Privacy manifests for app vs for third party SDKs

Can someone please confirm in this case whether I need a privacy manifest in BOTH my app, and the third party SDK.

One of the Firebase SDKs we are using uses UserDefaults. As such we are now getting warning emails from Apple about using restricted APIs. Google have said that they will be releasing a privacy manifest that will get rid of this error. However, the app itself does, like most, use UserDefaults itself. With Firebase already declaring the usage of UserDefaults, is it necessary to then re-state it, in a privacy manifest for the app? Or is this simply the third party SDK provider's problem?

Thank you

Apple says you need to add it to both the app and the library.

But I think there must be a situation where that's not possible.

I tested it. Even if you don't add PrivacyManifest from the library, adding content to PrivacyManifest in the app will fix the problem.

Privacy manifests for app vs for third party SDKs
 
 
Q