Configure data privacy settings for mobile applications
For many companies, ensuring the privacy of their customers' personal data is an important component of the digital business success. Dynatrace provides numerous privacy enhancements that you can use to configure the data privacy settings of your apps. When you properly set up these settings, this helps to protect your customers' personal data and to ensure your organization's compliance with the General Data Protection Regulation (GDPR), data disclosure requirements of app stores, and other data protection laws and regulations.
While Dynatrace offers numerous data privacy settings configurable both on the environment and application levels, it's only your responsibility to properly set up these settings and take precautions that protect your customers' personal data.
User opt-in mode
Enable the user opt-in mode to secure your end user's permission to capture their personal data and receive crash reports from their mobile devices.
By default, crash reporting is deactivated and no monitoring data is captured.
Data collection levels
The privacy API methods allow you to dynamically activate and deactivate crash reporting and change the data collection level. The following data collection levels are available:
- Off: Monitoring data isn't captured.
- Performance: Only performance data is captured. Monitoring data that can be used to identify individual users, such as user tags and custom values, isn't captured.
- User behavior: Performance data and user data is captured. In this mode, OneAgent recognizes and reports users who revisit in the future.
If you haven't configured user tagging or custom value reporting, this level works similar to the Performance level.
Possible flow for user opt-in mode
The following steps describe the standard workflow for setting up the user opt-in mode for your mobile apps:
- You enable the user opt-in mode and instrument your app.
- At startup, OneAgent for Mobile checks the end user's settings.
By default, the data collection level is set to
Offand crash reporting is disabled so that, upon the first launch of your app, no data is shared with Dynatrace.
- When the user confirms their settings, you use the API calls to store the user's preferences.
- Upon the next startup of your app, OneAgent for Mobile applies the new settings and reports only as much data as the user has agreed to share with Dynatrace.
Enable opt-in mode
To activate the opt-in mode for mobile apps in the Dynatrace web UI
- In the Dynatrace menu, go to Mobile.
- Select the mobile application that you want to configure.
- Select More (…) > Edit in the upper-right corner of the tile with your application name.
- From the application settings, go to General > Data privacy.
- Turn on Enable user opt-in mode.
Check the sections below for detailed instructions on how to enable the mobile user opt-in mode and change the data collection level for your apps.
OneAgent for Mobile uses the
x-dynatrace header for tagging HTTP requests. Dynatrace uses this header to link the mobile part of the web request to the service part captured by another OneAgent.
For hybrid applications, the
User action masking
If you want to avoid capturing personal information for all user actions in your mobile app, check the related sections on user action masking for Android or iOS.
After you enable user action masking for your mobile app, OneAgent replaces all
Touch on <control title> action names with the class name or type of the control that the user touched. For example,
Touch on Account 123456 is changed to
Touch on Button.
Data privacy questionnaire in app stores
To learn what data OneAgent captures and complete the data privacy questionnaire in Google Play Console or App Store Connect, see the following pages: