5.1.1

Hi everyone, I recently received a Pending Termination Notice for my very first iOS application, and I’m extremely worried about losing my developer account. My app submission was initially rejected due to: The app may contain hidden features, functionality, or content. Specifically, the app may contain financial transactions without the necessary authorization. Apps that provide financial transactions without the necessary authorization do not comply with guidelines 3.2.2 and 5.1.1(ix). Users should never be misled about the apps they download. Attempting to hide features, functionality, or content in the app may lead to removal from the Apple Developer Program. I sent an appeal immediately, but after 13 days (March 14 – March 27), I received a Pending Termination Notice stating that my app violated section 3.2(f) of the Apple Developer Program License Agreement due to dishonest or fraudulent activity. I was shocked because my app is a simple Objective and Key Results (OKR) tracking application. Aft

Hello to all, I’m developing an app with expo.dev and I have a problem that I need help. I’m not using xcode but I’m publishing with eas cli, so I don’t generate the plist file. My app locates the device in real time to provide the weather situation at home and navigation route using google maps in a webview. Apple has rejected the app with this communication: One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. (Below the screen) My app use location for show to home the weather icon and for use route navigation in google maps inside a webview. With expo I have add string in app.json but is not enough. Someone can helpme? This is a part of code ios: { supportsTablet: true, bundleIdentifier: com.ikawalieridiakashi.it, googleServicesFile: ./assets/GoogleService-Info.plist, infoPlist: { ITSAppUsesNonExemptEncryption: false, N

App Rejected stating Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage Issue Description One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. My App is simple using MusicKit. My app has only two buttons and the user just taps them. ・search button : Search for Apple Music with auto-generated text and play previews. ・listen button : Listen to searched songs on Apple Music. NSAppleMusicUsageDescription key is the app requires Apple Music access to search for songs and to play the searched songs. I don't know how to fix it. Please let me know some advice.

Hello Apple Developer Community, We are experiencing a significant challenge during the App Store review process regarding the account requirement for our app's core chat functionality. Our app provides a personalized chat experience where users interact with out services. This interaction involves sending and receiving messages within a dedicated chat interface. The App Store Review team has cited Guideline 5.1.1 Legal: Privacy - Data Collection and Storage, stating that the app requires users to register before accessing the chat feature. We are struggling to understand how a chat feature, which inherently involves communication between distinct participants, can function without user accounts. By definition, chat is a dialogue between individuals. How can a system deliver personalized replies and maintain conversation history without identifying the user? We are unaware of any app on the App Store that offers a chat-like experience without requiring user login. To ensure user safety and provide a

I’m building an iOS app that collects user PII (emails, names) and stores it in my backend database. I already use HTTPS for data transfer, but I’m unsure if Apple requires server-side encryption for stored data. For example: If a user’s email is stored in plain text on my server (but transmitted securely via HTTPS), will this violate App Store guidelines? Does Apple explicitly mandate encryption-at-rest for PII, or is it just a recommendation? Are there exceptions for non-sensitive data like usernames? I checked App Store Review Guidelines §5.1.1, which says data must be stored securely, but it’s unclear if this requires encryption. Context: The app targets U.S. users (no GDPR/CCPA concerns). No financial/health data is involved. Is plain-text server storage of emails/names acceptable, or will this risk rejection? Thanks for any clarity!

Can anyone with experience successfully launching an app on the App Store help me? My app was recently rejected by Apple. It says my app didn’t comply with “Guideline 4.2 - Design - Minimum Functionality: The usefulness of the app is still limited by the minimal functionality it currently provides. Specifically, the app primarily offers content for users to view or use, with limited interactive features. Apps should provide valuable utility or entertainment, draw people in by offering compelling capabilities or content, or enable people to do something they couldn't do before or in a way they couldn't do it before.” And ”Guideline 5.1.1(v) - Data Collection and Storage: The app supports account creation but does not include an option to initiate account deletion. Apps that support account creation must also offer account deletion to give users more control of the data they've shared while using an app. Follow these requirements when updating an app to support account deletion: Only offering to tempor

After review it was mentioned We need additional information about the app's highly regulated services and/or handling of sensitive user data. The guideline 5.1.1(ix) requirements give users confidence that apps operating in highly regulated fields or that require sensitive user information are qualified to provide these services and will responsibly manage their data. Which companies or institutions provide the services offered in the app? -What is the relationship between [Name of Developer Account] and the providers of these services? The application is being developed for the Karnataka State Government, and the development and management of the app have been assigned as part of an official project. While the developer account used for publishing the application was purchased individually, it is associated with the development and maintenance of this project. The account facilitates app deployment and management while ensuring compliance with government requirements and security protocols. So Guid

I have add my domani and email address to Configure Sign in with Apple for Email Communication (https://developer.apple.com/account/resources/services/configure) and it pass SPF already but when it send from server that i setup is had Error Description : Permanament error. Please do not try again, according to the information returned by the other party to confirm the specific cause of the error. Cause:550 5.1.1 : unauthorized sender a mail service is on Alibaba Cloud the email that i want to sending to is ending with @privaterelay.appleid.com it that have any solve problem or i missing any thing else ?

we developed a pharmacy app for a client and we have business account but the app is rejected because of Guideline 5.1.1 if Everyone experience this issue till me how he's fixed it?

My app is getting rejected for this reason: Issue Description The app requires users to register or log in to access features that are not account based. Specifically, the app requires users to register before accessing any content. Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law. My app does require sign in tho like any social media app and the previous version had been approved no problem. I made an appeal which was rejected for the same reason and I am not getting an answer.

Hello, I have a subscription based app that has been rejected for 2.3.2 Performance: Accurate Metadata 3.1.2 Business: Payments - Subscriptions 5.1.1 Legal: Privacy - Data Collection and Storage I have added additional information to all of these areas, added links to the relevant privacy and usage pages. I am not sure why it keeps being rejected. I am missing some information but cannot see what is needed. Is there an example of the required information for a subscription based app for the localisation information. Currently the app needs a user account to access some of the features and the subscription provides access to that. A user with no account can access the free features without a login. Any pointers would be really appreciated

Hi, I am having a hard time understanding what I did wrong here. My app as a Login screen to authenticate the user, after which they are given to subscribe to either a monthly plan or a yearly plan(auto-renewed). After countless rejection, I guess I am failing to understand. This the message I received from the review team: Hello, Thank you for your question. Regarding guideline 5.1.1, Please note that although App Review Guideline 3.1.2 requires an app to make subscription content available to all the supported devices owned by a single user, it is not appropriate to force user registration to meet this requirement; such user registration must be optional.. Upon further review, additionally we found that your submission does not comply with the following guidelines: Guideline 2.3.2 - Performance - Accurate Metadata We noticed your free download app requires users to subscribe prior to accessing content or features, but this requirement is not clearly specified in your app description. Specifically,