javaandroidbranch.iofabric.ioattribution

Branch.io (Android SDK) and GDPR


I want my app to be GDPR compliant. It means that I want to avoid to launch any tool like Branch.io as long as the user did not give its consent.

My problem is that the Branch.io documentation https://docs.branch.io/pages/apps/android/ mentions that I have to put the following code in my launcher activity :

@Override
    public void onStart() {
        super.onStart();

        // Branch init
        Branch.getInstance().initSession(new Branch.BranchReferralInitListener() {
            @Override
            public void onInitFinished(JSONObject referringParams, BranchError error) {
                if (error == null) {
                    Log.i("BRANCH SDK", referringParams.toString());
                } else {
                    Log.i("BRANCH SDK", error.getMessage());
                }
            }
        }, this.getIntent().getData(), this);
    }

    @Override
    public void onNewIntent(Intent intent) {
        this.setIntent(intent);
    }

It is also mentioned in the doc :

Only initialize Branch in the Launcher activity

The app will open through the Launcher activity, where Branch will initialize and retrieve the deep link data from the link click.

So, I don't see how to make something GDPR compliant. Indeed, if this code really needs to be executed in the onStart of the launcher activity, I don't have time to execute it before the user gave its consent.

Is there any workaround?


Solution

  • In the same documentation, there is an explanation about how to disable tracking by Branch SDK, so your application is GDPR compliant, but still keep all the SDK features. Here's the anchor to that section.

    All you need to do is implement the following code right before calling the initSession():

    Branch.getInstance().disableTracking(true);

    You will need to build out the handling of this line based on whether the user gave a consent for tracking or not.