App Store Requirements
Apple App Store
- Privacy policy URL in App Store Connect
- App Privacy labels (nutrition facts)
- App Tracking Transparency (ATT) disclosure
- Data collection details for each category
Google Play Store
- Privacy policy link in store listing
- Data safety section completion
- Sensitive permissions justification
- Families policy compliance (if applicable)
Mobile App Data Collection
Mobile apps often collect more sensitive data than websites. Your privacy policy must disclose:
- Device identifiers (IDFA, GAID)
- Location data (GPS, network-based)
- Camera and photo library access
- Contacts and calendar access
- Push notification tokens
- In-app purchase history
- App usage analytics
- Crash reports and diagnostics
Common Mobile SDKs
Include disclosures for all SDKs that collect data:
- Firebase Analytics
- Crashlytics
- Facebook SDK
- Adjust / AppsFlyer
- RevenueCat
- OneSignal
- Branch
- Mixpanel
Apps for Children (COPPA)
If your app is directed at children under 13, you must comply with COPPA (Children's Online Privacy Protection Act) in the US and similar laws elsewhere. This includes:
- - Obtaining verifiable parental consent
- - Limiting data collection to what's necessary
- - Not using behavioral advertising
- - Providing parents access to their child's data
- - Complying with Apple's and Google's family policies