▸Example mParticle call (the "before")
import mParticle_Apple_SDK
let options = MParticleOptions(key: "YOUR_KEY", secret: "YOUR_SECRET")
options.identifyRequest = MPIdentityApiRequest.withEmptyUser()
options.identifyRequest?.email = email
options.identifyRequest?.customerId = userId
MParticle.sharedInstance().start(with: options)
let event = MPEvent(name: "Paywall Purchase", type: .transaction)
event?.customAttributes = ["value": price, "currency": "USD"]
MParticle.sharedInstance().logEvent(event!)Every third-party SDK is a supply-chain surface — manifest permissions, network endpoints, transitive dependencies. The biggest reduction in privacy footprint often comes from simply shipping fewer SDKs. Respectlytics has zero ads, attribution, or routing dependencies — it's one HTTPS endpoint.
☑Remove mParticle cleanly
-
1
Remove the mParticle SDK from your build (
mParticle-Apple-SDK/mparticle-android-sdk/react-native-mparticle/mparticle_flutter_sdk) -
2
Remove
MParticle.start()andMParticle.logEvent(...)call sites -
3
Critically: review your mParticle output forwarders and decide which downstream destinations you still need data flowing to (most don't — Respectlytics is direct)
-
4
Delete
Identity.identify()andmodify()calls — those drive the identity merge graph -
5
Delete the mParticle workspace's mobile input once events have stopped flowing
⇋mParticle vs Respectlytics — fewer third-party sdks
| mParticle | Respectlytics | |
|---|---|---|
| Direct ad / tracking dependencies | — see tool note above | Zero |
| Pulls Google Play Services | — typically yes | No |
| Auto-merged manifest permissions | Often (AD_ID, ACCESS_NETWORK_STATE, etc.) | None added |
| Number of HTTP endpoints contacted | Multiple (varies) | One (Respectlytics API) |
| Open-source SDK | — varies by tool | Yes (MIT-licensed) |
❓Frequently asked questions
How do we audit our current dependency tree?
iOS: swift package show-dependencies (SPM) or pod outdated (CocoaPods) lists the tree. Android: ./gradlew :app:dependencies --configuration releaseRuntimeClasspath. RN: npm ls --all. Flutter: flutter pub deps. Our [Dependency Privacy Scanner](/tools/dependency-privacy-scanner/) parses lockfiles from any of these and tells you which deps are forcing which privacy labels.
What if we still need install attribution?
First-party alternatives without an SDK: Apple SKAdNetwork (iOS), AdAttributionKit (iOS 17.4+), Google Play Install Referrer API (Android). These are built into the OS — your ads platform reads them directly. No mobile SDK required.
What about crash reporting and push notifications?
Those are separate concerns with their own SDKs — Sentry / Crashlytics / Bugsnag for crashes; OneSignal / FCM / APNs for push. Respectlytics doesn't bundle them in; you pick the dedicated SDK for each surface.
Does shipping fewer SDKs measurably improve app size or cold start?
Often, yes — measurably. Removing Firebase + AppsFlyer + Segment from a typical RN app can shave several megabytes of bundle and 100-300ms off cold start. See the [SDK Bundle-Size Comparator](/tools/sdk-bundle-size-comparator/) for specific numbers.