“As a company that places customer satisfaction and privacy at its core, we are constantly assessing and reassessing our privacy practices to hold ourselves accountable to the most rigorous privacy standards. In an ever-evolving landscape, AppsFlyer is setting the privacy bar today, and defining more practices for tomorrow.”
Regional Privacy Laws
Local expertise, global reach
We welcome a world that is more private. We have invested significant resources into providing diligent compliance across all of our solutions and teams. Our mission and responsibility, is to not only provide a fully-compliant product to our customers, but to help them ensure their own compliance as well. Click on the buttons below for an in-depth explanation of regional privacy regulations and AppsFlyer’s compliance, and detailed information related to compliance with the GDPR, CCPA/CPRA, Brazil’s LGPD, China’s PIPL, Japan’s APPI, and more.
Enhancing Kids’ Privacy
We’ve implemented technical and organizational measures to ensure that, by default, only the personal data necessary for each specific purpose of the service is processed in strict accordance with our customers’ instructions and configurations. Read our Kids Privacy Statement here.
Compliant attribution for kids’ apps
Apps that cater to kids, or audiences that may include kids, must take measures to ensure compliant attribution is secured. Download the guide here.
Google Family/Apple Kids Guide
This is a guide to help AppsFlyer customers implement and safeguard all of the practices introduced by the leading operating systems. Get the guide for Google Families Program here. Get the guide for the Apple App Store here.
AppsFlyer’s Privo Accreditation
AppsFlyer is proud to have achieved Privo Accreditation in our efforts to help our customers achieve COPPA compliance. View accreditation here.
AppsFlyer places privacy as a core value and as such, is heavily committed to, and invested in, developing innovative privacy preserving technology and privacy-forward controls. AppsFlyer’s overarching goal is to create solutions that enable the highest standards of privacy while maintaining business excellence.
Privacy preserving technologies include:
Aggregated Advanced Privacy (AAP)
a feature that empowers advertisers to prevent the availability of user-level attribution data.
Privacy Cloud and Data Clean Room
two products that innovate collaboration and measurement by ensuring the highest standards of privacy-preserving technologies.
SKAdNetwork, Conversion Studio, and Single Source of Truth (SSOT)
advanced solutions that enable advertisers to thrive on iOS.
a statistical technique that leverages machine learning for measurement insights.
a feature that measures the incremental lift generated by remarketing campaigns.
The above technologies are a selection of our products that are at the forefront of privacy-preserving innovation.
AppsFlyer’s products and features enable the highest standards of privacy-centric technology.
Privacy-forward controls include:
Opt-in/Opt out for any data processing – This enables customers to align with any consent mechanisms implemented within their app to ensure GDPR, CCPA or other regulatory compliance.
Opt-out from Device ID utilization (iOS -IDFA, iOS – IDFV and Android). For iOS customers may also use the Strict Mode SDK. This enables alignment with any platform policies and regulatory requirements for child directed or mixed audience applications.
Opt-out controls for customer data sharing with partners (see also AAP for iOS for aggregated data sharing). This enables customers to comply with platform policies and regulatory requirements including requirements related to child or mixed audience applications (e.g COPPA).
Opt-in/out controls on types of data shared for in-app events – this enables customers to control with which partners (if any at all) customers share events they choose to measure.
IP address masking – This will mask IP addresses from any reporting and from any data customers choose to share with their partners.
Post Install deidentification – This enables customers to measure post install events without connection to the device identifier and to the initial attribution. Other identifiers such as IP and AppsFlyer ID are hashed.
For more information on privacy preserving controls, please visit our help center.
Data Subject Request Management
We have developed a comprehensive range of tools to help our customers build a fully compliant stack. By adopting our tools, brands can address data subject requests across their partner ecosystems, in near real-time. Adhering to the GDPR, CCPA, LGPD and other local regulations requiring the “Right of Deletion”, our OpenDSR API helps organizations globally take another step toward compliance. If you want to invoke your right to be forgotten directly with AppsFlyer, please click here. AppsFlyer complies with the ‘right to access’, ‘right to data portability’, and ‘right to rectification’, for more information on how to enact those rights, please reach out to us.
AppsFlyer is proud to offer a range of documentation that comprehensively addresses our approaches to data protection and privacy.
AppsFlyer Services: How We Process Customer Data
AppsFlyer’s means of processing customer’s data, as part of our services provision outlines the types of data processed, the types of end users processed, the manner in which the data is protected, and what privacy-enhancing controls and technologies are available. To read the complete guide to Processing Customer Data, click here.
Our Data Processing Agreement is global, meaning it is applicable to all relevant privacy regulations around the globe, including GDPR and CPRA. For more information and to download a copy of our DPA, please click here.
AppsFlyer minimizes the use of subprocessors, except for when absolutely necessary for the performance of the services. The local AppsFlyer subsidiary that may process your information is dependent on your location. You can find more information here.
The GDPR applies to Personal Data. However, Personal Data is broadly defined and includes identifiers such as IP address, cookies, and device IDs. Therefore, under such definition data collected by you through your use of AppsFlyer may be deemed Personal Data under the GDPR.
AppsFlyer employs strict physical, technical, administrative, and organizational measures to protect data and meets a number of major ISO standards (e.g. 27001, 27017, 27018 and more). See AppsFlyer’s Security Page for more information.
We process the personal data of the end users of our customers who use or interact with our customers’ websites, products, services, advertisements, and mobile application services.
AppsFlyer has a range of privacy-preserving solutions where aggregated data is the solution to ensure that PII or personal data is not processed. IP addresses are a natural part of internet connections on the web, therefore at the regional level these are received by AppsFlyer. However, AppsFlyer provides solutions that include IP masking.