Data & privacy

This page covers privacy, data collection, and data subject rights for the Zeta React Native SDK. Because the React Native SDK wraps the native iOS and Android SDKs, privacy characteristics are inherited from both platforms.

On this page

Opt-in and opt-out

The SDK provides full control over data collection through opt-in/opt-out. See Getting Started / Tracking opt-in and opt-out for implementation details.

  • Calling ZetaClient.optOutFromTracking() or initializing with optIn: false immediately stops the SDK from sending any further data to the backend and clears data cached in the local database.
  • Calling ZetaClient.user.clear() clears the identity session on device.

Once opted out, the SDK:

  • Immediately stops all communication with the backend.
  • Clears any data cached in the local database.
  • Neither collects nor transmits any further data until the app opts back in.
  • Treats a subsequent opt-in as a fresh launch.

Data subject rights (GDPR / CCPA)

Delete the user's ZMP profile

Status: Pending product decision. The SDK does not expose a server-side delete today. Contact your Zeta account team to request profile deletion for a specific uid or emailId.

Export the user's ZMP profile

Status: Pending product decision. Data export today is performed through ZMP support channels, not through the SDK.

iOS privacy references

The iOS side of the React Native SDK inherits the privacy characteristics of the native iOS SDK (ZetaCore and ZetaNotificationService).

For details on PrivacyInfo.xcprivacy, App Tracking Transparency, and IDFA handling, see iOS Data & Privacy.

Android privacy references

The Android side of the React Native SDK inherits the privacy characteristics of the native Android SDK (net.zetaglobal.app:core).

For details on manifest permissions, offline queueing, and Google Play data safety declarations, see Android Data & Privacy.

Secrets handling

  • clientSecret is passed into ZTConfig at initialization time or set later via ZetaClient.setClientSecret().
  • Do not commit clientSecret to source control. Load it from a secure source at app launch (environment variable, remote configuration, or secure storage).

See also