Privacy Manifest for main app that incorporates SDKs via CocoaPods and SPM

Privacy & Security General
cristianb OP
Created Aug ’23
Replies 6
Boosts 0
Views 2.2k
Participants 8

Hey! Reading through the documentation about Privacy Manifest I got a bit confused about the requirement about having Privacy Manifest files for both the 'main' app and for SDKs from inside the 'main' app (that uses the SDKs).

Let's say I have the following scenario: MyApp includes SDKs via CocoaPods and SPM. The SDKs that I include in MyApp are using 'Required Reason APIs' and let's say that they do collect some data about the user or the device.

Let's also assume that 'MyApp' also uses the same 'Required Reason APIs' (or more of them) as in the SDKs and also that MyApp collects data about the user/device.

For this case: do I need to have a Privacy Manifest for both MyApp and each of the SDKs or is it enough to have just a 'main' Privacy Manifest file declared directly in MyApp's files?

Replies  6
Boosts  0
Views  2.2k
Participants  8
LCTech OP
Dec ’23

hi, did you by any chance get any information on this?

0
cristianb OP
Dec ’23

Hi! Unfortunately nothing :( I am still waiting for any guidance in this direction. My guess is that we'll have to do some trial and error (ie try to create and submit builds with SDKs that do/don't have privacy manifests and see what happens - if we get some warnings or other guidance from Apple when the build is submitted)

0
KrisGKng OP
Jan ’24

the SDKs need to embed their own PrivacyManifest.xcprivacy, as does your app. When the PrivacyReport is generated from the app Archive, it will scan all embedded PrivacyManifest.xcprivacy's to generate its report.

0
masterfly OP
Feb ’24

The SDK only needs to care about its own core code, not child dependencies,same to project! There has a plugin cocoapods-privacy(https://github.com/ymoyao/cocoapods-privacy) that can auto create and manager privacy api, If useful, you can give a small star~

0
nikita_chess OP
Mar ’24

What if the SDK is deprecated and won't be adding its own PrivacyManifest.xcprivacy? Guess we just have to fork our own version and add it ourselves?

0
Asher-Guo OP
Mar ’24

Actually, I am more concerned about it, such as the SDK missing privacy manifest , but should I add the necessary API declaration in the privacy manifest in my main project to fix it ??

0
Privacy Manifest for main app that incorporates SDKs via CocoaPods and SPM
First post date Last post date
 
 
Q