Updated: 30.06.2014
This page answers the question why and how you should add a privacy policy to your iOS app and how you can add it to the App Store.
For an overview of the legal requirements head back to the main page.
1) Am I required by Apple's App Store to post a privacy policy?
There is no flat out prerequisite to have a privacy policy to submit your app to the app store with a couple of exceptions:
- if your apps are targeting kids under the age of 13 (as of iOS 7);
- apps that link against HealthKit (as of iOS 8);
- apps that link against HomeKit (as of iOS 8);
- apps that are third party keyboards (as of iOS 8);
- apps that use Apple Pay (as of iOS 8);
As of iOS 8 Apple has worked hard on privacy for users and therefore here's an excerpt from slides called User Privacy on iOS 8 and OS X:
From User Privacy on iOS 8 and OS X
Important for all apps to have one, required for some app categories.
- x Apps that link against HealthKit
- x Apps that link against HomeKit
- x Third party keyboards
- x Kids
Apple's docs state in general that you have to follow relevant privacy laws. Some excerpts of these docs (iOS Developer Program License Agreement, Apple App Store Review Requirement) are printed below.
From the Apple App Store Review Requirement Docs
"Apps cannot transmit data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used" (Section 17.1 of the App Store Review Guidelines).
So while they do not directly require you to conspicuously post a privacy policy in any case, there is a clear indication that you have to inform your users about data processing.
From the Docs II
Developers must provide clear and complete information to users regarding collection, use and disclosure of user or device data. (Section 3.3.10 of the iOS Developer Program License Agreement)
About including URLs into the submission process
Apps should have all included URLs fully functional when you submit it for review, such as support and privacy policy URLs. (Section 3.12 of the App Store Review Guidelines)
About apps for kids
Apps that collect, transmit, or have the capability to share personal information (e.g. name, address, email, location, photos, videos, drawings, persistent identifiers, the ability to chat, or other personal data) from a minor must comply with applicable children's privacy statutes
The latest paragraph about kids' privacy is mainly a hint at COPPA, a regulation that tries to protect the privacy of children in the United States (which is an acronym for Children's Online Privacy Protection Act)
2) How do I add/edit my privacy policy on the App Store?
This section is for the link to your privacy policy on the App Store and not in the actual app. There is a link form for privacy policy URLs when you submit your app for review. Fill that in.
When you visit the app page that the store generates for you, e.g.
https://itunes.apple.com/app/idxXxxXXXetc,
you will not find that privacy policy link (yet). This is only the case however, because Apple decided not to show it there yet, for some reason. You will find the link when opening the app in an iTunes window:
Now you're all ready. Let's do it. If you want you can read the original longer post on the iubenda blog.
The goal of this guide is to give you the right tools to make and place your privacy policy correctly in many languages.
Submit a pull request anytime.