Global Compliance

Data & Security

Data security, scalability and performance are our lifeblood. Our state-of-the-art real-time infrastructure, advanced security and data protection, independent certifications and global regulatory compliance have earned the trust of the world’s leading brands.

With AppsFlyer, your data is always private, safe and secure. We have done the hard work checking the security boxes, so you can focus on your marketing performance.

SOC 2 Type II Certified Security, Integrity, Confidentiality and Privacy

AppsFlyer’s policies, communications, procedures, security and monitoring have been audited as SOC 2 Type II compliant by one of the world’s leading firms. Behind the scenes, we run a tight ship. All AppsFlyer customer data is secured and accessed via secure SSL connections. Additionally, our industry-leading data security is regularly penetration tested by leading third-party vendors. In the interest of maintaining our perfect record, we cannot elaborate further on our security in public. Please contact your success manager or sales representative to learn more.


With billions of secure interactions measured every day, we know a thing or two about data integrity and data protection at scale.
That’s why these leading brands rely on AppsFlyer:


Industry Leading Speed & Reliability

Over the past 12 months, AppsFlyer has consistently maintained the industries’
fastest server response times and over 99% uptime.


Global Compliance

TRUSTe Certification


We work with TRUSTe to verify our data privacy policies and practices. TRUSTe reviews our website, and its subdomains, software development kit (“SDK”), and API’s.

View our current TRUSTe program status here.

COPPA Compliance

The safety of our children is everyone’s concern and as parents ourselves, protecting our children is of the utmost importance. This is why we comply with COPPA requirements for mobile attribution and marketing analytics services, provided by us, and enable our customers to maintain their own COPPA compliance, with respect to the requirements from such service providers. We are committed to maintaining the confidentiality, security (including SOC2, among others) and integrity of the personal information collected and provided via the client’s apps and to only use such information at our client’s direction.

AppsFlyer also provides its clients the ability to opt-out of the collection of persistent identifiers for specific end-users. If we receive notice from the client that an end-user is under 13, has opted-out of the service or opted-out of collection of personal information, AppsFlyer will not collect such information and proceed to delete any information in its possession regarding such user as of such notice.

For further questions regarding security and data, please feel free to approach our Privacy Officer, Compliance Officer and GC.


EU-US Privacy Shield Framework
privacy-shield-frameworkAppsFlyer is committed to upholding the principles of the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Information from Customers and/or End Users in the European Union member countries. AppsFlyer, Inc. has certified that it adheres to the Privacy Shield principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability. If there is any conflict between the provisions of this Privacy Policy and the Privacy Shield principles, the Privacy Shield principles shall govern with respect to Personal Information of persons residing in the EU.

We are committed to working to resolve privacy complaints under the EU-US Privacy Shield principles. If you have an unresolved Privacy Shield-related complaint that was not addressed satisfactorily, please contact our US-based third-party dispute resolution provider TRUSTe, free of charge, at The Federal Trade Commission (FTC) has jurisdiction over AppsFlyer, Inc.’s compliance with the Privacy Shield. Under certain conditions, you may invoke binding arbitration when other dispute resolution procedures have been exhausted. To learn more about the Privacy Shield Framework, please visit .


Pathways for GDPR Readiness

AppsFlyer is committed to the confidentiality, data privacy and security of its enterprise customers and their end-users. We are investing and will continue to invest extensive resources towards maintaining the highest levels of data protection, privacy and security standards. We are compliant with applicable laws and regulations, and are committed to compliance with the EU GDPR and related guidelines well before the May 2018 deadline.

The GDPR applies to anyone collecting or processing personal data of individuals within the EU. Some of the key privacy and data protection requirements of the GDPR include:

a) processing of personal data must be lawful, fair and transparent – meaning that personal data needs to be used under a valid consent of the data subject and only in connection with the services provided; (b) personal data should be stored and used for the minimum amount of time necessary for the services provided; (c) there needs to be a well-defined, clear purpose for the use of the personal data; (d) personal data must be kept secured and confidential, (e) a person has the right to control their personal data, including the right to access it and to have it deleted; and (f) corporate personal data processes and policies must be clearly delineated.

In light of the above,

1. AppsFlyer only processes personal data in relation to the services it provides to its customers per their instructions and configuration. We obtain assurances that personal data we receive is provided to us in accordance with applicable laws under required consents and legal grounds.
2. We do not sell or re-broker client data.
3. AppsFlyer’s data processing has been designed to be performed through EU-based AWS and Google Cloud servers.
4. AppsFlyer is already EU-US Privacy Shield certified, and maintains stringent data confidentiality, privacy, security, processing and storage standards.
5. AppsFlyer is SOC II and TRUSTe certified and undergoes infosec annual audits and certification renewal processes.
6. AppsFlyer provides its clients and its clients’ end-users the ability to opt-out of the processing of personal data.
7. AppsFlyer offers the ability to anonymize and hash personal data, in a manner than maintains the quality and accuracy of the services.
8. AppsFlyer provides its clients the option to have all personal data of their end-users processed in the EU (including EU approved countries with an adequate level of data protection). Clients wishing to access this data outside of the above-mentioned regions will sign a DPA or the required EU Standard Contractual Clauses.
9. The AppsFlyer Privacy Policy and Service Agreements reflect and adhere to applicable privacy, data retention, security and confidentiality standards.
10. AppsFlyer maintains corporate policies and procedures ensuring data privacy and information security.


What are you waiting for?
Start Measuring With AppsFlyer Today