Data Protection and Privacy

These changes assist you in implementing data compliance regulations, such as the European Union’s General Data Protection Regulation. For a full overview of Salesforce’s approach to managing compliance, visit Salesforce Privacy.

The MobilePush SDK supports three privacy modes that can affect your application’s ability to send messages and collect data.

• Right to be Forgotten
• Restriction of Processing
• Do Not Track

Use Right to Be Forgotten mode when a contact requests that you remove all data related to them from Marketing Cloud. This mode marks a contact, identified by the SDK’s contact key string, as forgotten. This setting prevents you from collecting data from that contact, and from sending them messages.

The SDK restricts all functionality after it receives the first Right to be Forgotten mode change for a contact from the server, either through a silent push notification or when your application enters the foreground.

Right to Be Forgotten mode disables these functions for that contact for the life of your application.

• Push notifications
• Analytics tracking
• Inbox
• Geofence and beacon messaging
• Configuration changes

A contact can move out of Right to Be Forgotten mode by deleting and reinstalling your application on their mobile device.

Restriction of Processing mode marks a contact, identified by the SDK’s contact key string, as restricted from processing.

Restriction of Processing mode restricts these data operations for the contact.

• Modifying information
• Deleting information
• Changing registration state
• Sending pushes
• Creating inbox messages
• Processing Analytics

The MobilePush SDK restricts all functionality after it receives a Restriction of Processing mode change for a contact. This mode completely disables these functionalities when the contact is in a restricted state.

• Push notifications
• Analytics tracking
• Inbox
• Geofence and beacon messaging
• Configuration changes

If the contact moves off the restriction state, a silent push notification or your application entering the foreground notifies the SDK of the state change. This state change automatically reconfigures the SDK for use, based on your last-used configuration settings.

Do Not Track mode marks a contact, identified by the SDK’s contact key string, as restricted from tracking activities. This setting restricts certain data operations that collect or act upon Personally Identifiable Information (PII).

If a contact has been moved to Do Not Track mode, the SDK restricts functionality after it receives the first change in mode from the server, either via a silent push notification or when your application enters the foreground.

While enabled, this state completely disables behavioral analytic tracking, geofences, and beacons, while push notifications and inbox functionality continue to work. While in the Do Not Track state, the SDK can still track ‌message delivery receipts and changes in registration attributes, such as tags and attributes.

Behavioral analytic tracking includes these events.

• User events
• Message open events
• App open and close events

If the contact moves out of the Do Not Track state, the SDK receives notification of the change in state, either via a silent push notification or when your application enters the foreground. This change automatically reconfigures the SDK for use, based on your last-used configuration settings.

For Android apps, implement version 5.5.0 or later of the MobilePush SDK. This version of the SDK uses the necessary underlying architecture to enable data compliance functionality.

For iOS apps, implement version 5.1.0 or later of the MobilePush SDK. This version of the SDK uses the necessary underlying architecture to enable data compliance functionality. Also enable background refresh in your app to make sure that silent pushes work as expected. For more information on data protection, see iOS Data Protection.