Is the requestTrackingAuthorization only needed for IDFA?

Question

I am getting confused if we have to show the requestTrackingAuthorization prompt or not. I thought it needs to be shown when third parties collect any data. Not I got the information from onesignal (which we use for push-notifications) that although they collect date the prompt is for their SDK not needed because they don't collect IDFA.

So in other words: Is IDFA the true reason to show the prompt and other data not?

Thanks Andreas

Answer 1

Based on Apple's User Privacy and Data Use Website, it is said:

Starting with iOS 14.5, iPadOS 14.5, and tvOS 14.5, you’ll need to receive the user’s permission through the AppTrackingTransparency framework to track them or access their device’s advertising identifier. Tracking refers to the act of linking user or device data collected from your app with user or device data collected from other companies’ apps, websites, or offline properties for targeted advertising or advertising measurement purposes.

In the simple way, IDFA (Identifier for Advertisers) is required if you need to show more personalized ads. As far as I know, based on my experience I need IDFA to show more personalized ads in Google Mobile Ads SDK (AdMob). To achieve this, i have to show App Tracking prompt. When user choose to allow, the SDK can track user and show user more relevan ads. If user choose to not allow tracking, the ads are still showing but maybe less relevan and less personalized.

You have to know what data being collected by OneSignal, because in the end you have to write all them down in App Privacy section in App Store Connect if you want to upload your app to App Store. Since I have no experience using OneSignal, sorry i'm not sure what data they are collecting.

Google has good website documentation about App Tracking policy in iOS 14 to prepare iOS 14 app tracking policy. OneSignal also has Apple App Privacy Requirement.

It is said:

As OneSignal is a third-party to your app, you’ll need to ensure you are properly disclosing to your users the ways you are using OneSignal in regards to their data.

So basically, you have to disclose and write all data collected by OneSignal in App Privacy section when you want to upload your app to App Store. OneSignal collect Purchase and Product Interaction automatically by default. Maybe you use more data type, you have to disclose them.

OneSignal does not collect IDFA as of iOS SDK version 2.16.0*.
*IDFA and IDFV are no longer captured by the OneSignal iOS SDK as of version 2.16.0 and 3.0.0 beta cut 4. If you’re using an older version of the SDK prior to 2.16.0, you will need to disclose this as collected data.

According to the documentation, OneSignal doesn't require you to implement App Tracking prompt since OneSignal does not collect IDFA as of iOS SDK version 2.16.0. Yes, right! You no need to implement App Tracking, assuming that you are only using OneSignal in your app project.

But if you also use other SDK which needs IDFA to work best such as Google Mobile Ads, you need to implement it.