A typewriter with the word Privacy Policy printed on a sheet of paper

Writing your App’s Privacy Policy

Legal disclaimer

The contents of this article is accurate and true to the best of my knowledge, but I am not a lawyer, and this is not legal advice.

When you publish an app on the App Store, Apple requires you to provide a link to a privacy policy. You might be putting off writing this privacy policy – you might not know where to start! In this article, you’ll learn everything you need to write and publish your privacy policy today.

Why is privacy important? Why does it even matter that your app collects private data?

Privacy is “the claim of individuals […] to determine for themselves when, how, and to what extent information about them is communicated to others.”

Alan Westin (1967)

Just like freedom, liberty, and love – privacy is a broad concept that represents many underlying ideas. The definition of privacy quoted above is the most unequivocal definition I’ve found, and it’s a good starting point for understanding what privacy means and why it’s important.

Privacy allows you to prevent your data from being communicated to others. You might not mind a developer using your personal data for the app to function, but you may think twice about that same developer selling it to third parties. You might not mind that your personal data is stored on the developer’s web server, but you may wonder what happens if your data is stolen by hackers. Once your personally identifiable information gets into the wrong hands, it can be used for identity theft or lead to situations where your medical history or dating app preferences could be misjudged. Even worse, if your location data gets into the wrong hands, it could enable kidnappers while you’re in a foreign country, or let a stalker know where you are.

When apps track you across the web, they can show you the same content over and over again. This creates a false impression that could make you believe that a political idea is true because of how popular it seems to be. It could make you believe a medical product is really popular, so maybe it works. However – you’ve been tricked, and your personal browsing history made it all possible.

Collecting private information exposes your users to some or all of these risks, but it also enables your application to be more useful. Privacy and usefulness can sometimes be trade-offs. As a developer, you should understand how your app handles private data, find the balance of trade-offs that’s best for users, and communicate this to your users. Be up front about how you use personal data and let your users decide whether the trade-off is a good one.

Legal jargon to know

Personally identifiable information is information that by itself, or when combined with other information, can be used to identify an individual person.

User tracking is the practice of sharing user data between third parties to target content and advertising.

Data collection is the practice of saving user data to a developer’s server after a user request is completed.

What should you include in the privacy policy text?

Your privacy policy should begin with a list of types of data you collect and how each type of data is used by your app. You can also list types of data that your app doesn’t collect, to be crystal clear. Here is Apple’s list of types of data, but also list any additional types of data your app collects.

  1. For each type of data, explain why it’s necessary or whether it’s optional to share.
  2. Specify whether or not you share data with third parties, and if so, which data. If you do share data with third parties, specify how each third party uses the data, and ensure that they provide the same protection of user data as your privacy policy. Provide a link to the privacy policy of all third party SDKs your app uses.
  3. Describe what will happen to user data if your business is sold.
  4. Specify how your app licenses user generated content. Do users own their data?
  5. Describe what happens if a user closes their account, or if their account is suspended.
  6. State whether you delete user data when you terminate an account.
  7. State whether you delete information after a period of inactivity, or after it’s no longer needed. 
  8. State whether you allow users to make data deletion requests.
  9. Describe your security practices (such as encryption) for protecting information in transmission and at rest.
  10. Specify whether your app displays ads and how those ads are generated.
  11. Explain how users consent to your privacy policy, and how a user can revoke their consent. For example do users automatically give consent by using the app or does your app have a consent button that must be tapped before the app begins collecting personal data?
  12. Specify the jurisdiction where you store data, and state whether you comply with the Children’s Online Privacy Protection Act, California Online Privacy Protection Act, California Consumer Privacy Act, General Data Protection Regulation, and any other privacy regulations in countries where you have a lot of users. For details see Which other regulations do you need to follow?
  13. Include contact information for users to reach out if they have any questions about your privacy policy.

I produced this list by referencing the App Store Legal Guidelines, App Store Data Collection and Storage Guidelines, Apple Developer Program License Agreement (link requires sign-in), and Apple Documentation. I also read SINTEF‘s Privacy in Mobile Apps report to understand what type of private data usage app users should care about. Finally, I looked at what smaller developers and teams without a legal department are doing (e.g. Overcast, Cascable, Flighty, Unread, Currency, FusionCast).

It’s also a good idea to include a legal disclaimer in the event your system’s security is ever breached. You should always follow best practices to guard personal data, but you want to limit your liability if users’ data is stolen.

Once you’ve covered all the above details, organize the text in a logical way and revise the text to avoid hypothetical (‘may’,  ‘can’) or complicated phrases so that you clearly communicate exactly how you handle private data. Use clear statements and avoid legal jargon so your sentences are easier to understand and sound like they were written by a human being.

How do you host the link to the privacy policy?

A dedicated website for your app is the best place to host your privacy policy, but App Review usually accepts anything that generally looks like a privacy policy. I’ve gotten by with a link to a Google doc, and I’ve seen links to GitHub gists that also work.

Always remember to update your privacy policy whenever you make a server or app update that changes what data you collect or how you use the collected data. You should also notify users whenever you make a significant update to your privacy policy. You could show an in app notification or you can send an email if you have their email address. Users need to be notified of changes so that they can consent to your updated privacy policy.

This is less often enforced, but Guideline 5.1.1 of the App Store Review Guidelines requires that you must include a link to the privacy policy from within your app. If your app allows users to create an account, it’s a good idea to provide a link to the privacy policy before you allow users to create their account. Otherwise, put a link anywhere it’s easy to find. Also, if your app uses auto-renewable subscriptions you’ll need to include a link to the privacy policy from the subscription sign up screen.

Which other regulations do you need to follow?

I’ve already covered specific pieces of information you need to include in your privacy policy text, but I want to highlight a few of the actual privacy law regulations.

First, there’s the Children’s Online Privacy Protection Act (COPPA, effective 2000). This law applies to apps that are directed to children under 13 years of age. I haven’t worked on any such apps, but if the law applies to your app, you do need to understand its requirements.

If you have users in the United States you need to comply with the California Consumer Privacy Act (CCPA, effective 2020), but it doesn’t apply to many developers. It only applies to for-profit businesses that do business in California and meet any of the following:

  • Have a gross annual revenue of over $25 million;
  • Buy, receive, or sell the personal information of 50,000 or more California residents, households, or devices; or
  • Derive 50% or more of their annual revenue from selling California residents’ personal information.

If you have users in the European Union you need to follow the General Data Protection Regulation (GDPR, effective 2018). It doesn’t have an exemption like the CCPA, but the track record of regulators has been to give out warnings before resorting to fining websites and apps that don’t comply. Most of the businesses that have had to pay a fine, were being punished for not cooperating with regulators.

Answering the thirteen privacy policy questions will help you understand how you handle user data, and that will prepare you to deal with any privacy regulations that are added in the coming years.