← Back to NEXQ Legal Center

Contract effective date: September 18, 2024. Runtime consent, request, security, audit, and deployment timestamps remain factual records.

Mobile SDK, Permissions and Tracking Policy

Purpose

This policy governs mobile permissions, embedded SDKs, analytics, ads, attribution, push messaging, crash reporting, AI providers, cloud APIs and device identifiers.

Permission minimization

Ask for a permission only when the feature needs it. Provide a pre-permission explanation in plain language. Do not gate core service access behind unrelated permissions. Avoid background collection unless essential and disclosed.

SDK governance

No SDK may be added without:

Tracking gate

Analytics, ads, attribution, social pixels, session replay, crash data with personal information, heatmaps and AI telemetry must be classified. Non-essential tracking must be disabled by default where opt-in is required and must respect opt-outs where required.

Health and sensitive data

Health, biometric, precise location, children, financial, government ID and user content must not be routed through advertising or general analytics SDKs without a specific legal/security review.