Last June, Apple held their Worldwide Developers Conference and announced changes that would be coming to the App Store Review Guidelines regarding new privacy policy for mobile apps. While these changes were announced months ago, Apple has given developers ample time to digest these changes and begin to implement them in their current apps and any new apps they submit to the Apple App Store moving forward.
The new Review Guidelines may have big consequences for the ways users interact with apps and the way that mobile app developers and marketers are able to collect the data integral to bettering the apps they create. Because of this, we are going to take a close look at the changes in order to see exactly what they boil down to and how developers and marketers should approach app creation and optimization in this new era.
How Are the Review Guidelines Changing?
Below is a direct quote from the Apple Review Guidelines page for those in the Apple Developer Program:
(i) Privacy Policies: “All apps must include a link to their privacy policy in the App Store Connect metadata field and within the app in an easily accessible manner.”
If you want to be approved in the App Store, let alone rank well, it’s important not to gloss over your privacy policy. A link to a fully developed policy both in the store and within your app is a must. Additionally, there are specific requirements you must meet in order for your privacy policy to be sufficient:
- You must clearly state what data your app collects, how you collect it, and what the purpose is of the data collection. So if you have an eCommerce app that is collecting data about users’ shopping habits based on their searches, you must say so plainly in your privacy policy. You’ll also have to explain exactly how you’re collecting the data – via searches in the app or in a browser – and why you’re doing it. Even if you’re simply collecting data to personalize a user’s experience in the app, they need to know.
- You must validate that any user data your app shares with third parties will be handled with the same adherence to user protection that Apple requires of apps under its Review Guidelines. Whether it’s analytics tools, advertising networks, or third-party SDKs, no outside entity can take advantage of your users’ data in a way that violates Apple’s rules.
- Your app must clearly lay out its data retention and deletion policies in addition to explaining how users can rescind their consent to the primary data collection and/or request deletion of their user data.
For more details, feel free to check out the full page here.
Unpacking the New Review Guidelines
These guidelines have been available to view for a while now but they are set to actually take effect beginning next week. So what does this mean for app developers? Point 3 is the big change coming onto the scene and that’s where we will direct our focus for the rest of the article.
In short, point 3 of the App Store review guidelines maintains that any app that includes an account creation feature will be required to also include an account deletion feature moving forward. Users must be able to begin the process of deleting their account from within the app, you cannot simply link them to a Safari webpage in order to do so. And while this does not need to trigger an immediate deletion, you must provide a clear timeline for when the account (and therefore data) deletion will occur. The UI/UX process must be straightforward as well so that a user can enter and proceed through the deactivate account journey without struggle.
What Should Developers Do About the New Review Guidelines?
Just as the release of iOS 14.5 brought about new changes regarding data mining for advertisers, the release of the latest Apple Review Guidelines are causing app developers to think about how they approach data collection. If you’re hoping to see App Store approval next month, strategize how you will present an account deletion option that’s simple and straightforward for users. This could be easily done in the form of a button that users can access from their profile or profile settings page. Additionally, be sure that this button doesn’t just redirect users to a browser webpage, because Apple will not approve that simple workaround. You may send an email to confirm or sort out further details, but the user will need to have the option to initiate the deletion of their account in-app.
While all of this is of course a concern for new apps looking to find a home in the App Store, it’s important to note that current apps will also need to update their privacy policy and account deactivation journey within their apps in order to stay in good standing. By staying up to date with the latest news about mobile app development, you can be sure that your app meets all the necessary requirements to succeed – especially as user privacy continues to sway the landscape of mobile app development and marketing.