What Is a Privacy Manifest?
Since Spring 2024, Apple requires every third-party SDK to include a Privacy Manifest file (PrivacyInfo.xcprivacy). This file declares what data the SDK collects, the purpose behind each data type, and whether any data is used for tracking. SDKs without a manifest risk triggering App Store rejection during review. FeaturePulse's privacy-first design includes a complete manifest out of the box.
Required Reason APIs
Apple maintains a list of APIs that require a declared reason for use. These include UserDefaults, file timestamp APIs, disk space APIs, and system boot time APIs. Every SDK in your dependency tree must declare why it uses these APIs. FeaturePulse uses only UserDefaults (for caching vote state) and declares the reason in its manifest.
Evaluating SDKs for Compliance
Before adding any feedback SDK, check three things: does it include a Privacy Manifest, does it use required reason APIs with documented justifications, and does it declare tracking usage honestly? Many older tools — including some Canny alternatives — were built before these requirements existed and may lack proper declarations.
Apps that include SDKs without valid Privacy Manifests may be rejected during App Store review. Always verify compliance before integrating a new dependency.
How FeaturePulse Handles Compliance
FeaturePulse ships with a complete PrivacyInfo.xcprivacy file. It declares minimal data collection — device identifier for vote deduplication, payment tier for MRR tracking, and session count for engagement scoring. No data is marked as used for tracking. No additional compliance work required from you.
Staying Updated on Requirements
Apple's privacy requirements evolve each year. FeaturePulse updates its manifest with each SDK release so you stay compliant without manual intervention. Pair this with our native feedback collection SDK for a fully compliant feedback stack.