5.1.1

Hello everyone, I'm reaching out to see if anyone has experienced a similar situation or has any advice. My app Currot has been in Waiting for Review across multiple submissions since February 8, 2026. Despite following all recommended steps, the review team has not responded. Timeline: Feb 8: Initial submission Feb 11 (04:50 AM): Moved to In Review Feb 11 (05:17 AM): Rejected (Guidelines 2.3.6, 5.1.1, 1.2, 5.1.1v) Feb 11 (08:10 PM): All four issues resolved, resubmitted same day with detailed screenshots in Resolution Center Feb 14: Follow-up message sent via Resolution Center — no response Feb 23: After 12 days of no movement, canceled and resubmitted with review notes explaining all resolved issues Mar 4: Developer Support (Case 102831733019) confirmed they notified the review team Mar 9: Follow-up email and phone call requesting escalation Mar 10: Developer Support confirmed they escalated again Mar 12 (today): Still Waiting for Review — 32 days since initial submission, 17 days since latest subm

Issue from App Review: My app shows a custom explanation screen before triggering the system location permission dialog. This screen explains why location access is needed. It includes: A “Continue” button → triggers the system permission dialog A “Not Now” button → dismisses the explanation and delays the permission request Apple states that: “The user should always proceed to the permission request after the message.” They are asking me to remove the exit button from the pre-permission message. My Questions Is it now against policy to include a “Not Now” option in a pre-permission explainer screen? Are we required to immediately show the system permission dialog after any pre-permission explanation? What is the recommended UX pattern if the feature depends on location but I don’t want to force the permission immediately at launch? Would it be compliant to: Remove the “Not Now” button, OR Remove the custom pre-prompt entirely and rely only on the system dialog? The feature in question requires location to fu

Hi! We are facing App Rejection from Apple due to this <> Guidelines 5.1.1(i) - Legal - Privacy - Data Collection and 5.1.2(i) - Legal - Privacy - Data Use Issue Description Issue Description The app appears to share the user’s personal data with a third-party AI service but the app does not clearly explain what data is sent, identify who the data is sent to, and ask the user’s permission before sharing the data. Apps may only use, transmit, or share personal data after they meet all of the following requirements: Obtain the user’s permission before sending data Next Steps If the app sends user data to a third-party AI service, revise the app to ask the user’s permission before sharing personal data with a third-party AI service. If it does not already, the app’s privacy policy must also identify what data the app collects, how it collects that data, and all uses of that data, including if it is shared with a third-party AI service. If the app does not send user data to a third-party AI service

Hi All, We are facing App Rejection from Apple due to this - Guidelines 5.1.1(i) - Legal - Privacy - Data Collection and 5.1.2(i) - Legal - Privacy - Data Use Issue Description The app appears to share the user’s personal data with a third-party AI service but the app does not clearly explain what data is sent and identify who the data is sent to before sharing the data. Apps may only use, transmit, or share personal data after they meet all of the following requirements: Disclose what data will be sent Specify who the data is sent to Obtain the user’s permission before sending data Identify in the privacy policy what data the app collects, how it collects that data, all uses of that data, and confirm any third party the app shares data with provides the same or equal protection Next Steps If the app sends user data to a third-party AI service, revise the app to explain what data is sent and identify who the data is sent to before sharing personal data with a third-party AI service. If it does not al

Our children's educational app (COPPA-compliant) was rejected under Guidelines 5.1.1(i) and 5.1.2(i) for sharing personal data with a third-party AI service without clear disclosure and user permission. How our app works: Our app is an AI-powered learning assistant for kids. Children type questions (e.g., Why is the sky blue?) and the app sends the question to Google Gemini's API to generate an age-appropriate answer. This is the core and only purpose of the app — it's an AI chat app, similar to how a search engine sends queries to its servers. Our current setup: Google Gemini operates as a data processor (not a data recipient) — zero data retention, no model training on user data Our privacy policy already discloses Google Gemini as the AI provider, what data is processed, and that no data is stored The app is clearly marketed as an AI-powered assistant — users understand they are interacting with AI Our questions: Infrastructure vs. data sharing: We use Google Gemini to process queries the same way

I have a desktop application developed in SwiftUI that shows property locations on the map. That's NOT the main feature. IF you give the application permission to access your location, the blue dot will appear on the map. If you don't, the blue user dot won't appear. That's the only difference with location services. In other words, the application has no use of user's current position beyond showing it on the map. Since it's just the matter of showing or not showing the blue dot on the map, the application doesn't really need to use the location service. Anyway, the reviewer is talking about something else by rejecting the application in two aspects. Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage Guideline 5.1.5 - Legal - Privacy - Location Services As I said earlier, the application only wants to show the blue dot on the map so that you can see your property locations relative to your current location. In code, it's something like the following. Map(position: $propertyViewModel.map

Our app (Tenkobo) received a rejection notice after review due to the fact that we use Gemini AI since 3 builds ago. Since then, we have been improving the disclosure of the data we collect, explicitly stating all the data, introducing a new feature that checks granular consent and syncs consent state for the user to the backend, and controls for whether to send to the Gemini API service for that feature depending on consent state for the user. Moreover, this feature is a premium add-on to a module that already does most things locally on the device and sends to our cloud infrastructure to allow storage and sync when users use multiple devices. It is a multi-platform app. However, despite every improvement, we keep getting the same Rejection reason that ... Review Device: iPad Air 11-inch (M3) ... The issues we previously identified still need your attention. Guidelines 5.1.1(i) - Legal - Privacy - Data Collection and 5.1.2(i) - Legal - Privacy - Data Use The app appears to share the user’s personal

Hi, Our app (Tenkobo) received a rejection notice after review due to the fact that we use Gemini AI since 3 builds ago. Since then, we have been improving the disclosure of the data we collect, explicitly stating all the data, introducing a new feature that checks granular consent and syncs consent state for the user to the backend, and controls for whether to send to the Gemini API service for that feature depending on consent state for the user. Moreover, this feature is a premium add-on to a module that already does most things locally on the device and sends to our cloud infrastructure to allow storage and sync when users use multiple devices. It is a multi-platform app. However, despite every improvement, we keep getting the same Rejection reason that The issues we identified still need your attention. I have asked for help or even that the rejection reason be more specific, but nothing. I have send pictures, and in this last rejection about 8 hours ago, I had to reply with a video showing that what the

I have a desktop application that shows some real estate properties chosen by the user. The application shows those GPP locations on the map. The SwiftUI code is something like the following. import SwiftUI import MapKit struct ContentView: View { var body: some View ZStack { mapView } } private var mapView: some View { Map(position: $propertyViewModel.mapPosition) { ForEach(propertyViewModel.properties) { property in Annotation(, coordinate: CLLocationCoordinate2D(latitude: property.lat, longitude: property.lon)) { Button { } label: { VStack { Image(systemName: house.circle.fill) .resizable() .scaledToFit() .frame(width: 48) .foregroundStyle(colorScheme == .light ? .white : .black) ... } } .buttonStyle(.borderless) } } UserAnnotation() } .mapControls { MapUserLocationButton() } .mapControlVisibility(.visible) .onAppear { CLLocationManager().requestWhenInUseAuthorization() } } } The application only wants to use the CLLocationManager class so that it can show those locations on the map relative to your curren

Please who could explain better what i need to do at this point when my submission is rejected? Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage The app does not meet all requirements for apps that offer highly regulated services or handle sensitive user data. Specifically: The app must be published under a seller and company name that is associated with the organization or company providing the services. In this case, the app must be published under a seller name and company name that reflects the Nigerian Shippers’ Council name. The guideline 5.1.1(ix) requirements give users confidence that apps operating in highly regulated fields or that require sensitive user information are qualified to provide these services and will responsibly manage their data. Next Steps To resolve this issue, it would be appropriate to take the following steps: The app must be published under a seller name and company name that reflects the Nigerian Shippers’ Council name. If you have developed th

Hi, I am in need of your help with publishing my game. I got the following explanation for the negative review of my app/game. Issue Description One or more purpose strings in the app do not sufficiently explain the use of protected resources. Purpose strings must clearly and completely describe the app's use of data and, in most cases, provide an example of how the data will be used. Next Steps Update the local network information purpose string to explain how the app will use the requested information and provide a specific example of how the data will be used. See the attached screenshot. Resources Purpose strings must clearly describe how an app uses the ability, data, or resource. The following are hypothetical examples of unclear purpose strings that would not pass review: App would like to access your Contacts App needs microphone access See examples of helpful, informative purpose strings. The problem is that they say my app asks to allow my app to find devices on local networks. And that this needs m

Hi there. I work for a company that develops a SaaS service. Users have to register before using the SaaS as all the data they save in the application must be linked to their account. Why that? Because it is a multi-platform SaaS currently running on web and Android, so, the user must have access to his/her contents on every platform he/she intends to use. Also, some features depend on our back-end system to process the data and return an analysis based on them. That said, Apple is rejecting our app claiming that we should not require the user to register an account before purchasing a subscription. The problem is: how can the user store their data in our servers without an account? We do offer a free tier account, but the users must be logged in to have access to their data and have the analysis performed by the back-end service. Does anybody have gone through a similar issue? I need clarifications on how to solve this. Thanks in advance.

I’ve officially given up trying to release my app on iOS. Apple’s latest rejection quotes: • Guideline 5.1.5 – Location Services “The app uses location data for features that are not relevant to a user’s location. Specifically, the app is not functional when Location Services are disabled. To resolve this issue, please revise the app so that the app is fully functional without requiring the user to enable Location Services.” • Guideline 5.1.1 – Data Collection and Storage Complaining that the app “encourages or directs” users to go to Settings to enable location. My app is literally built around live location. The entire point is: you walk the circuit, see telemetry synced with where you are. No location, no app. That is the product. Apple wants the app to be “fully functional” without the one thing it needs to exist. That’s like rejecting a camera app because it doesn’t “fully function” with no camera permission. What makes this worse is the complete lack of consistency. Every time I fix what they a

Pls any idea or guide on how i can go about to resolve this, an app review feedback. Review Environment Submission ID: 43e31418-c37f-4b26-9bec-f88d749a70be Review date: November 27, 2025 Version reviewed: 1.0 Guideline 4.3(a) - Design - Spam This app duplicates the content and functionality of other apps on the App Store, which is considered a form of spam. Specifically, this app appears to be identical to apps already submitted to the App Store from other developers. Apps that duplicate content or functionality create clutter, diminish the overall experience for the end user, and reduce the ability of developers to market their apps. Next Steps It would be appropriate to revise your app to provide a unique experience or submit a new app that does not duplicate the content and functionality of other apps on the App Store. Resources Some factors that contribute to a spam rejection may include: Submitting an app with the same source code or assets as other apps already submitted to the App Store Creating and su

Goal I want to reply to feedback from customers who signed up using a private.relay account. Problem I am getting this error when sending an email: Reporting-MTA: dns; mailfout.stl.internal X-Postfix-Queue-ID: B87481D0015B X-Postfix-Sender: rfc822; hello@mydomain.com Arrival-Date: Fri, 7 Nov 2025 03:37:29 -0500 (EST) Final-Recipient: rfc822; xxxx@privaterelay.appleid.com Original-Recipient: rfc822;xxxx@privaterelay.appleid.com Action: failed Status: 5.1.1 Remote-MTA: dns; smtp3.privaterelay.appleid.com Diagnostic-Code: smtp; 550 5.1.1 : unauthorized sender What have I done? I have configured mydomain.com in the Email Configuration Service inside of apple, as well as the email hello@mydomain.com. Using https://www.mail-tester.com/, I could confirm that the - [SPF] Your server 202.12.124.158 is authorized to use hello@mydomain.com - Your DKIM signature is valid - Your message passed the DMARC test My hunch This app was transferred and the previous owner did not have the email configuration set