App privacy details on the App Store
Later this year, the App Store will help users understand an app’s privacy practices before they download the app on any Apple platform. On each app’s product page, users can learn about some of the data types the app may collect, and whether that data is linked to them or used to track them. You’ll need to provide information about your app’s privacy practices, including the practices of third-party partners whose code you integrate into your app, in App Store Connect starting this fall.
Answering app privacy questions
As you get ready to select your answers from the options presented in App Store Connect, keep in mind:
- You should identify all possible data collections and uses, even if certain data will be collected and used only in limited situations.
- Your answers should follow the App Store Review Guidelines and any applicable laws.
- You’re responsible for keeping your responses accurate and up to date. If your practices change, update your responses in App Store Connect.
You’ll need to know the types of data that you and/or your third-party partners collect from your app before answering the questions in App Store Connect. Refer to the list of data types below and compare them to the data collection practices in your app.
“Collect” refers to transmitting data off the device in a way that allows you and/or your third-party partners to access it.
“Third-party partners” refers to analytics tools, advertising networks, third-party SDKs, or other external vendors whose code you’ve added to your app.
Types of data
|Name||Such as first or last name|
|Email Address||Including but not limited to a hashed email address|
|Phone Number||Including but not limited to a hashed phone number|
|Physical Address||Such as home address, physical address, or mailing address|
|Other User Contact Info||Any other information that can be used to contact the user outside the app|
|Health and Fitness|
|Health||Health and medical data, including but not limited to from the Clinical Health Records API, HealthKit API, MovementDisorderAPIs, or health-related human subject research or any other user provided health or medical data|
|Fitness||Fitness and exercise data, including but not limited to the Motion and Fitness API|
|Payment Info||Such as form of payment, payment card number, or bank account number|
|Credit Info||Such as credit score|
|Other Financial Info||Such as salary, income, assets, debts, or any other financial information|
|Precise Location||Information that describes the location of a user or device with the same or greater resolution as a latitude and longitude with three or more decimal places|
|Coarse Location||Information that describes the location of a user or device with lower resolution than a latitude and longitude with three or more decimal places, such as approximate location services|
|Sensitive Info||Such as racial or ethnic data, sexual orientation, pregnancy or childbirth information, disability, religious or philosophical beliefs, trade union membership, political opinion, genetic information, or biometric data|
|Contacts||Such as a list of contacts in the user’s phone, address book, or social graph|
|Emails or Text Messages||Including subject line, sender, recipients, and contents of the email or message|
|Photos or Videos||The user’s photos or videos|
|Audio Data||The user’s voice or sound recordings|
|Gameplay Content||Such as user-generated content in-game|
|Customer Support||Data generated by the user during a customer support request|
|Other User Content||Any other user-generated content|
|Browsing History||Information about the content the user has viewed|
|Search History||Information about searches the user has performed|
|User ID||Such as screen name, handle, account ID, assigned user ID, customer number, or other user- or account-level ID that can be used to identify a particular user or account|
|Device ID||Such as the device’s advertising identifier, or other device-level ID|
|Purchase History||An account’s or individual’s purchases or purchase tendencies|
|Product Interaction||Such as app launches, taps, clicks, scrolling information, music listening data, video views, saved place in a game, video, or song, or other information about how the user interacts with the app|
|Advertising Data||Such as information about the advertisements the user has seen|
|Other Usage Data||Any other data about user activity in the app|
|Crash Data||Such as crash logs|
|Performance Data||Such as launch time, hang rate, or energy use|
|Other Diagnostic Data||Any other data collected for the purposes of measuring technical diagnostics related to the app|
|Other Data Types||Any other data types not mentioned|
You should have a clear understanding of how each data type is used by you and your third-party partners.
For example, collecting an email address and using it to authenticate the user and personalize the user’s experience within your app would include App Functionality and Product Personalization.
|Third-Party Advertising||Such as displaying third-party ads in your app, or sharing data with entities who display third-party ads|
|Developer’s Advertising||Such as displaying first-party ads in your app, or sharing data with entities who will display your ads|
|Analytics||Using data to evaluate user behavior, including to understand the effectiveness of existing product features, plan new features, or measure audience size or characteristics|
|Product Personalization||Customizing what the user sees, such as a list of recommended products, posts, or suggestions|
|App Functionality||Such as to authenticate the user, enable features, prevent fraud, implement security measures, ensure server up-time, minimize app crashes, improve scalability and performance, or perform customer support|
|Other Purposes||Any other purposes not listed|
Data linked to the user
You’ll need to identify whether each data type is linked to a user’s account, device, or identity by you and/or your third-party partners. Data collected from an app is usually linked to the user’s account, device, or identity, unless specific privacy protections are put in place before collection to de-identify or anonymize it, such as:
- Stripping data of any direct identifiers, such as user ID or name, before collection.
- Manipulating data to break the linkage and prevent re-linkage to real-world identities.
Additionally, in order for data not to be linked to a particular account, device, or identity, you must avoid certain activities after collection:
- You must not attempt to link the data back to the account, device, or identity.
- You must not tie the data to other datasets that enable it to be linked to a particular account, device, or identity.
Note: “Personal Information” and “Personal Data”, as defined under relevant privacy laws, are considered linked to the user.
You’ll need to understand whether you and/or your third-party partners use data from your app to track users and, if so, which data is used for this purpose.
“Tracking” refers to linking data collected from your app about a particular end-user or device, such as a user ID, device ID, or profile, with Third-Party Data for targeted advertising or advertising measurement purposes, or sharing data collected from your app about a particular end-user or device with a data broker.
“Third-Party Data” refers to any data about a particular end-user or device collected from apps, websites, or offline properties not owned by the developer.
Examples of tracking include:
- Displaying targeted advertisements in your app based on user data collected from apps and websites owned by other companies.
- Sharing device location data or email lists with a data broker.
- Sharing a list of emails, advertising IDs, or other IDs with a third-party advertising network that uses that information to retarget those users in other developers’ apps or to find similar users.
- Placing a third-party SDK in your app that combines user data from your app with user data from other developers’ apps to target advertising or measure advertising efficiency, even if you don’t use the SDK for these purposes. For example, using a login SDK that repurposes the data it collects from your app to enable targeted advertising in other developers’ apps.
The following situations are not considered tracking:
- When the data is linked solely on the end-user’s device and is not sent off the device in a way that can identify the end-user or device.
- When the data broker uses the data shared with them solely for fraud detection or prevention or security purposes, and solely on your behalf.
Privacy Choices (Optional): A publicly accessible URL where users can learn more about their privacy choices for your app and how to manage them. For example, a webpage where users can access their data, request deletion, or make changes.