ios_10_app_review_guidelines_redone

We have post called Privacy Policies for iOS Apps that goes into depth about how to provide your privacy policy on the App Store and in iTunes Connect. This post sees frequent updates, whenever iOS changes, so it’s always up to date for our readers.

Post WWDC 2016 something remarkable happened, which is why here’s a dedicated post about these changes. Apple has changed their App Store Review Guidelines completely and the relevant parts about privacy policies has also seen some consolidation (link to the updated App Store Review Guidelines).

Previously, there were 30 sections going into various topics, now the load has been reduced to 5 sections containing 6000 words+. If you’re interested you find the previous slight changes in this nice tool called AppStoreReviewGuidelinesHistory, by the way. 

You will also find the old statements taken from the old App Store Review Guidelines regarding privacy policies posted at the bottom of this post, just in case you were curious.

5 sections in the new App Store Review Guidelines, one section for legal issues

The introduction now states:

The guiding principle of the App Store is simple – we want to provide a safe experience for users to get apps and a great opportunity for all developers to be successful. We have updated the App Review Guidelines with that principle in mind. The guidelines themselves haven’t changed, but they are better organized and provide more context. On the following pages you will find guidelines arranged into five clear sections: Safety, Performance, Business, Design, and Legal. 

And it’s true, while before there were rules in place about child privacy, now Apple is going out of their way to explain why these rules are there: “it is critical to use care when dealing with personal data from kids, and we encourage you to carefully review all the requirements for complying with laws like the Children’s Online Privacy Protection Act (“COPPA”) and any international equivalents“.

Privacy related questions can now be found under 5), the privacy section. We’re highlighting the most relevant parts:

  • (i) Apps that collect user data must have a privacy policy and secure user consent for the collection. This includes—but isn’t limited to—apps that implement HealthKit or other health/medical technologies, HomeKit, Keyboard extensions, Apple Pay, include a login, or access user data from the device (e.g. location, contacts, calendar, etc.). – (from 5.1.1)
  • Moreover, apps in the Kids Category or those that collect, transmit, or have the capability to share personal information (e.g. name, address, email, location, photos, videos, drawings, the ability to chat, other personal data, or persistent identifiers used in combination with any of the above) from a minor must include a privacy policy and must comply with all applicable children’s privacy statutes. For the sake of clarity, the parental gate requirement for the Kid’s Category is generally not the same as securing parental consent to collect personal data under these privacy statutes. – (from 5.1.4)

Right now the guidelines say, “Note: We will update these guidelines in the coming weeks for the subscription changes launching this fall.” – so we might see some additional privacy policy related guidelines from Apple sooner or later.

If you want to read about how to provide a privacy policy url to your iOS app, you can do so by reading the post linked above.

—-

Old App Store Review Guidelines statements:

  1. Rule targeting children: “Apps that collect, transmit, or have the capability to share personal information (e.g. name, address, email, location, photos, videos, drawings, the ability to chat, other personal data, or persistent identifiers used in combination with any of the above) from a minor must comply with *applicable children’s* privacy statutes, and must include a privacy policy”
  2. Kids category: “Apps in the Kids Category must include a privacy policy and must comply with applicable children’s privacy statutes”
  3. User registration: “Apps that include account registration or access a user’s existing account must include a privacy policy or they will be rejected
  4. Keyboards: “Apps offering Keyboard extensions must provide keyboard functionality (e.g. typed characters), have a primary category of Utilities and a privacy policy or they will be rejected
  5. HomeKit: “Apps using the HomeKit framework must have a primary purpose of providing home automation services
  6. HealthKit: “Apps using the HealthKit or CareKit frameworks or conducting human subject research must provide a privacy policy or they will be rejected
  7. Apple Pay: “Apps using Apple Pay must provide a privacy policy or they will be rejected

Privacy Policy for iOS AppsApple's App Review Guidelines Updates Privacy Policy Related SectionsPrivacy Policy Requirement Changes for iOS 8

About Us

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app
www.iubenda.com

Generate a privacy policy now

Ready in a few steps and built to meet the needs of both website and mobile app owners

Generate your privacy policy now
RSS FEED

Sometimes the best choice is to "just give it a try"

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app

Generate your privacy policy now