to the user or used for tracking. This helps developers accurately represent privacy in their app​​.

These manifests, which can be created in Xcode, detail the data types collected, their usage, user linkage, and tracking status. Ensure the manifest aligns with your understanding of the SDK's functionality​​​​.

Xcode 15 can aggregate all privacy manifests in your app's project and generate a privacy report. This report is a valuable tool for reviewing and understanding the privacy practices of your app and its dependencies, aiding in accurate representation on the App Store​​.


Sendbird's Privacy Policy

Copy link

To ensure compliance with Apple's privacy policy, clearly label the data you collect in your app using the different Sendbird SDKs. This labeling should help your users understand what data is collected and why, aligning with Apple's privacy requirements. Ensure that this information is easily accessible and understandable in your app's privacy policy or relevant section.

There may be additional data or updates to the above items, so refer to the reference links at the bottom of this page. The single source of truth of the above data list is the Sendbird privacy notice.

Note: This Privacy Notice does not apply to any of the personal information we process on behalf of our customers through their use of our Services (“Customer Data”). Our customers’ respective privacy policies govern their collection and use of Customer Data. Our processing of Customer Data is governed by the contracts that we have in place with our customers, not this Privacy Notice. Any questions or requests relating to Customer Data should be directed to our customer.

Data collection per SDK

Copy link

Apple introduced signatures for third-party SDKs and privacy manifests, making it easier for developers to provide accurate Privacy Nutrition Labels.

The following table lists the type of data Sendbird SDKs may collect on your behalf and the label for each type. To accurately inform your users of the data collection, declare all the relevant data types in the PrivacyInfo.xprivacy file of your project.

To learn more, visit Apple's guide on how to declare each data type.

Chat and UIKit SDK

Copy link
Data typeLabelDescription

User ID

Identifiers

Contains the unique ID of a user.

Web socket session

Other usage data

Tracks web socket sessions for billing and session management in Chat SDK. An end user may not notice this data as it is used for SDK billing purposes only.

Text message

Emails or Text messages

Enables private messaging between users in Chat SDK and between a server and users in Chat SDK.

File message binary

Other user content

Supports file sharing in private messaging in Chat SDK.

Cached Channel, Message, Member List

Other user content

Local caching of messages, channels, and member lists for private messaging in Chat SDK.

Remote Notification ACK

Other diagnostic data

Provides the delivery analysis of remote push notifications in Chat SDK.

Remote Notification ACK

Product interaction

Provides the data on the delivery success ratio for remote push notifications from UIKit SDK. This data can be used by Sendbird Notifications.

Feedback of Bot Message

Other diagnostic data

For Generative AI, collects users' feedback of bot messages created by Generative AI.

CTR (Click Through Ratio)

Product interaction

Measures user interaction in UIKit SDK for Notification Center.

Photos or Videos

Photos or Videos

Allows users to attach photos or videos in messages using UIKit SDK.

Audio Data

Audio data

Enables attaching audio data in messages in UIKit SDK.

Voice Message

Audio data

Provides a voice messaging feature in UIKit SDK.

File attachments

Other user content

Supports various file types for messaging in UIKit SDK.

Note on Text messages and User content: When integrating Sendbird SDK into your application, it's crucial to properly manage the data types associated with text messages and user content. This includes the collection and processing of text messages, files, and multimedia. Under Apple's updated privacy policy, developers must clearly identify and declare Emails or Text Messages and User-Generated Content in their app's privacy labels. This ensures transparency with your users and compliance with App Store guidelines.

Calls and Live SDK, Live UIKit SDK

Copy link
Data typeLabelDescription

User ID

Identifiers

Contains the unique ID of a user.

Web socket session

Other Usage Data

Tracks web socket sessions for billing and session management in Chat SDK. An end user may not notice this data as it is used for SDK billing purposes only.

Audio streaming

User content

Delivers and receives audio streaming in Calls SDK and Live SDK.

Video streaming

User content

Delivers and receives audio streaming in Calls SDK and Live SDK.

Media streaming statistics

Other diagnostic data

Provides streaming quality data for Calls SDK and Live SDK.

Cloud recording

Other user content

Records voice and video streams on the server in Calls SDK and Live SDK.

Local recording

Other user content

Records voice and video streams on the device in Live SDK.

Remote notification ACK, VoIP push notification ACK

Other diagnostic data

Analyzes the delivery of push notifications in Calls SDK.

Desk SDK

Copy link
Data typeLabelDescription

User ID

Identifiers

Contains the unique ID of a user.

Web socket session

Other usage data

Tracks web socket sessions for billing and session management in Chat SDK. An end user may not notice this data as it is used for SDK billing purposes only.

Ticket

Customer support

Contains information related to tickets.


Act now

Copy link

As we embrace these pivotal changes in privacy standards, it's imperative for you, as developers, to take immediate action. Review your app's data collection and privacy practices in light of Apple's updated policies and the capabilities of the Sendbird SDK. Utilize the tools and guidelines provided, such as Xcode's privacy manifests, to ensure an accurate representation of your app's privacy practices in the App Store. Remember, transparency is key to building user trust and maintaining compliance. Update your app’s privacy details in App Store Connect as needed, and don't hesitate to seek additional guidance or clarification to align with these new standards. Your proactive steps today are crucial in shaping a more privacy-conscious app ecosystem for tomorrow.


Reference

Copy link