At present, the App Store pays more and more attention to the privacy protection of platform users. Before downloading any application on the Apple platform, users will better understand the privacy practices of the application. On the product page of each application, users can learn about certain types of data that the application may collect, and whether that data is linked to them or used to track them. You need to provide information about the privacy practices of the application in App Store Connect, including the practices of third-party partners who integrate your code into the application. This information is required to submit new applications and application updates to the App Store.
Answer application privacy questions
When you are ready to choose an answer from the options provided in App Store Connect, please keep the following in mind:
- You need to identify all data collected by you or your third-party partner, unless the data meets all the optional disclosure standards listed below.
- The privacy practices of your application should follow the App Store Review Guidelines and all applicable laws.
- You are responsible for keeping your responses accurate and up-to-date. If your approach has changed, please update your response in App Store Connect. You can update the answer at any time without submitting an application update to change the answer.
Account holders and administrators can learn how to enter their responses in App Store Connect.
The purpose of tags is to help your customers understand what data is collected from your application and how to use it. For this reason, before answering the questions in App Store Connect, you need to understand the types of data that you and/or your third-party partners collect from your application. Remember, even if you collect data for reasons other than analytics or advertising, you still need to declare the data. For example, if you collect data only for the purpose of app functionality, please declare the data on the label and indicate that the data is only used for this purpose.
“Collecting” means transmitting it to the device in a way that allows you and/or your third-party partners to access the data for longer than the time required to process the transmitted request in real time.
“Third-party partner” refers to the analysis tool, advertising network, third-party SDK, or other external provider that you add code to the application.
Data types that meet all of the following conditions are optional and can be made public:
- The data is not used for tracking purposes, which means that the data is not linked to third-party data for advertising or advertising evaluation, nor is it shared with data agencies. See the “Tracking” section for details.
- This data is not used for third-party advertising, your advertising or marketing purposes or for other purposes, as these terms are defined in the “Tracking” section.
- Data collection only occurs when it is not part of the main function of your application and is optional for users.
The data is provided by the user in your application interface. The user can clearly know what data to collect. The user name or account name will be highlighted in the submission form along with other data elements being submitted, and the user must select each Provide the data to be collected.
The data type must meet all conditions in order to be considered publicly optional. If the type of data collected by your app meets some (but not all) of the above criteria, it must be disclosed in App Store Connect.
Examples of data that may not need to be disclosed include data collected in the form of optional feedback or customer service requests that are not related to the main purpose of the application and meet the other conditions described above.
For the sake of clarity, the data collected continuously after the initial request for permission must be disclosed.
Standardized financial service disclosure
The types of data collected by the app that can promote regulated financial services and the types of data collected that meet all the following criteria are optional, and they can be made public:
- Collect regulated data in accordance with applicable financial services or data protection laws or regulations (such as GDPR or GLBA), and in accordance with legally required privacy notices
The application collects these data only when it is not part of the main function of the application, and these situations are optional for the user.
- Such notice stipulates that data cannot be shared with non-associated third parties to sell other products and services.
- Such data will not be linked to third-party data for advertising, nor will it be shared with data agencies, except for fraud detection or prevention or security purposes, or with consumer reporting agencies for credit reporting.
The data type must meet all conditions in order to be considered publicly optional. If the type of data collected by your app meets some (but not all) of the above criteria, it must be disclosed in the “Privacy” section.
Health Research Disclosure
The type of data collected as part of the health research, and the type of data collected that meets all of the following criteria are optional for disclosure:
- The data is collected by an entity whose data collection must be subject to an informed consent (ICF), which is part of a health research that is reviewed and approved by an institutional review board or an ethics review board.
- All such data collection must follow the relevant app store guidelines and the data must not be used for tracking purposes.
If the type of data collected by your app meets some (but not all) of the above criteria, it must be disclosed in the “Privacy” section.
See the list of data types below and compare it with the data collection practices in the application.
You should have a clear understanding of how you and your third-party partners use each type of data.
For example, collecting email addresses and using it to authenticate users and personalize the user experience in your application will include application features and product personalization.
Link to user data
You need to determine whether you and/or your third-party partner link each data type to the user’s identity (through their account, device or other details). The data collected from the application is usually associated with the user’s identity, unless specific privacy protections are set up to de-identify or anonymize it before collection, such as:
- Before collection, strip data of any direct identifiers (such as user ID or name).
- Process data to break the link and prevent relinking to real-world identities.
In addition, in order not to link the data to the identity of a specific user, certain activities must be avoided after collection:
- You must not attempt to link data back to the identity of the user.
- You must not bind data to other data sets so that it can be linked to the identity of a specific user.
Note: “Personal Information” and “Personal Data” defined in the relevant privacy laws are considered to be linked to users.
You need to know whether you and/or your third-party partners use the data in the app to track users, and if so, what data is used for this purpose.
“Tracking” refers to the data collected from your application about a specific end user or device (such as user ID, device ID or profile) and third-party data linked together for the purpose of targeted advertising or advertising evaluation , Or share from your app about specific end users or devices with data agents.
“Third Party Data” means any data about a specific end user or device collected from applications, websites or offline properties that you do not own.
Examples of tracking include:
- Display targeted advertisements in your application based on user data collected from applications and websites owned by other companies.
- Share device location data or email lists with data agents.
- Share a list of emails, advertising IDs, or other IDs with third-party advertising networks that use this information to retarget these users as target users or find similar users in other developers’ apps.
- Place a third-party SDK in your app and combine user data in your app with user data in other developer apps to target ads or measure advertising efficiency, even if you don’t use the SDK for these purposes. For example, use the login SDK to repurpose the data collected from your application to enable targeted advertising in other developers’ applications.
The following situations are not regarded as tracking:
- When the data is only linked on the end user’s device and not sent from the device in a way that can identify the end user or device.
- When a data broker only uses the data it shares for fraud detection, prevention or security purposes, and only on your behalf.
Privacy options (optional): A publicly accessible URL where users can learn more about their privacy options for your app and how to manage them. For example, a web page where users can access their data, request deletion or make changes.
Your app has web views.
You must declare data collected through network traffic, unless you enable users to browse open networks.
You collect and store IP addresses from users.
Declare the relevant data type based on the way you use the IP address, such as precise location, rough location, device ID or diagnosis.
You provide in-app private messaging between users who are not SMS text messages.
Declare the email or text message on the label. SMS refers to both SMS messages and non-SMS messages.
Your application contains game saving, multiplayer matchmaking or game logic.
Declare the content of the game on the label.
You collect different types of data from users based on whether they are children, free or paid users, whether they choose to join, place of residence or other reasons.
You use Apple frameworks or services, such as MapKit, CloudKit, or App Analytics.
If you collect data about an application from an Apple framework or service, you should specify the data collected and how it will be used. You are not responsible for disclosing the data collected by Apple.
You can use location, device identifiers, and other sensitive data, but only on the device, and the data will never be sent to the server.
Data that is only processed on the device will not be “collected”, and there is no need to disclose this data in your answers. If you obtain any information from this data and send it outside the device, you should consider the obtained data separately.
You collected the precise location, but immediately unmarked and coarsened it before storing.
Disclosure that what you collected is a “rough location” because the precise location data will be coarsened immediately and the precise location will not be stored.
Your application contains free-form text fields or voice recordings through which users can save any type of information they want, including names and health data.
Mark “other user content” to indicate a general free-form text field, and mark “audio data” for voice recording. You are not responsible for disclosing all possible data that users can manually enter in the app through free-form fields or voice recordings. However, if you require users to enter a specific type of data (such as their name or email) in a text field, or if you have a feature that allows users to upload a specific type of media (such as photos or videos), you need to disclose the specific type of data.
You collect data to process the request, but do not retain the data after the request is processed.
“Collecting” refers to transmitting data from the device and storing the data in a readable form for longer than the time required by you and/or the third-party partner to process the request. For example, if an authentication token or IP address is sent in a server call but the authentication token or IP address is not reserved, or if the data is sent to your server and then discarded immediately after servicing the request, Then you do not need to connect in the App Store.