Apple App Store Logo

Apple Now Requiring All Apps to Have a Privacy Policy Starting October 3

Last night, Apple updated privacy policy requirements and notified developers through the App Store Connect. This is the tool which developers use to upload their apps to the App Store for approval.  The change requires that all new apps and updates include a link to the developers privacy policy.  The new rule comes into effect October 3.

The change impacts non-subscription apps mostly.  A subscription app has required a privacy policy link via the URL metadata field in the app.  Now all apps are required to utilize that field.  Even if the app does not connect to the internet, the developer is now required to have a site with the privacy policy for the app.

Apple is clear with developers on what they expect in this policy.  It must identify what data the app collects, how it goes about do that, and how that data is used.  Further, app developers are now required to confirm how third party frameworks within their app complies with the app’s privacy policy.  The app must also clearly explain data retention policies and how a user can revoke consent and request data deletion.

To be clear, if an app in the App Store doesn’t have a privacy policy now, it will not be removed from the store.  Rather, the developer will not get any update or any new app after October 3 approved if it doesn’t have it.

The changes are likely in response to the new European GDPR which requires privacy policies and the ability for users of apps and services to be able to get their data from the developer or request that it be deleted.

Leave a Reply

%d bloggers like this: