link_privacy_policy_mobile

In short...

...for mobile apps, you should consider adding your privacy policy in 3 places:

  • 1. into the actual app (menu?);
  • 2. onto the app store as a link;
  • 3. onto the the promitional website, if you have one.

The mere fact that privacy policies should not a be simple afterthought for developers and app owners has probably sunken in with most people by now. There are various reasons why you should add a privacy policy to your app, many of which can be traced back to California's Attorney General and her efforts to do something about the situation for privacy in apps.

Where I still see a lot of potential for improvement at the moment is the way the privacy policy is displayed for an app. I always rejoice when I see a product using our policies in an efficient and fine way. Therefore, I am now publishing a quick guide to showcase how you could effectively embed a privacy policy in your app.

To illustrate this guide I am going to use Wordbase, an app that recently started using iubenda and made a good impression with their implementation practices.

Minimal theory about privacy policies in apps

Data protection authorities have been working on improving the privacy situation in apps for a good while now. There's a fair amount of guidance and documentation to be found about that fact. This should not be a surprising development, mobile phones are becoming devices with access to our most intimate details. This trend will continue.

The basic premise is that when the use of your app involves processing of personal data of individuals, privacy laws will kick in. One of the consequences is the required disclosure of your data processing to your users and that information should be made readily available before a mobile app is downloaded.

How should you link to your privacy policy in your app?

So let us move to this article's main question: how should you link your privacy policy for your app?

To illustrate that, I will use a quote from Europe's Article 29 Working Party which is a sort of think tank regarding European data protection practices (emphasis added, you can view the paper in full here and mainly under 3.7.2 the form of the information):

The essential scope of information about data processing 1) must be available to the users before app installation, via the app store. Secondly, the relevant information about the data processing 2) must also be accessible from within the app, after installation.

As a joint controller with the app developers with regard to information, app stores must ensure that every app provides the essential information on personal data processing. They should check the hyperlinks to included pages with privacy information and remove apps with broken links or otherwise inaccessible information about the data processing.

Make sure your users can view the policy before the installation. They should also be able to view the "relevant information about the data processing" from within the app.

The Working Party recommends that information about personal data processing is also available, and easy to locate, such as within the app store 3) and preferably on the regular websites of the app developer responsible for the app. It is unacceptable that the users be placed in a position where they would have to search the web for information on the app data processing policies instead of being informed directly by the app developer or other data controller.

Make your policies available where people are viewing your app.

At the very least, every app should have a readable, understandable and easily accessible privacy policy, where all the above mentioned information is included. Many apps do not meet this minimum transparency requirement. According to the June 2012 FPF study, 56% of the paid apps do not have a privacy policy, and almost 30% of the free apps.

Apps which do not, or are not intended for the processing or personal data, should clearly state this within the privacy policy.

Therefore add your privacy policy to

  1. the app store page
  2. within the app, preferably in the main settings view
  3. and on your promotional site that is connected with the app

1) Privacy policy in the app

On websites a privacy policy belongs in the footer or any other main navigation that is easily available from virtually any page. For apps this is a bit more complicated because of space constraints, but mostly there will be a a great spot in a settings or navigation list.

Example Wordbase app:

wordbase_app

I'm happy for this example, because I'd suggest a small improvement. The privacy policy is where it belongs, in the main settings view (or in other words, where you'd expect it). There is however no reason to tuck it away below the list (the reasoning may have been that the full phrase "Read our privacy policy" doesn't fit). A simple continuation in the list styling and adding "Privacy Policy" would've been better.

2) Privacy policy on the app store page

This one is important. Make the privacy policy available before the download on the app store. The stores have dedicated link forms for this. Iubenda makes this very easy, just grab the link for your generated privacy policy and paste it there.

Example Wordbase app on the App Store:

wordbase2

Since there are various app store systems out there, we've made a few guides to help you find your way around:

3) Privacy policy on your website

At last but not at least, make use of your online real estate and link to your privacy policy from your app's page as well.

Example website Wordbaseapp.com:

wordbase

All of this is really just a consequence of informing your users before their usage of your app and shouldn't be too hard to do. Yet so many developers/app owners don't do this consequently. Don't be one of them, do it right.

 

Let us help you generate a privacy policy for your app

4) BONUS TIP: Privacy policy offline mode

Some privacy authority bodies request that a privacy policy be available within the app in offline mode. In that case you would need to embed the privacy policy text in a view to be available without an internet connection. With iubenda you'd just embed the policy in a view in your app and cache the content to stay available also in offline mode.

Launch: Mobile Apps Privacy Policy GeneratorPrivacy Policy for 2Checkout.comPrivacy Policy in German?

About Us

Iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app
www.iubenda.com

Generate a privacy policy now

Ready in a few steps and built to meet the needs of both website and mobile app owners

Generate your privacy policy now
RSS FEED

Sometimes the best choice is to "just give it a try"

Iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app

Generate your privacy policy now