We respect the privacy of our partners, customers and their end users, and believe in enabling them to make informed choices about the use of their personal data, including by explaining our practices and providing appropriate ways to exercise their privacy rights. Below we describe how and for which purposes we may use the data provided to us by our partners and customers (including of their end users), where and how we store such data, with whom we may share it, and the choices we have available to them regarding access to, correction or deletion of their personal data that may be held with us.
In this policy we also describe how you may contact us, our data protection officer or our representative in the EU, should you have any questions or concerns regarding our privacy practices.
AppsFlyer’s Services enable advertisers and developers (our “Customers”) to attribute and track the performance of their advertising campaigns and applications, including their effectiveness, usage, installations and downloads. Our Services also enable our Customers to analyze data regarding their campaigns, applications and their prospective and actual end-users (“End users”), including additional data received from AppsFlyer’s business partners (“Partners”), as further described below.
AppsFlyer has no direct relationship with its Customers’ End Users, or with any other individuals whose personal data we may process on our Customers’ behalf. Our Services may be used by our Customers to collect and analyze such personal data, and accordingly, we process such data under the direction of our Customers.
Customer and Partner Data
In order to receive the AppsFlyer Services, or to integrate and partner with AppsFlyer, Customers and Partners will be required to register and provide us with certain data, including personal data such as their email address, first and last name, and their company’s name and website, as well as technical data referring to their usage of our Services, their internet connection, device, systems and software used to access and use our Services.
It is each Customer’s and Partner’s voluntary decision whether to provide us with any such personal data, but refusal to provide any required data may result in us not being able to register the Customer or Partner and enable them to receive or integrate with our Services.
End Users Data received from our Customers
AppsFlyer’s Customers use our Services to track and analyze the characteristics and activities of the End Users, and for such purpose upload to AppsFlyer’s platform and servers certain data regarding their End Users. Such data is provided to AppsFlyer by the Customer, by the Customer’s integration and implementation of AppsFlyer’s SDK and APIs into the Customer’s own application or services (that are being used by the End Users). The data we receive from Customers refers to downloads, impressions, clicks and installations of their mobile applications, mobile device use and data regarding in-app events.
Our Customers may use our services to collect and analyze the data parameters, (i) unique identifiers and technical data, such as IP address, User agent, IDFA (Identifier For Advertisers) or Android ID (in Android devices); (ii) technical data regarding the End User’s operating system, device attributes and settings, applications, advertising opt-out signals, Google Advertiser ID, in-app events, device motion parameters and carrier.
Any other data should not be provided to AppsFlyer, unless specifically agreed in writing by us and in accordance with applicable law.
Once such data parameters are uploaded by our Customers to the Services, they enable us to provide the Services to our Customers and enable the Customers to analyze their campaigns and performance, as well as their End Users’ habits and characteristics.
End User Data received from our Partners
On certain instances, our Customers may choose to use our Services to integrate and connect with AppsFlyer’s third party Partners, or may, to the extent available, otherwise choose to customize or enable certain optional features on our Services, for the analysis of the data collected in connection with the Customers’ campaigns or applications (such as data segmentation, install attribution, audience-building, re-targeting, creating or supplementing End User or inventory profiles, creating, supplementing or amending interest categories, or syndication or other distribution to third parties).
In order to process such data via our Services, our Customers have to actively set parameters that allow for such customization, integration or measurement. Specifically, we permit our Customers and Partners to upload the data parameters, specified here.
Similar to the provision of the services, AppsFlyer is acting as a third party processor on behalf of our Customers/ Partners and process such data only on their behalf.
Customers Opt Out Provision
In some cases, our customer might want to shut down all SDK tracking due to legal and privacy compliance (Such as: User didn’t provided the consent). This can be achieved with the isStopTracking API. Once this API is invoked, our SDK will no longer communicate with our servers.
End User Opt Out Self-Service Provision
If you are an End User, you can also opt-out of AppsFlyer Analytics tracking by yourself by emailing us at firstname.lastname@example.org or by completing the form here. If you no longer wish to be contacted by one of our Customers that uses our Services, please contact the Customer that you interact with directly.
The opt-out is specific to AppsFlyer activities and does not affect other tools that your services provider may use. If you are an End User and choose to opt-out; we will stop tracking data for that device going forward. The services will stop across all applications.
How We Use Data
The personal data collected or processed through our Services (concerning either our Customers, their End Users, our Partners or visitors to the AppsFlyer platform or website) will be used for: (i) creating aggregate data and anonymous data (as specified below), (ii) providing the Services, and (iii) improving and maintaining our Services. For example, we use such data to help diagnose problems with our servers, to diagnose and prevent fraudulent activity, to consider and develop new services and features and to improve the Services and make them more useful.
By analyzing the data we receive, we may compile aggregate and anonymized data (“Aggregate Data”). Aggregate Data is anonymous and is not linked to any personal data. Aggregate Data helps understand trends and customer needs so that new services can be considered and so existing products and services can be tailored to customer desires.
How We Protect Data
At AppsFlyer, we strive to implement the highest level of security processes and practices across all business units.
Our security practices are based on industry-leading standards, on which we are audited annually. Our security framework includes policies and procedures, asset management, access management, physical security, people security, product security, cloud and network infrastructure security, third-party security, vulnerability management, security monitoring, and incident response.
If you have questions or need more detailed explanations on security topics, feel free to contact our Security Team via the Support Team.
Data Disclosures and Transfers
We may transfer or disclose personal data within AppsFlyer’s subsidiaries and branches and/or to third party service providers and Partners that help us provide our Services, as well as to our Customers, for the purpose of providing them with our Services. We may also disclose End Users’ personal data to any other third party at our Customers’ approval or direction/instruction. Any such entities may be located in different countries, including outside the United States or the European Economic Area.
The provisions of this Policy and the agreements with our Customers and Partners apply to such transfers to our third party service providers. All our subsidiaries, employees and third party service providers are subject to non-disclosure and restricted-use obligations.
We may also disclose personal data in our possession if we are required to do so by law, such as to comply with a subpoena or search warrant, governmental order, bankruptcy proceedings, or similar legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect the data subject’s safety or the safety of others, to protect AppsFlyer’s legitimate interests (such as in the course of a legal proceeding or other dispute resolution process), or to investigate fraud or other threats.
If AppsFlyer is involved in a merger, acquisition, or sale of all or a portion of its assets, or any change in ownership, the data may be disclosed to such third party acquirers, subject to applicable law. AppsFlyer will provide notice upon such a change.
EU-US Privacy Shield Frameworks
We are committed to attempt to resolve privacy complaints under the EU-US Privacy Shield principles. If you have an unresolved Privacy Shield-related complaint that was not addressed satisfactorily, please contact our US-based third party dispute resolution provider, free of charge, at https://feedback-form.truste.com/watchdog/request. The Federal Trade Commission (FTC) has jurisdiction over AppsFlyer, Inc.’s compliance with the Privacy Shield. Under certain conditions, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
To learn more about the Privacy Shield Framework, please visit https://www.privacyshield.gov.
Tracking Technologies on Our Website
E-Tag is a technology that is part of the standard HTTP protocol that allows our website to validate temporary storage (cache) of our pages and images. This ensures that you are viewing the latest version of our website since your last visit.
Local Storage (LS) such as HTML5 and Local Shared Objects (LSOs) such as Flash are used to store content information and preferences. Various browsers may offer their own management tools for removing HTML5 LS’s. To manage Flash LSOs please click here.
Beacons are clear graphic image(s) of 1×1 pixel that is delivered through a web browser usually as part of a webpage request. Web beacons operate as a tag that records an end users visit to a particular webpage.
As is true of most websites, we gather certain data automatically, such as Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system and/or clickstream data.
You may choose to receive our Newsletter, which provide you with updates and weekly tips. Your email address is required to sign up. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, accessing the email preferences in your account settings page, or you can contact us at https://www.appsflyer.com/contact/#contact-form.
We may also send you service related non-promotional email announcements on rare occasions when it is necessary to do so, for example, during provision of maintenance services.
Commitment to protecting children’s privacy
Special Note to Parents: AppsFlyer does not knowingly collect or process personal data from or with respect to children under the age of 16, and you must be 16 years of age or older in order to establish an account for AppsFlyer’s Services.
If you are a parent or legal guardian and believe that your child under the age of 16 has submitted his or her personal data or other data without your consent, permission, or authorization – please let us know immediately, and we will promptly act to remove your child’s data from our database, cease the use of such data and inform any other party we suspect to have access to such data to do the same.
Access, Correction, Deletion and Portability of Data
Customers Data: AppsFlyer respects the privacy rights of our Customers, and to the extent required by applicable law, will make reasonable commercial efforts to allow them to access, correct, object to the processing of, delete or port any of their personal data, provided that we are able to properly verify their identity and link them to any personal data in our possession.
AppsFlyer’s privacy team can be reached at email@example.com
End Users Data: As AppsFlyer acts as the “Data Processor” for our Customers, please contact your respective application developer directly. We will make commercially reasonable efforts to refer any such requests received by us from End Users to the relevant Customer (to the extent we are able to properly identify the End User and link them to a particular Customer). We are then committed to make commercially reasonable efforts to act as instructed by such Customer in writing. We cannot restore data that we have deleted.
We retain personal data concerning End Users for as long as the applicable Customer account is active, or as otherwise instructed by such Customer, End User or any partner that has provided us with such data, or otherwise to the extent authorized under applicable law. We may adopt shorter retention periods to the extent required or authorized by our Customers or partners, or in accordance with common practices and legal requirements. We may also retain and use personal data as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, and to protect our or others’ legal rights and legitimate interests.
We retain Customers’ personal data in accordance with the purposes, requirements and legal basis for which such data was provided or made available to us or utilized by us in accordance with applicable law. For example, we retain our Customers’ contact details as reasonably necessary for the purposes of maintaining our engagements and performing, improving and promoting our Services and relationships with our Customers.
Comments and Questions
If you have any comments or questions about our privacy practices, please contact us at firstname.lastname@example.org.
You may mail us your inquiries at:
100 1st Street, 25th floor San Francisco, California 94105, United States.
Data Protection Officer and EU Representative Details
AppsFlyer has appointed it’s a designated Data Protection Officer (“DPO”). The DPO can be reached directly at email@example.com
Last updated: May 6, 2018