Technical Q&A QA1937

Resolving the Privacy-Sensitive Data App Rejection

Q:  How do I resolve the privacy-sensitive data app rejection?

A: Maintaining user privacy is an important consideration when designing your app. Most iOS, watchOS, and tvOS devices contain data that users might not want to expose to apps or external entities. Access user data only with the user’s informed consent, and be transparent about how you use it.

Your app is responsible for all usage of privacy-sensitive data, including access to this data by all third party libraries used in your app. If your app attempts to access privacy-sensitive data without a usage description, your app will exit. Additionally, App Review checks for use of privacy-sensitive data, and rejects apps that request access to this data without a usage description. Listing 1 shows an example of such a rejection.

Listing 1  Example privacy-sensitive data rejection email for an app accessing the user's contacts

This app attempts to access privacy-sensitive data without a usage description. The app's Info.plist must contain an NSContactsUsageDescription key with a string value explaining to the user how the app uses this data.

APIs Requiring Usage Descriptions

Table 1 lists the different classes of privacy-sensitive data, and the APIs your app uses to access the data class. Using any of these data classes requires Providing A Usage Description. For examples of requesting user consent to access any of these data classes, consult the Additional Documentation section.

If you receive a rejection email from App Review, such as the example email in Listing 1, and you don't believe your app accesses the data class named in the email, look for any use of the listed APIs in your code, including in all of your third party libraries. If a third party library requires the privacy-sensitive data, you should work with the library vendor to understand how this data is used by their library and provide a transparent and meaningful usage description.

Table 1  APIs requiring usage descriptions

Data Class

Xcode Key

Raw Info.plist Key

API Requiring Usage Description

Apple Music

Privacy - Media Library Usage Description


SKCloudServiceController requestCapabilitiesWithCompletionHandler: SKCloudServiceController requestCapabilitiesWithCompletionHandler: SKCloudServiceController requestStorefrontIdentifierWithCompletionHandler: MPMediaQuery MPMediaLibrary requestAuthorization:


Privacy - Bluetooth Peripheral Usage Description


CBCentralManager CBPeripheralManager


Privacy - Calendars Usage Description


EKEventStore requestAccessToEntityType:


Privacy - Camera Usage Description




Privacy - Contacts Usage Description


CNContactStore requestAccessForEntityType:


Privacy - Health Share Usage Description Privacy - Health Update Usage Description

NSHealthShareUsageDescription NSHealthUpdateUsageDescription entitlement HKHealthStore


Privacy - HomeKit Usage Description




Privacy - Location Always Usage Description Privacy - Location When In Use Usage Description

NSLocationAlwaysUsageDescription NSLocationWhenInUseUsageDescription

CLLocationManager requestAlwaysAuthorization: CLLocationManager requestWhenInUseAuthorization:


Privacy - Microphone Usage Description


AVAudioSession requestRecordPermission:


Privacy - Motion Usage Description




Privacy - Photo Library Usage Description


UIImagePickerController or PHPhotoLibrary requestAuthorization: used in conjunction with any of the following classes: PHAsset PHAssetCollection PHCollection PHCollectionList


Privacy - Reminders Usage Description


EKEventStore requestAccessToEntityType:


Privacy - Siri Usage Description


INPreferences requestSiriAuthorization:

Speech Recognition

Privacy - Speech Recognition Usage Description


SFSpeechRecognizer requestAuthorization:

TV Provider Account

Privacy - TV Provider Usage Description



Providing A Usage Description

All usage descriptions, including for privacy-sensitive data access from a framework, are declared in your app's Info.plist file, which can be edited in Xcode. Add a new row to the Info.plist file, and set the key for the appropriate data class, defined in Table 1. Set your usage description string as the value.

If your app supports multiple locales, localize the usage description and place the localized string in InfoPlist.strings for each locale, in addition to providing a usage description in the Info.plist file. See Localizing Property List Values for more information about localizing property lists.

Additional Documentation

For additional information on using privacy-sensitive data, consult the following resources:

Document Revision History


Clarified where to declare usage descriptions for frameworks and localizations


New document that describes how to resolve the privacy-sensitive data app rejection