Thanks!

Privacy at AppsFlyer

The highest privacy standard in the industry

We are committed to providing you full transparency and control over your users’ personal data. From specific industry regulations to international data privacy standards we don’t just lead the industry in privacy standards, we help define it.

Learn more about how data is managed by AppsFlyer
Download whitepaper

Privacy - beyond GDPR and CCPA
Privacy: Minimizing Personal Identifiable Information (PII)

Minimizing Personal Identifiable Information (PII)

We’ve implemented technical and organizational measures to ensure that, by default, only the personal data necessary for each specific purpose of the service is processed in strict accordance with our customers’ instructions and configurations.

Privact: Data subject request management

Data subject request management

We have developed a comprehensive range of APIs and tools to help our customers build a fully compliant stack. By adopting our tools, brands can address data subject requests across their partner ecosystems, in near real-time. Adhering to the GDPR and CCPA Right of Deletion, our APIs help organizations globally take another step toward compliance.

  • The right to erasure
  • The right to access
  • The right to data portability
  • The right to rectification

Enabling HIPAA compliance

For apps that frequently handle sensitive personal information or protect health information (PHI), it’s important to work with a company that takes a privacy by design approach to keep your data safe. We let you decide which data you share and with whom, while maintaining the strictest standards for compliance across every global market, including HIPAA.

Read our full privacy policy

Frequently asked questions

How does AppsFlyer handle the data it receives when customers use AppsFlyer?

We are committed to providing customers and end users with complete transparency in relation to our privacy practices and to protecting customer data. We use the data we receive to provide services to our customers as more completely described in our Services Privacy Policy.  Furthermore, we implement stringent security and organizational measures including those described here to protect your data.

How does AppsFlyer help its customers with CCPA compliance?

To help our customers ensure compliance with the CCPA, we are committed to: 1. Acting only as a service provider for our customers and processing the data only for the stated business purposes 2. Never selling or disclosing any personal information received from our customers 3. Being fully transparent with our customers 4. Supporting customer opt-in and opt-out requirements 5. Ensuring appropriate agreements are in place with our customers 6. Having appropriate technical and organizational measures in place to protect our customer data.

Does AppsFlyer have a Data Processing Agreement to cover GDPR requirements?

Yes, you may download our DPA.

What information does the GDPR apply to?

The GDPR applies to Personal Data. However, Personal Data is broadly defined and includes identifiers such as IP address, cookies, and device IDs. Therefore, under such definition data collected by you through your use of AppsFlyer may be deemed Personal Data under the GDPR.

How does AppsFlyer protect individual app user’s personal data?

AppsFlyer employs strict physical, technical, administrative, and organizational measures to protect data and meets a number of major ISO standards (e.g. 27001, 270017, 270018 and more). See AppsFlyer’s security page for more information.

About which types of data subjects does AppsFlyer process personal data?

We process the personal data of the end users of our customers who use or interact with our customers’ websites, products, services, advertisements, and mobile application services.

What data is received by AppsFlyer from the customer’s end-user?

Please see our Services Privacy Policy where the categories of data are listed. Our platform allows customers to configure their data in accordance with their needs. We are a privacy-oriented company and have numerous solutions available to ensure compliance with regulations across the globe.

Is it possible to use AppsFlyer without processing personal data?

AppsFlyer has a range of privacy-preserving solutions where aggregated data is the solution to ensure that PII or personal data is not processed. IP addresses are a natural part of internet connections on the web, therefore at the regional level these are received by AppsFlyer. However, AppsFlyer provides solutions that include IP masking.

How are data subject requests processed (including the right to erasure, subject access requests, right to rectification, right to restriction of processing, right to portability, and the right to object)?

Data requests are made via our OpenGDPR API system (applied globally) that allows each customer to comply with such data subject requests. The system allows you to follow the request you place on behalf of your end-user and receive confirmation of, for example – deletion. More details can be found here.

Does AppsFlyer have a GDPR-compliant data protection agreement?

Yes, please refer here for more information. Our DPA is global, meaning it is applicable to all relevant privacy regulations around the globe.

What are AppsFlyer’s sub-processors?

Current AppsFlyer sub-processors include AWS and Google Cloud Platform for data storage, Zendesk for our customer service provision, and AppsFlyer’s Israel HQ and applicable AppsFlyer subsidiaries for technical and service assistance. The local AppsFlyer subsidiary that may process your information is dependent on your location. You can find more information here.

Ready to make good choices?