iOS data collection
What the Zeta iOS SDK collects by default and what is developer-configured.
This page describes exactly what data the Zeta iOS SDK collects, broken down by automatic collection and developer-configured collection. Use this information to populate your App Store privacy declarations and your app's privacy policy. The Zeta iOS SDK does not support third-party tracking, as declared in its privacy manifest (PrivacyInfo.xcprivacy).
Data collected by default
The SDK collects the following data automatically without any developer action beyond initialization:
- Device information -- device model, OS name, OS version, screen resolution, locale, timezone, SDK version.
- Automatic events --
app_installed,app_opened,app_closed,app_terminated. These lifecycle events are tracked to measure engagement. - Session data -- session start time, session duration, and session identifiers.
- Error logs -- diagnostic error logs for SDK stability monitoring. User-related information is not included in error logs.
Note: Carrier name is not collected on iOS. Apple deprecated carrier info APIs starting with iOS 16.
Data collected by configuration
The SDK collects the following data only when you explicitly call the corresponding APIs:
- User identity -- user ID (
uid), email address, or UCLID, set through the identity API. - Custom events -- any events you send via the event tracking API, including event names and custom properties.
- Screen tracking -- screen names tracked through the screen view API.
- Location -- latitude and longitude, collected only if you pass location data to the SDK.
- IDFA -- Identifier for Advertisers, collected only if you configure the SDK to request it and the user grants App Tracking Transparency permission.
- IDFV -- Identifier for Vendors, collected only if you enable it in the SDK configuration.
- Push token -- APNs device token, registered only when you integrate push notifications.
- Contact properties -- custom user attributes set through the contact properties API.
- Additional properties -- any extra key-value pairs you attach to events or profiles.
Note: The SDKs use
uidto automatically detect and map the appropriate ID field based on input format (email, phone number, or custom identifier).
Data not collected
The Zeta iOS SDK never collects the following categories of data:
- Financial information (payment info, purchase history, credit score)
- Health and fitness data
- Photos, videos, or other media
- Audio files or voice recordings
- Files and documents
- Calendar events
- Contacts
- Web browsing history
- SMS or MMS content
Important: SDK API tokens have write-only access, restricted to updating profiles, tracking events, and logging errors. Refresh tokens are scoped to mobile-specific APIs and cannot access broader platform functionality.
See also
- iOS privacy nutrition label -- Apple App Store privacy declarations.
- iOS Data & Privacy -- privacy manifest, ATT, GDPR/CCPA, and opt-out controls.
- Privacy and compliance -- index of all privacy and compliance documentation.