Starting with iOS 17, Apple has introduced privacy manifests for SDKs to help app developers better understand how third-party SDKs use data. Apple’s privacy manifest is a file type that outlines the privacy practices of an app or its third-party SDKs.

In the manifest, you declare the types of data you collect, using specific categories provided by Apple, and the purpose for collecting the data. As of Spring 2024, any new app or app update submission that integrates a third-party SDK must include the privacy manifest for that SDK.

Required Reason API Usage

Apple lists the required reason APIs that have the potential to be be misused. It is mandatory for third-party SDKs, such as the Marketing Cloud SDK, to declare the APIs used so that a developer may verify they are being used for the expected reasons.

The Marketing Cloud SDK uses the following Required Reason API, which is declared in the SDK’s privacy manifest.

API Type Reason Comments
NSPrivacyAccessedAPICategory UserDefaults CA92.1 MarketingCloudSDK uses Userdefaults to persist few SDK settings related to Data migration,SDK privacy mode, API sync retry timestamp.