As of 3 October, Apple’s App Store will demand explicit privacy policies from app developers before new apps and app updates can be submitted for distribution. Privacy policies will need to disclose exactly how each developer intends to use, secure and share its users’ personal data.
Technically, each app developer will have to provide a link to its privacy policy from within the app. This needs to be easily accessible and must detail if and which data the app collects, how it collects and uses this data, and which third parties it’ll be sharing the data with. Apple will also require apps to make their data retention policies clear and explain how users can withdraw consent and have personal data deleted.
Apple’s move is entirely in line with the EU’s General Data Protection Regulation (GDPR) which came into force in May and applies to organisations doing business in Europe. Though Apple doesn’t mention the GDPR in its announcement, it follows the sentiment of the regulation, which is to give users more control over their personal data and to facilitate a digital environment that protects personal data from misuse and exploitation.
GDPR365 simplifies the GDPR compliance process, including the generation of privacy policies – so reach out to us if you are an app developer.