▸Example Singular call (the "before")
import com.singular.sdk.Singular
import com.singular.sdk.SingularConfig
val config = SingularConfig("YOUR_API_KEY", "YOUR_API_SECRET")
config.withIMEICollection()
Singular.init(applicationContext, config)
Singular.event("sng_purchase", JSONObject().apply {
put("revenue", price)
put("currency", "USD")
put("user_id", userId)
})Every third-party SDK is a supply-chain surface — manifest permissions, network endpoints, transitive dependencies. The biggest reduction in privacy footprint often comes from simply shipping fewer SDKs. Respectlytics has zero ads, attribution, or routing dependencies — it's one HTTPS endpoint.
☑Remove Singular cleanly
-
1
Remove the Singular SDK from your build (
Singular-SDK/singular_sdk/singular-react-native) -
2
Remove
Singular.start(YOUR_API_KEY, YOUR_API_SECRET)andSingular.event(...)call sites -
3
Decide ATT posture — remove
NSUserTrackingUsageDescriptionif Singular was the only ATT-triggering SDK -
4
Remove the AD_ID permission from the Android merged manifest if no remaining SDK contributes it
-
5
Plan SKAdNetwork + Google Play Install Referrer as the first-party attribution replacement
⇋Singular vs Respectlytics — fewer third-party sdks
| Singular | Respectlytics | |
|---|---|---|
| Direct ad / tracking dependencies | — see tool note above | Zero |
| Pulls Google Play Services | — typically yes | No |
| Auto-merged manifest permissions | Often (AD_ID, ACCESS_NETWORK_STATE, etc.) | None added |
| Number of HTTP endpoints contacted | Multiple (varies) | One (Respectlytics API) |
| Open-source SDK | — varies by tool | Yes (MIT-licensed) |
❓Frequently asked questions
How do we audit our current dependency tree?
iOS: swift package show-dependencies (SPM) or pod outdated (CocoaPods) lists the tree. Android: ./gradlew :app:dependencies --configuration releaseRuntimeClasspath. RN: npm ls --all. Flutter: flutter pub deps. Our [Dependency Privacy Scanner](/tools/dependency-privacy-scanner/) parses lockfiles from any of these and tells you which deps are forcing which privacy labels.
What if we still need install attribution?
First-party alternatives without an SDK: Apple SKAdNetwork (iOS), AdAttributionKit (iOS 17.4+), Google Play Install Referrer API (Android). These are built into the OS — your ads platform reads them directly. No mobile SDK required.
What about crash reporting and push notifications?
Those are separate concerns with their own SDKs — Sentry / Crashlytics / Bugsnag for crashes; OneSignal / FCM / APNs for push. Respectlytics doesn't bundle them in; you pick the dedicated SDK for each surface.
Does shipping fewer SDKs measurably improve app size or cold start?
Often, yes — measurably. Removing Firebase + AppsFlyer + Segment from a typical RN app can shave several megabytes of bundle and 100-300ms off cold start. See the [SDK Bundle-Size Comparator](/tools/sdk-bundle-size-comparator/) for specific numbers.