Privacy manifests for app vs for third party SDKs

Can someone please confirm in this case whether I need a privacy manifest in BOTH my app, and the third party SDK.

One of the Firebase SDKs we are using uses UserDefaults. As such we are now getting warning emails from Apple about using restricted APIs. Google have said that they will be releasing a privacy manifest that will get rid of this error. However, the app itself does, like most, use UserDefaults itself. With Firebase already declaring the usage of UserDefaults, is it necessary to then re-state it, in a privacy manifest for the app? Or is this simply the third party SDK provider's problem?

Thank you

Up vote post of adamj2109 Down vote post of adamj2109
582 views
Posted by
adamj2109
Reply
Add a Comment

Replies

Apple says you need to add it to both the app and the library.

But I think there must be a situation where that's not possible.

I tested it. Even if you don't add PrivacyManifest from the library, adding content to PrivacyManifest in the app will fix the problem.

Posted by
kimjitae
Up vote reply of kimjitae Down vote reply of kimjitae

  • @kimjitae how did you test it? By submitting the build or is there any other way we can test it directly?

    Kartoos

  • From my understanding, we can put an external testflight version into review to check if we receive the warning mail from apple or not But even if we don’t receive a warning letter, it doesn’t mean we can pass the apple review after 5/1 right?

    bill86006

  • Where does it say it needs to be added to both? This seems to be the behavior I'm observing as well for an SPM that has it's own PrivacyInfo.xcprivacy -- https://github.com/bugsnag/bugsnag-cocoa -- I still get flagged for the API reasons unless I also declare them in my App.

    mike.carter.modmed
Add a Comment