Updated September 14, 2023
A mobile app privacy policy shares the collection and management of personal information (data) with its users. Every mobile app collects tracking data, whether through the app’s platform (iOS or Android) or if the app allows users to make an account (e-mail + password).
Is It Required?
Yes, it is required by both guidelines of the App Store (iOS) and Google Play Store (Android). This can be a simple document that informs users that their data is trackable and their right to terminate.
Table of Contents |
How to Add a Privacy Policy (mobile app)
It is required that a privacy policy be added in 2 places, on the app’s profile page and within the app itself.
Website Required
Both iOS and Android require a privacy policy to be added via a web address (URL). They do not allow uploading the document. Therefore, a mobile app is required to have a website that contains a privacy policy.
Adding to the App Store (iOS) (6 steps)
- Signup or Login to Apple Store Connect
- Application Process (TestFlight)
- Disclosing to Apple
- Data Collection
- Questions and Answers
- View App Profile Page
1. Signup or Login to Apple Store Connect
2. Application Process (TestFlight)
Apply for your app to be displayed in the App Store (via TestFlight). During the process, you will be allowed to test the app and enter essential information, including the URL where the privacy policy is located. The App Store does not allow uploading the privacy policy.
This is often the same URL where the privacy policy is located for the website connected to the mobile app.
3. Disclosing to Apple
After submission, it is time to inform the App Store of what you collect. This can be done in the same area under the header “Data Types.” It will show, by default, that you do not collect any data on your users.
To change this, click the blue “Edit” button and select the data that the website collects, such as:
5. Questions and Answers
If “Yes” is selected, Apple will ask questions to inform users of the collected data. Such questions are as follows:
- Contact Info
- Name
- Email Address
- Phone Number
- Physical Address
- Other User Contact Info
- Health & Fitness
- Health
- Fitness
- Financial Info
- Payment Info
- Credit Info
- Other Financial Info
- Location
- Precise Location
- Coarse Location
- Sensitive Info
- Contacts
- User Content
- Emails or Text Messages
- Photos or Videos
- Audio Data
- Gameplay Content
- Customer Support
- Other User Content
- Browsing History
- Search History
- Identifiers
- User ID
- Device ID
- Purchases
- Usage Data
- Product Interaction
- Advertising Data
- Other Usage Data
- Diagnostics
- Crash Data
- Performance Data
- Other Diagnostic Data
- Other Data
Click “Publish,” and on your App Page, it will display a link to your privacy policy and a preview of the data collected by the app.
Adding to the Google Play Store (Android) (3 steps)
Displaying Within the App
The privacy policy must also be linked within the app itself. According to CCPA and GDPR, it must be in an easily accessible location and is recommended to be in the Settings or Profile area.
For example, on Instagram, the Privacy Policy is located within Settings > About > Privacy Policy and is linked to the same policy used on its website.