Data & Security
Data security, scalability and performance are our lifeblood. Our state-of-the-art real-time infrastructure, advanced security and data protection, independent certifications and global regulatory compliance have earned the trust of the world’s leading brands.
With AppsFlyer, your data is always private, safe and secure. We have done the hard work checking the security boxes, so you can focus on your marketing performance.
SOC 2 Type II Certified Security, Integrity, Confidentiality and Privacy
AppsFlyer’s policies, communications, procedures, security and monitoring have been audited as SOC 2 Type II compliant by one of the world’s leading firms. Behind the scenes, we run a tight ship. All AppsFlyer customer data is secured and accessed via secure SSL connections. Additionally, our industry-leading data security is regularly penetration tested by leading third-party vendors. In the interest of maintaining our perfect record, we cannot elaborate further on our security in public. Please contact your success manager or sales representative to learn more.
With billions of secure interactions measured every day, we know a thing or two about data integrity and data protection at scale.
That’s why these leading brands rely on AppsFlyer:
Industry Leading Speed & Reliability
Over the past 12 months, AppsFlyer has consistently maintained the industries’
fastest server response times and over 99% uptime.
We work with TRUSTe to verify our data privacy policies and practices. TRUSTe reviews our website, onelink.me and its subdomains, software development kit (“SDK”), and API’s.
View our current TRUSTe program status here.
The safety of our children is everyone’s concern and as parents ourselves, protecting our children is of the utmost importance. This is why we comply with COPPA requirements for mobile attribution and marketing analytics services, provided by us, and enable our customers to maintain their own COPPA compliance, with respect to the requirements from such service providers. We are committed to maintaining the confidentiality, security (including SOC2, among others) and integrity of the personal information collected and provided via the client’s apps and to only use such information at our client’s direction.
AppsFlyer also provides its clients the ability to opt-out of the collection of persistent identifiers for specific end-users. If we receive notice from the client that an end-user is under 13, has opted-out of the service or opted-out of collection of personal information, AppsFlyer will not collect such information and proceed to delete any information in its possession regarding such user as of such notice.
For further questions regarding security and data, please feel free to approach our Privacy Officer, Compliance Officer and GC.
EU-US Privacy Shield Framework
We are committed to working to resolve privacy complaints under the EU-US Privacy Shield principles. If you have an unresolved Privacy Shield-related complaint that was not addressed satisfactorily, please contact our US-based third-party dispute resolution provider TRUSTe, free of charge, at https://feedback-form.truste.com/watchdog/request. The Federal Trade Commission (FTC) has jurisdiction over AppsFlyer, Inc.’s compliance with the Privacy Shield. Under certain conditions, you may invoke binding arbitration when other dispute resolution procedures have been exhausted. To learn more about the Privacy Shield Framework, please visit https://www.privacyshield.gov .
Pathways for GDPR Readiness
AppsFlyer is committed to the confidentiality, data privacy and security of its enterprise customers and their end-users. We are investing and will continue to invest extensive resources towards maintaining the highest levels of data protection, privacy and security standards. We are compliant with applicable laws and regulations, and are committed to compliance with the EU GDPR and related guidelines well before the May 2018 deadline.
The GDPR applies to anyone collecting or processing personal data of individuals within the EU. Some of the key privacy and data protection requirements of the GDPR include:
a) processing of personal data must be lawful, fair and transparent – meaning that personal data needs to be used under a valid consent of the data subject and only in connection with the services provided; (b) personal data should be stored and used for the minimum amount of time necessary for the services provided; (c) there needs to be a well-defined, clear purpose for the use of the personal data; (d) personal data must be kept secured and confidential, (e) a person has the right to control their personal data, including the right to access it and to have it deleted; and (f) corporate personal data processes and policies must be clearly delineated.
In light of the above,
1. AppsFlyer only processes personal data in relation to the services it provides to its customers per their instructions and configuration. We obtain assurances that personal data we receive is provided to us in accordance with applicable laws under required consents and legal grounds.
2. We do not sell or re-broker client data.
3. AppsFlyer’s data processing has been designed to be performed through EU-based AWS and Google Cloud servers.
4. AppsFlyer is already EU-US Privacy Shield certified, and maintains stringent data confidentiality, privacy, security, processing and storage standards.
5. AppsFlyer is SOC II and TRUSTe certified and undergoes infosec annual audits and certification renewal processes.
6. AppsFlyer provides its clients and its clients’ end-users the ability to opt-out of the processing of personal data.
7. AppsFlyer offers the ability to anonymize and hash personal data, in a manner than maintains the quality and accuracy of the services.
8. AppsFlyer provides its clients the option to have all personal data of their end-users processed in the EU (including EU approved countries with an adequate level of data protection). Clients wishing to access this data outside of the above-mentioned regions will sign a DPA or the required EU Standard Contractual Clauses.
10. AppsFlyer maintains corporate policies and procedures ensuring data privacy and information security.