Apple is introducing a privacy policy for including privacy manifest files in new and updated applications targeted for iOS, iPadOS, tvOS, and visionOS platforms on the App Store.
The privacy manifest file (PrivacyInfo.xcprivacy
) lists the types of data your Unity applications, or any third-party SDKs, packages, and plug-insA set of code created outside of Unity that creates functionality in Unity. There are two kinds of plug-ins you can use in Unity: Managed plug-ins (managed .NET assemblies created with tools like Visual Studio) and Native plug-ins (platform-specific native code libraries). More info
See in Glossary collect, and the reasons for using certain Required Reason API categories.
Important: If the use of the Required Reasons APIs by you or third-party SDKs isn’t declared in the privacy manifest, your application might be rejected by the App Store. For more information, visit Apple’s documentation on Required Reasons APIs.
You must review your native code, C# code, and data collection and tracking practices to understand if Apple’s privacy manifest policy applies to you. Follow these guidelines to decide if you need to include a privacy manifest file in your product:
If your application includes multiple third-party SDKs, packages, and plug-ins, then these third-party components (if applicable) must provision their own privacy manifest files separately. Note: It’s your responsibility however, to make sure that the owners of these third-party components include privacy manifest files. Unity isn’t responsible for any third-party privacy manifest, and their data collection and tracking practices.
If your application includes Unity framework implementations of the C# .Net framework APIs that call certain APIs listed in the Apple’s Required Reasons API categories, then you must assess your product for the API usage. For assessing what constitutes as part of data collection and tracking practices, refer to Apple’s documentation on privacy manifest files. Note: It’s your responsibility to assess your use of each of these APIs and declare the applicable reasons for using them.
Depending on whether you’re using Unity to develop an application or providing your SDKs, packages, and plug-ins to use with Unity applications, the requirement for providing a privacy manifest file might differ.
Note: The above guidelines are provided for your convenience. It’s important that you review Apple’s documentation on privacy manifest files before creating a privacy manifest for your project.
If you’re developing an application using Unity, consider the following steps:
If you meet one or both of the conditions from step 1, create a privacy manifest file in Xcode and save it in the Assets/Plugins folder of your project.
In the privacy manifest file, declare the approved reasons for using the Required Reason APIs or C# .Net framework APIs, as applicable.
Important: If you don’t declare the reasons for the use of APIs, your application might be rejected by the App Store.
Verify if your native application code collects any type of data categorized by Apple and declare those data types in the privacy manifest file as applicable. Any third-party SDKs, packages, and plug-ins used in your application must include their own separate manifest files to declare data collection and the use of any Required Reasons APIs with approved reasons.
Notes:
It’s your responsibility to check the accuracy of the privacy manifest within the Unity framework and if any third-party components included in your Unity project require any declarations in you privacy manifest. It’s recommended that you search these third-party components for any references to a privacy manifest declaration.
If you’re a plug-in, package, or SDK owner, and you provide a service or package to be included within a Unity project as a .framework, follow these steps:
If your product isn’t used as a .framework within a Unity project, then consider delivering it as a .framework. If you’re unable to do so, then follow these steps:
The following table provides a list of C# .Net APIs that call the Required Reasons API category named File timestamp API. If your application, SDK, package, or plug-in code calls any of the APIs from this list, declare the reasons for their use in your privacy manifest file following the guidelines specified in Apple’s documentation on Required Reasons API.
Note: The following list is verified only for Unity versions 2021.3 LTS and later.
Unity Engine calls the Required Reasons APIs from the following categories and declares these categories with the listed reasons for their use.
Category | Reason | Description |
---|---|---|
File timestamp APIs | 0A2A.1 | Used by C# timestamp APIs |
File timestamp APIs | C617.1 | Used to check files |
User defaults APIs | CA92.1 | Used for PlayerPrefs API |
System boot time APIs | 35F9.1 | Used to calculate time between various events |
Disk space APIs | E174.1 | Used to check disk space for AssetBundles |
Note: Starting with Unity Editor versions 2021.3.35f1, 2022.3.18f1, and 2023.2.7f1, Unity Engine automatically includes these reasons in the privacy manifest file. If you’re using an older Unity Editor version, you must always declare these reasons in the privacy manifest file of your project.