As is the case with Microsoft privacy themes, the Apple App Store prioritizes the user’s understanding of privacy practices before downloading an app on any Apple platform. The type of data collected and how it is used is an important part of the user’s expectations. Consequently, privacy protocols are closely tied to the reputation of your app and more broadly, your brand.
As more public are brought into the online experience, the marketing pressure on them has risen exponentially. Increasingly more sophisticated algorithms, based on personal data and profiles, track them everywhere. Significant consumer pushback plus a desire to close loopholes that exploit privacy unethically, has caused Apple and all other platforms and operating systems to continually evolve their privacy and security policies and reject apps that fail to comply with current requirements.
What follows are key points that can help you when choosing options in App Store Connect (requires login) when you submit app updates and new apps.
Your Product Page Statements
Your app’s product page should make the following clear:
- The data types your app may collect.
- The data types your third-party partners collect, if any.
- Whether that data is linked to the user personally.
- If the data will be used to track the user.
Remember that “third-party partners” is defined as any external vendor code you’ve added to your app including analytics tools, SDKs, and also advertising networks.
Types of Data
This is a list of data types that are relevant to your app submission. You must identify which data types in your app are linked by you or your third-party partners to the user’s identity. Exceptions are when specific privacy protection filters are in place – before data is collected – that anonymizes the user.
- Contact info. Any and all personal info that can be used to contact the user outside the app.
- Health and Fitness. Any and all health, medical, and fitness/exercise data.
- Financial info.
- Location. Precise or general.
- Sensitive info. Such as racial, sexual, disability, beliefs, politics, etc.
- Contacts. User’s phone, address book, and friend lists.
- User generated content. Including email and text message details
- Browsing history.
- Search history.
- Identifiers.
- Purchases.
- Usage data. Product interaction, advertisements seen, etc.
- Diagnostics. Any and all data collected to measure technical diagnostics related to the app.
Data Use
How each data type is used should be clearly understood by the app marketer and any third-party partners. They commonly fall under these general categories: marketing/advertising, analytics, personalization, and functionality. Frequently a data type has more than one use. Understanding this will help guide you to the right set of compliances.
Privacy Links
Privacy links on your product page enable a user to easily access your privacy policy and manage their data options. What is minimally required is a URL to a publicly accessible privacy policy. What is not required, but a good idea, is a publicly accessible URL where a user can educate themselves on their privacy choices for your app and manage them, including changes and deletion.
For more information, go here.
For the full Apple App Store review guidelines, go here.