Privacy Implementation Guide
This guide helps you understand the privacy implications of integrating Trackless Telemetry into your app or website and provides step-by-step instructions for completing privacy declarations on the Apple App Store, Google Play Store, and your website's privacy policy.
What Trackless Collects
Before filling out any privacy form, it helps to understand exactly what data the Trackless SDKs transmit. All SDKs follow the same model:
- Developer-defined event names and counts — feature usage, view counts, funnel steps, error names, and performance metric names. These are labels you define in your code; they contain no user data unless you put it there.
- Coarse device context — platform (ios, android, web), OS major version, device class (phone, tablet, desktop), and optional region and language codes derived from system settings — not from IP geolocation.
- Session metadata — session start/end with duration and screen depth. Sessions are anonymous and cannot be linked across launches.
What Trackless Does Not Collect
- No user IDs, device IDs, or advertising identifiers (IDFA, GAID, SSAID)
- No IP address processing by application code — IP addresses are never read, parsed, stored, or used by the SDK or the Trackless backend. AWS infrastructure receives IP addresses for network routing and DDoS protection as part of standard cloud operations, but they are not used for analytics.
- No fingerprinting data (full user agent, exact device model, screen resolution)
- No cookies, localStorage, or any client-side persistence on web
- No cross-session linking — each session is completely independent
- No data shared with third parties, ad networks, or data brokers
Only aggregate counts per day are stored long-term. No individual event records or measurements are retained.
Apple App Store — Privacy Nutrition Labels
When submitting an app that integrates the Trackless iOS SDK, you will need to complete the Privacy section in App Store Connect. Select the following data types:
1. Usage Data — Product Interaction
| Field | Answer |
|---|---|
| Data types collected | Usage Data — Product Interaction. The SDK transmits feature names with counts and coarse device context (platform, OS major version, device class, optional region and language codes) off-device. |
| Linked to user identity | No. The SDK collects no user identifiers, device identifiers, session identifiers, or advertising identifiers. There is no mechanism to link collected data to a specific user or device. |
| Used for tracking | No. The SDK does not track users across apps or websites owned by other companies. No data is shared with third parties, data brokers, or advertising networks. |
2. Diagnostics — Crash Data
| Field | Answer |
|---|---|
| Data types collected | Diagnostics — Crash Data. The SDK's error() method transmits developer-defined error names, severity levels (debug/info/warning/error/fatal), and optional error codes (e.g., HTTP status codes, exception types). No stack traces, crash logs, or error messages are collected. All data is stored as aggregate counts per day. |
| Linked to user identity | No. Error events carry the same coarse device context as other events. No user or device identifiers are included. |
| Used for tracking | No. Error data cannot be linked across sessions, devices, or applications. |
3. Diagnostics — Performance Data
| Field | Answer |
|---|---|
| Data types collected | Diagnostics — Performance Data. The SDK's performance() method transmits developer-defined metric names with duration measurements and optional thresholds. Durations are aggregated server-side into a statistical digest — no individual measurements are stored long-term. |
| Linked to user identity | No. Performance events carry the same coarse device context as other events. No user or device identifiers are included. |
| Used for tracking | No. Performance data cannot be linked across sessions, devices, or applications. |
App Tracking Transparency (ATT)
ATT is not required when using Trackless. App Tracking Transparency applies only when linking user or device data with data from other companies for advertising or sharing with data brokers. Trackless collects no user or device identifiers and shares no data with third parties.
Why Not Declare "None"?
Data transmitted off-device qualifies under Apple's definitions even though it cannot be linked to individual users. Declaring "None" risks App Review rejection or compliance issues during audit. The strongest truthful posture is to declare the data types above while marking them as not linked to user identity and not used for tracking.
Google Play — Data Safety Form
When completing the Data Safety section in Google Play Console, answer the following questions:
Does your app collect or share any of the required user data types?
Yes. Select the following data types:
| Category | Data Type | What Trackless Sends |
|---|---|---|
| App activity | App interactions | Feature names with counts and coarse device context (platform, OS major version, device class, optional region and language codes). |
| App info and performance | Crash logs | Developer-defined error names, severity levels, and optional error codes. No stack traces or raw crash logs — only aggregate error counts. |
| App info and performance | Diagnostics | Developer-defined performance metric names with duration measurements. Durations are aggregated into statistical digests — no individual measurements are stored. |
Remaining Data Safety Questions
| Question | Answer |
|---|---|
| Is data collected, shared, or both? | Collected (sent off-device to the developer's Trackless backend). Not shared with third parties. |
| Is the data processed ephemerally? | No — aggregate counts and digests are stored long-term. However, no user-identifiable data is retained, and no individual event records are stored. |
| Is the data required or can users opt out? | All SDKs provide a built-in enabled option and setEnabled() runtime toggle. If your app exposes this as a user-facing preference, select optional. If your app does not offer an opt-out, select required. |
| Is all data encrypted in transit? | Yes (HTTPS/TLS). |
| Is the data linked to user identity? | No. The SDK collects no user identifiers, device identifiers, or advertising identifiers. |
| Do you provide a way for users to request data deletion? | The SDK collects no user-identifiable data, so there is no user-specific data to delete. Dashboard account data can be deleted via the account deletion feature in the Trackless dashboard. |
Web — Privacy Policy Recommendations
If you integrate the Trackless Web SDK into your website or web application, you should update your privacy policy to disclose the use of analytics. Below is guidance on what to include and a sample disclosure you can adapt.
Key Facts for Your Privacy Policy
- No cookies or client-side storage. The Trackless Web SDK uses zero cookies, zero localStorage, zero sessionStorage, and zero IndexedDB. Your cookie banner does not need to account for Trackless.
- No IP address processing by application code. The SDK does not send IP addresses, and the Trackless backend never reads, parses, stores, or uses them. Region and language are derived from browser settings (
navigator.language), not from IP address lookups. AWS infrastructure receives IP addresses for network routing and DDoS protection as part of standard cloud operations, but they are not used for analytics. - No cross-site tracking. There are no persistent identifiers, no fingerprinting, and no mechanism to correlate a visitor across sessions or across different websites.
- Aggregate data only. Trackless stores daily aggregate counts (e.g., "the Sign Up button was clicked 42 times on March 15"). Individual page views or clicks are never stored as distinct records.
- No third-party data sharing. Telemetry data is sent only to the Trackless backend (hosted on AWS). It is never transmitted to ad networks, analytics aggregators, or data brokers.
GDPR, ePrivacy, and Cookie Consent
Because the Trackless Web SDK uses no cookies and no client-side storage, it falls outside the scope of the ePrivacy Directive's consent requirement for storing information on a user's device. Under GDPR, Trackless can typically be operated under a legitimate interest basis (Article 6(1)(f)) because:
- No personal data is collected — there are no identifiers that could identify a person.
- No cross-session or cross-site profiling is possible — each page load is completely independent.
- The data processing is limited to anonymous, aggregate usage counts.
That said, privacy law interpretation varies by jurisdiction. If you operate under strict interpretations (e.g., certain DPAs consider coarse device metadata to be personal data), you may wish to include Trackless in your consent flow as a precaution. Consult your legal counsel for jurisdiction-specific advice.
CCPA / CPRA (California)
Because Trackless collects no information that identifies, relates to, or could reasonably be linked to a particular consumer or household, the data collected by the Trackless SDK does not constitute "personal information" under the CCPA/CPRA. There is nothing to sell, share, or delete on a per-consumer basis.
Sample Privacy Policy Disclosure
You can adapt the following language for your website's privacy policy. Adjust the wording to match your policy's style and structure:
Analytics. We use Trackless Telemetry to understand how visitors interact with [our website / our application]. Trackless collects anonymous, aggregate usage data — such as which features are used and how often — along with coarse device context (platform, operating system version, device class, and language preference). Trackless does not use cookies, does not store any data on your device, and does not use advertising or device identifiers. IP addresses are never read, parsed, stored, or used by the Trackless application code (AWS infrastructure receives IP addresses for network routing as part of standard cloud operations, but they are not used for analytics). There is no mechanism to identify individual visitors or track them across sessions. All data is stored as aggregate daily counts. Telemetry data is not shared with any third parties. For more information, see the Trackless Privacy Policy.
How Trackless Compares
The following table summarizes how Trackless differs from common analytics tools in terms of privacy impact:
| Capability | Trackless | Typical Analytics |
|---|---|---|
| Persistent user/device IDs | None | Yes (cookies, device IDs) |
| IP address processing | Never by application code | Logged or used for geolocation |
| Cross-session linking | Impossible | Standard (via cookies or IDs) |
| Cookie / client storage | None (web SDK) | First-party or third-party cookies |
| Third-party data sharing | None | Common (ad networks, aggregators) |
| ATT prompt required (iOS) | No | Often yes |
| Cookie consent banner required | No | Yes (in EU/UK) |
| Individual-level data stored | None — aggregate counts only | Event-level with user association |
Questions?
If you have questions about completing privacy declarations or need help understanding Trackless's privacy model, contact us at privacy@tracklesstelemetry.com.