▸Example Flurry call (the "before")
import Flurry_iOS_SDK
let builder = FlurrySessionBuilder.init()
.withAppVersion("1.0")
.withLogLevel(FlurryLogLevelAll)
.withCrashReporting(true)
Flurry.startSession(apiKey: "YOUR_FLURRY_KEY", sessionBuilder: builder)
Flurry.log(eventName: "Purchase", parameters: [
"user_id": userId,
"value": String(price),
"currency": "USD",
])Every third-party SDK is a supply-chain surface — manifest permissions, network endpoints, transitive dependencies. The biggest reduction in privacy footprint often comes from simply shipping fewer SDKs. Respectlytics has zero ads, attribution, or routing dependencies — it's one HTTPS endpoint.
☑Remove Flurry cleanly
-
1
Remove
pod 'Flurry-iOS-SDK/FlurrySDK'fromPodfile -
2
Remove
implementation 'com.flurry.android:analytics:...'frombuild.gradle -
3
Remove
react-native-flurry-analyticsfrompackage.jsonif used -
4
Remove
Flurry.builder().build(...)initialisation andFlurry.logEvent(...)call sites -
5
If you used Flurry's Configuration Provider for remote config, plan a separate migration (e.g., Firebase Remote Config, GrowthBook)
-
6
Delete the Flurry app entry once events stop flowing (the dashboard may already be sunset by the time you migrate)
⇋Flurry vs Respectlytics — fewer third-party sdks
| Flurry | Respectlytics | |
|---|---|---|
| Direct ad / tracking dependencies | — see tool note above | Zero |
| Pulls Google Play Services | — typically yes | No |
| Auto-merged manifest permissions | Often (AD_ID, ACCESS_NETWORK_STATE, etc.) | None added |
| Number of HTTP endpoints contacted | Multiple (varies) | One (Respectlytics API) |
| Open-source SDK | — varies by tool | Yes (MIT-licensed) |
❓Frequently asked questions
How do we audit our current dependency tree?
iOS: swift package show-dependencies (SPM) or pod outdated (CocoaPods) lists the tree. Android: ./gradlew :app:dependencies --configuration releaseRuntimeClasspath. RN: npm ls --all. Flutter: flutter pub deps. Our [Dependency Privacy Scanner](/tools/dependency-privacy-scanner/) parses lockfiles from any of these and tells you which deps are forcing which privacy labels.
What if we still need install attribution?
First-party alternatives without an SDK: Apple SKAdNetwork (iOS), AdAttributionKit (iOS 17.4+), Google Play Install Referrer API (Android). These are built into the OS — your ads platform reads them directly. No mobile SDK required.
What about crash reporting and push notifications?
Those are separate concerns with their own SDKs — Sentry / Crashlytics / Bugsnag for crashes; OneSignal / FCM / APNs for push. Respectlytics doesn't bundle them in; you pick the dedicated SDK for each surface.
Does shipping fewer SDKs measurably improve app size or cold start?
Often, yes — measurably. Removing Firebase + AppsFlyer + Segment from a typical RN app can shave several megabytes of bundle and 100-300ms off cold start. See the [SDK Bundle-Size Comparator](/tools/sdk-bundle-size-comparator/) for specific numbers.