5.1.1

We are trying to post a local news app. We want it to be a customized version of our news website, displaying news, agenda, local shop offers etc filtered by the towns and interests the user selects. The user needs to register first so that we can create a profile with their interests and filter the content accordingly. We've tried to explain this in several different ways, but the answer is always the same: We understand that you provide customized news to your customers. However, they should still be able to access the news articles prior to registration and only prompted to register once they decide to customize their news feed. The app's specific purpose is offering customized content, and we need the users to register for that customization. If we can't offer the customized filtering, the app has no sense for us. Anyone in a similar situation or any tip on h ow to explain this to App Review? Thanks in advance!

Issue Description One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. Next Steps Update the camera and photo library purpose string to explain how the app will use the requested information and provide a specific example of how the data will be used. See the attached screenshot. Resources Purpose strings must clearly describe how an app uses the ability, data, or resource. The following are hypothetical examples of unclear purpose strings that would not pass review: App would like to access your Contacts App needs microphone access See examples of helpful, informative purpose strings. I submitted my app to review, and got this review message. When you clcik on you profile picture, you can view it, or change it. When you decide to change it, the app need permission for camera or galler (depending on which one you select) F

Hello Experts, I am in need of your help with this feedback from the App Reviewer. Issue Description: One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. Next Steps: Update the location purpose string to explain how the app will use the requested information and provide a specific example of how the data will be used. See the attached screenshot. Resources: Purpose strings must clearly describe how an app uses the ability, data, or resource. The following are hypothetical examples of unclear purpose strings that would not pass review: App would like to access your Contacts App needs microphone access Feedback #2 Regarding 5.1.1, we understand why your app needs access to location. However, the permission request alert does not sufficiently explain this to your users before accessing the location. To resolve this

I want to clarify why both email and phone number are mandatory at registration, while still allowing users to log in with either method if one fails. Email Address (Collected at Registration) Account Creation & Verification: We use email to establish a unique, verifiable account for each user. This prevents duplicate or fraudulent profiles. Primary Communications: All booking confirmations, trip updates, support requests, and in-app chat messages between care seekers and carers are sent via email. This ensures users have a reliable record of every transaction and message. Phone Number (Collected at Registration) OTP-Based Security: We send a one-time password (OTP) via SMS during registration and login. This SMS-OTP step is critical to confirm that the user owns the provided phone number and to safeguard against unauthorized account access. Critical Trip Notifications: During a booked trip, carers and care seekers must receive time-sensitive alerts (e.g., gate changes, flight delays, check-in reminders)

我们提交的APP，始终无法通过审核； Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage Issue Description The app requires users to provide personal information that is not directly relevant to the app's core functionality. Apps should only require users to provide information that is necessary for the app to function. If information is useful for a non-essential feature, apps may request the information but make it optional. Examples of app concepts and inappropriate required information: A general shopping app that requires the user's marital status A rideshare app that requires the user's gender Next Steps Update the app to not require users to provide the following personal information: National ID number Age Gender Resources 是不允许在注册阶段收集身份证号吗？

I have an iPad 1 running iOS 5.1.1, I want to downgrade it to iPhone OS 3.2 Does anybody have a way to downgrade unsigned .ipsw's or do I have to sign it myself?

Hi everyone, I recently received a Pending Termination Notice for my very first iOS application, and I’m extremely worried about losing my developer account. My app submission was initially rejected due to: The app may contain hidden features, functionality, or content. Specifically, the app may contain financial transactions without the necessary authorization. Apps that provide financial transactions without the necessary authorization do not comply with guidelines 3.2.2 and 5.1.1(ix). Users should never be misled about the apps they download. Attempting to hide features, functionality, or content in the app may lead to removal from the Apple Developer Program. I sent an appeal immediately, but after 13 days (March 14 – March 27), I received a Pending Termination Notice stating that my app violated section 3.2(f) of the Apple Developer Program License Agreement due to dishonest or fraudulent activity. I was shocked because my app is a simple Objective and Key Results (OKR) tracking application. Aft

Hello to all, I’m developing an app with expo.dev and I have a problem that I need help. I’m not using xcode but I’m publishing with eas cli, so I don’t generate the plist file. My app locates the device in real time to provide the weather situation at home and navigation route using google maps in a webview. Apple has rejected the app with this communication: One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. (Below the screen) My app use location for show to home the weather icon and for use route navigation in google maps inside a webview. With expo I have add string in app.json but is not enough. Someone can helpme? This is a part of code ios: { supportsTablet: true, bundleIdentifier: com.ikawalieridiakashi.it, googleServicesFile: ./assets/GoogleService-Info.plist, infoPlist: { ITSAppUsesNonExemptEncryption: false, N

App Rejected stating Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage Issue Description One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. My App is simple using MusicKit. My app has only two buttons and the user just taps them. ・search button : Search for Apple Music with auto-generated text and play previews. ・listen button : Listen to searched songs on Apple Music. NSAppleMusicUsageDescription key is the app requires Apple Music access to search for songs and to play the searched songs. I don't know how to fix it. Please let me know some advice.

Hello Apple Developer Community, We are experiencing a significant challenge during the App Store review process regarding the account requirement for our app's core chat functionality. Our app provides a personalized chat experience where users interact with out services. This interaction involves sending and receiving messages within a dedicated chat interface. The App Store Review team has cited Guideline 5.1.1 Legal: Privacy - Data Collection and Storage, stating that the app requires users to register before accessing the chat feature. We are struggling to understand how a chat feature, which inherently involves communication between distinct participants, can function without user accounts. By definition, chat is a dialogue between individuals. How can a system deliver personalized replies and maintain conversation history without identifying the user? We are unaware of any app on the App Store that offers a chat-like experience without requiring user login. To ensure user safety and provide a

I’m building an iOS app that collects user PII (emails, names) and stores it in my backend database. I already use HTTPS for data transfer, but I’m unsure if Apple requires server-side encryption for stored data. For example: If a user’s email is stored in plain text on my server (but transmitted securely via HTTPS), will this violate App Store guidelines? Does Apple explicitly mandate encryption-at-rest for PII, or is it just a recommendation? Are there exceptions for non-sensitive data like usernames? I checked App Store Review Guidelines §5.1.1, which says data must be stored securely, but it’s unclear if this requires encryption. Context: The app targets U.S. users (no GDPR/CCPA concerns). No financial/health data is involved. Is plain-text server storage of emails/names acceptable, or will this risk rejection? Thanks for any clarity!

Can anyone with experience successfully launching an app on the App Store help me? My app was recently rejected by Apple. It says my app didn’t comply with “Guideline 4.2 - Design - Minimum Functionality: The usefulness of the app is still limited by the minimal functionality it currently provides. Specifically, the app primarily offers content for users to view or use, with limited interactive features. Apps should provide valuable utility or entertainment, draw people in by offering compelling capabilities or content, or enable people to do something they couldn't do before or in a way they couldn't do it before.” And ”Guideline 5.1.1(v) - Data Collection and Storage: The app supports account creation but does not include an option to initiate account deletion. Apps that support account creation must also offer account deletion to give users more control of the data they've shared while using an app. Follow these requirements when updating an app to support account deletion: Only offering to tempor

After review it was mentioned We need additional information about the app's highly regulated services and/or handling of sensitive user data. The guideline 5.1.1(ix) requirements give users confidence that apps operating in highly regulated fields or that require sensitive user information are qualified to provide these services and will responsibly manage their data. Which companies or institutions provide the services offered in the app? -What is the relationship between [Name of Developer Account] and the providers of these services? The application is being developed for the Karnataka State Government, and the development and management of the app have been assigned as part of an official project. While the developer account used for publishing the application was purchased individually, it is associated with the development and maintenance of this project. The account facilitates app deployment and management while ensuring compliance with government requirements and security protocols. So Guid

I have add my domani and email address to Configure Sign in with Apple for Email Communication (https://developer.apple.com/account/resources/services/configure) and it pass SPF already but when it send from server that i setup is had Error Description : Permanament error. Please do not try again, according to the information returned by the other party to confirm the specific cause of the error. Cause:550 5.1.1 : unauthorized sender a mail service is on Alibaba Cloud the email that i want to sending to is ending with @privaterelay.appleid.com it that have any solve problem or i missing any thing else ?