App Privacy
Since your app collects user data, you must disclose its privacy practices and data collection methods.
Check out this Apple guide for more data collection information.
Privacy Policy
Go to the App Privacy section, then click ‘Edit’.
Add your privacy policy's URL link. Make sure to include these policy points in your privacy policy or create something similar by adjusting your information, such as the company name, email, date, and so on. This part will be found in the onboarding themes section.
It’s a critical declaration, as Google may reject your app if you provide information on how you collect information from users.
Then click ‘Get Started’ to begin adding all the data types you collect from users:
Mark “Yes, we collect data from this app” and click ‘Next’.
- Contact Info: If your app collects or shares a user's name, email address, phone number, physical address, etc.
Using these components/features necessitates this policy:
Login & Signup Methods
Commerce/Booking & Events
Payment Components
Payment Methods
- Health & Fitness: If your app collects or shares health/fitness info.
- Financial Info: This part is related to any payment that takes place in your app.
Using these components/features necessitates this policy:
Channels/Groups with subscription
Commerce/Booking & Events
Payment Components
Payment Methods
- Location: If your app collects or shares location.
Using these components/features necessitates this policy:
Channel Features
Group Messaging
All-in-one Messenger
Commerce
Booking & Events
Payment Components
- Sensitive Info: If your app collects sensitive content.
- Contacts: If your app collects or shares contacts.
Using these components/features necessitates this policy:
Channel Features
All-in-one Messenger
Contacts Manager
Call Manager
Call Logs
Group Messaging
- User Content: If your app collects photos, videos, audios, or voice messages and requests media in customer support chats or channels.
⇒ Other User Content is optional according to what extra content you collect as an app owner.
Using these components\features necessitates this policy:
Channel Features
All-in-one Messenger
Group Messaging
- Identifiers: mark ‘User ID’ and ‘Device ID.’
- Purchases: If your app has purchase transactions.
Using these components/features necessitates this policy:
Channels/Groups with subscription
Commerce/Booking & Events
Payment Components
Payment Methods
- Diagnostics:
MANDATORY!
Mark ‘Crash Data.’
Then click ‘Save.’
Any other type of privacy can be skipped, as the above ones are the most crucial to disclose.
Configure Each Policy
- Contact Info: Names, Email Address, Phone Number, Physical Address & Other User Contact Info.
Click ‘Set Up Name.’
MANDATORY!
Mark ‘App functionality,’
‘Yes, names collected from this app are linked to the user’s identity,’
‘No, we do not use names for tracking purposes,’
and click ‘Save.’
Mark the same answers for any type of Contact Info
- Financial Info: Payment Info.
MANDATORY!
Mark ‘App functionality,’
‘Yes, payment info collected from this app is linked to the user’s identity,’
‘No, we do not use payment info for tracking purposes,’
and click ‘Save.’
- Location: Precise Location & Coarse Location.
MANDATORY!
Mark ‘App functionality,’
‘No, precise location collected from this app is not linked to the user’s identity,’
‘No, we do not use the precise location for tracking purposes,’
and click ‘Save.’
Mark the same answers for Coarse Location
- Contacts:
MANDATORY!
Mark ‘App functionality,’
‘Yes, contacts collected from this app are linked to the user’s identity,’
‘No, we do not use contacts for tracking purposes,’
and click ‘Save.’
- User Content: Photos or Videos; Audio Data; Customer Support.
MANDATORY!
Mark ‘App functionality,’
‘No, photos or videos collected from this app are not linked to the user’s identity,’
‘No, we do not use photos or videos for tracking purposes,’
and click ‘Save.’
Mark the same answers for any type of User Content
- Purchases:
MANDATORY!
Mark ‘App functionality,’
‘No, purchase history data collected from this app is not linked to the user’s identity,’
‘No, we do not use purchase history data for tracking purposes,’
and click ‘Save.’
- Identifiers: User ID & Device ID.
MANDATORY!
For User ID set up, you add, mark ‘App functionality,’
‘Yes, user IDs collected from this app are linked to the user’s identity,’
‘No, we do not use user IDs for tracking purposes,’
and click ‘Save.’
MANDATORY!
For Device ID set up, you add, mark ‘App functionality,’
‘No, device IDs collected from this app are not linked to the user’s identity,’
‘No, we do not use device IDs for tracking purposes,’
and click ‘Publish.’
- Diagnostics: Crash Data.
MANDATORY!
Mark ‘App functionality,’
‘No, crash data collected from this app is not linked to the user’s identity,’
‘No, we do not use crash data for tracking purposes,’
and click ‘Publish.’
Finally, click the ‘Publish’ button.
Go back to the ‘Prepare for Submission’ page and click ‘Add for Review’.
Now Apple will take a walk through your app to review and check that every setting you make matches your app content. Make sure you monitor your mailbox, as Apple will notify you by warning you with errors if there's a missing step, such as choosing the countries you want to release your app in. Once reviewed, your app will be published automatically on the Apple Store.
❓ FAQs
Q: How do I set privacy and data collection rules when publishing to the App Store?
A: Apple requires you to fill out the App Privacy section in App Store Connect to comply with its strict privacy guidelines. This involves adding your privacy policy URL, completing the Apple Privacy Questionnaire, and declaring any data your app collects or uses.
Q: Where do I start setting app privacy in App Store Connect?
A:
- Log into App Store Connect, go to your app, and click on App Privacy → Edit.
- Paste your Privacy Policy URL.
- Make sure your policy clearly explains what data you collect and how you use it and includes your company details.
Your privacy policy must be live and publicly accessible—Apple checks this during their review.
Q: What’s the Apple Privacy Questionnaire, and how do I fill it out?
A:
- After saving your privacy policy, click Get Started in the Privacy Questionnaire.
- When asked, select “Yes, we collect data from this app” and click Next.
- Apple will show you a list of data types—be honest and declare any data your app collects or shares.
Q: What types of user data do I need to declare?
A: Declare any data that your app uses. Here are some common examples:
- Contact Info: Names, emails, and phone numbers (e.g., for login, signup, or forms).
- Health & Fitness: Collected in apps with wellness or fitness features.
- Financial Info: If you process payments, subscriptions, or billing.
- Location Data: Used in maps, delivery, or location-based services.
- Sensitive Info: Like medical records or personal identifiers.
- Contacts: If your app accesses a user’s contacts (e.g., for messaging).
- User Content: Photos, audio, or files uploaded through your app.
- Identifiers: Such as User ID or Device ID.
- Purchases: If your app tracks or processes in-app purchases.
- Diagnostics: Crash reports or performance data (mandatory for most apps).
For nandbox-powered apps, you’ll likely need to declare data for login, messenger, booking, payments, channels, and subscriptions.
Q: How do I answer Apple’s privacy questions for each data type?
A: For every data type you select, Apple asks 3 key questions:
- Why is this data used?
→ Most nandbox apps should choose App Functionality.
- Is this data linked to the user’s identity?
→ Answer Yes if the data can identify a user; otherwise, select No.
- Is this data used for tracking?
→ Usually, answer No unless your app does user profiling or ad tracking.
Repeat these steps for all data types, then click Save (or Publish if you’re ready).