My update app has been rejected, because of Guidelines 5.1.1 I don't know why this version is wrong with using account and deletion or something I'm not sure.. But actually I never add more complicated system, I just add a basic contents I wondering why before is Ok But this version is not even almost is the same things.
Search results for
5.1.1
400 results found
Selecting any option will automatically load the page
Post
Replies
Boosts
Views
Activity
Hello. We are making mobile games but our business model is a little bit different and this difference creates us problems during the app review process. The games we make are customizable(not directly by user but by with the data provided by the user). There is a base game and we change the game visuals, texts, musics etc. for each user with the data they provide during the sale. We take and process that data and each user can only access the game assets created from the data they sent us. Right now my app(And all my future apps) is getting rejected because of the following guidelines: Guideline 2.5.2 - Performance - Software Requirements During review, your app downloaded code that changes your app’s behavior or functionality for each users, which is not permitted on the App Store. (Which is basically the main idea behind our project) Guideline 4.0 - Design We noticed that the user is taken to the default web browser to sign in or register for an account, which provides a poor user experience. Guideline 5.1.1
Topic:
App Store Distribution & Marketing
SubTopic:
App Store Connect
Tags:
iOS
App Review
App Store
App Store Connect
I am seriously taken aback by the efficiency of the App Review team. Jul 8, 2022 at 2:46 PM - We submitted our app on this date. Jul 9, 2022 at 10.47 AM - Our app was rejected due to 5.1.1 Legal - Data Collection and Storage. Jul 9, 2022 at 1.02 PM - I provided detailed information in relation to our business being in a highly regulated industry. Jul 13, 2022 at 8.22 AM - App Review Team replied stating that additional time is required to review. App Review status was changed to App In Review. Jul 13, 2022 at 8.36 AM - I received the same message that the issue previously identified requires our attention. Jul 13, 2022 at 1.42 PM - I replied again that information has been provided and it was confusing to have received another same App Rejection message. I contacted the App Review Team for assistance and was assured that my app will be reviewed. Jul 14, 2022 at 9.57 AM - App Review team replied that the team will continue the review and will notify if there are any further issues. 27 Jul, 2022 at 3.1
If you can create an account in the app, you need to be able to delete an account from the app too. Starting June 30, 2022, apps submitted to the App Store that support account creation must also let users initiate deletion of their account within the app. - from Offering account deletion in your app. The App Store Review Guidelines also state this is required in section 5.1.1(v), under Privacy > Data Collection and Storage > Account Sign-In. If your app supports account creation, you must also offer account deletion within the app.
Topic:
App Store Distribution & Marketing
SubTopic:
App Review
Tags:
As per Apple Store Review Guideline 5.1.1(iv), If your app supports account creation, you must also offer account deletion within the app. Here they have mentioned that “Deleting an account removes the account from the developer’s records, along with any data associated with the account that the developer isn’t legally required to maintain.” My question is - What all data comes under legally required to maintain term?
Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage We found in our review that your app does not meet all of our requirements for apps that offer highly regulated services or handle sensitive user data. Specifically: The account that submits the app must be enrolled in the Apple Developer Program as an organization, and not as an individual. The guideline 5.1.1(ix) requirements give App Store users confidence that apps operating in highly regulated fields or that require sensitive user information are qualified to provide these services and will responsibly manage their data. Next Steps To resolve this issue, it would be appropriate to take the following steps: Your app must be submitted through an Apple Developer Program account enrolled as an organization. You may either enroll in a new Apple Developer Program account as an organization, or request that your individual account be converted to an organization account by contacting Apple Developer Support. Please note that you c
Apple has a recent policy [5.1.1(ix)] requiring medical apps like mine to be submitted by healthcare organizations, not individual physician programmers like me. I have an app I worked on for a couple months, loaded it to AppStoreConnect, sent it out on Test Flight, good feedback, ready to release. But cannot release as individual physician. So went to my employer healthcare organization. They'd be happy to publish my app. I now have credentials within their developers account. When I try to upload my same app (rebuilt with new certificates and identifiers for organization), I can't get it to upload because Apple flags my upload as copying someone else's material -- I suspect my own material! It sees that Cardiovascular Risk app submitted under my healthcare organization is just like my cardiovascular Risk app submitted also by me under my personal developers account! If the app were already approved at least once, I could transfer it. But since never approved for the App Store, I cannot use the Tran
Topic:
App Store Distribution & Marketing
SubTopic:
App Store Connect
Tags:
App ID
iPad
App Store Connect
I received the mail below. Starting June 30, 2022, apps submitted to the App Store that support account creation must also include an option to initiate account deletion. We noticed this app may support account creation. If it already offers account deletion or you’re working to implement it, we appreciate your efforts to follow the App Store Review Guidelines. Apps submitted after June 30 that do not comply with the account deletion requirements in guideline 5.1.1(v) will not pass review. https://appleid.apple.com/auth/revoke However, the revoke api is not working properly. Even if you throw an incorrect key value, 200 is always returned. Is the API working properly? What should I do?
Hello, I have an application that's been in the works, and I came across App Store Review Guideline 5.1.1(v), and I had some questions as it seems like many people do in this forum. I think my biggest questions is ow will Apple review the actual deletion of a user? Developers can implement soft deletes where the data cannot be accessed by anyone outside of those that have access to the database. This obviously isn't sufficient, but Apple wouldn't be able to tell the difference, at least from the api.
I also do not save the token obtained with apple Sign in on my app. I could start saving it and revoke it when the user wants to delete the account, the issue is I always get invalid_client error no matter what client ID I use in the request. This is the last part in the Apple reminder email. If your app offers Sign in with Apple, use the Sign in with Apple REST API to revoke user tokens. https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens#discussion Is this really necessary to pass the app review? The token as a validity of 1 day, and users are not going to create and delete an account in the same day I guess. It seems that this API isto be used when using sign in with apple on the web. Can someone at Apple provide some explanations? Upcoming Requirement Reminder Note: This is a support message regarding upcoming requirements that may be relevant for your app. Starting June 30, 2022, apps submitted to the App Store that support account creation must also include an option to initiate a
Topic:
App & System Services
SubTopic:
General
Tags:
Here is the exact reason given for the rejection: We discovered one or more bugs in your app. Specifically, when attempting to login using the email address provided an error appears on the screen. Seeing an error on the screen in this case is expected because in a previous review, they deleted the account we provided them with. Now they cannot log in with that account anymore. Yes, we have already confirmed they have deleted the account. We did not explain to them not to delete their account, but maybe this is what we need to do to prevent them from testing this part of the app? Since there is not much documentation on how 5.1.1 is supposed to be tested by Apple reviewers, I don't really understand what we're expected to provide them (new credentials every time we submit in case they test to delete?). I'm just not really sure how other developers will be solving this problem. It seems like everyone will be in the same boat as soon as they add this functionality to their app by June 30. When we asked
Topic:
Privacy & Security
SubTopic:
General
Tags:
We recently added the ability for a user to delete their account as per the 5.1.1 guidelines. Our app was later rejected because the account we provide for logging in was deleted by an Apple reviewer. We can create a new account that reviewers can use to sign in, but how do we prevent this from happening again? I understand the desire to verify account deletion, but if reviewers are constantly deleting the account used for approval, we'll be in an endless cycle of rejections. What should we do?
Hi all We have recently had an issue with using a single sign on login concept in a submission which was flagged under Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage and we are wondering what the development best practices were in this circumstance. The reason being was because if the user did not already have an account, we provided a button which then loaded the 3rd parties registration form in a web frame. However the system we are using requires the users address and phone number for various reasons, although our app does not use that data at all - therefore we were told we are breaking the guidelines. Our app is not collecting, or storing any of this information (or even has visibility to it), and it is all covered in both ours, and the third parties privacy policies, however it seems that we are still violating the clause. My question to other developers and Apple support - is how is this dealt with in other apps that use larger SSO systems such as iCloud, Google and Facebook?
Hi there, I got my recent app rejected and they sent me this: We found in our review that your app does not meet all of our requirements for apps that offer highly regulated services or handle sensitive user data. Specifically: The account that submits the app must be enrolled in the Apple Developer Program as an organization, and not as an individual. The guideline 5.1.1(ix) requirements give App Store users confidence that apps operating in highly regulated fields or that require sensitive user information are qualified to provide these services and will responsibly manage their data. Next steps, To resolve this issue, it would be appropriate to take the >following steps: Your app must be submitted through an Apple Developer Program account enrolled as an organization. You may either enroll in a new Apple Developer Program account as an organization, or request that your individual account be converted to an organization account by contacting Apple Developer Support. Please note that you cannot
Hello Apple Devs We've been trying for a couple of weeks to get a clear answer on the following two questions related to the 5.1.1 Guideline indicating Account Deletion must now be possible to initiate from within the App, in case we allow for Account Creation from the same app: Can a soft delete be considered Account Deletion”? What if all the User's data is anonymized, leaving only a UserID for referential integrity? In the case of Authentication and User information delegated to a 3rd-party system (see above), could it suffice for us to delete the UUID linking the User to their original ERP/SSO account? Is it valid if we just initiate the deletion process (async confirmation)? Would it be valid for us to initiate the process by requesting the user for their contact information, then explaining that we will process the request through the Customer Support team, and get back to them with a confirmation (e.g. via email) within a given period of time? Thanks in advance for your help! Carlos