Apple requires every app submitted to the App Store to have a privacy policy accessible via a public URL. Key requirements include privacy nutrition labels that disclose all data collection categories, App Tracking Transparency (ATT) compliance for cross-app tracking, privacy manifests (introduced in 2024) that declare API usage and third-party SDK data practices, and accurate disclosure of all data collection in your App Store Connect listing.
Apple has built one of the strictest privacy compliance frameworks in the app ecosystem. Every app on the App Store, whether free or paid, whether it collects data or not, must provide a privacy policy URL. But the privacy policy itself is only the beginning. Apple also requires privacy nutrition labels, App Tracking Transparency compliance, and privacy manifests.
The App Review team checks privacy disclosures carefully. Inconsistencies between your privacy policy, your nutrition labels, and your app's actual behavior are one of the most common reasons for rejection. Apple has rejected apps for something as simple as declaring "no data collected" while using an analytics SDK that collects usage data in the background.
This guide covers everything you need to know: what Apple requires in your privacy policy, how to fill out nutrition labels correctly, when the ATT prompt is required, what privacy manifests are, the most common rejection reasons, and how to get through App Review smoothly.
What Apple Requires for App Store Privacy Compliance
Apple's App Store Review Guidelines Section 5.1 covers privacy requirements in detail. The requirements apply to all apps submitted to the App Store, including apps for iPhone, iPad, Apple Watch, Apple TV, and Mac (via the Mac App Store). These are not optional guidelines. They are enforced requirements that your app must meet to be approved.
Core Requirements
- Privacy policy URL: A publicly accessible URL entered in the App Information section of App Store Connect. This URL is displayed on your app's App Store listing and must be accessible without a login.
- Privacy nutrition labels: You must declare every type of data your app collects in App Store Connect. Apple displays these as "App Privacy" labels on your listing so users can see your data practices before downloading.
- App Tracking Transparency: If your app tracks users across apps and websites owned by other companies, you must use the ATT framework to request permission before tracking begins.
- Privacy manifests: Apps using required reason APIs must include a PrivacyInfo.xcprivacy file declaring each API and the reason for its use. Third-party SDKs must also provide their own privacy manifests.
- Data deletion mechanism: Apps that create user accounts must offer a way for users to delete their account and associated data from within the app and on your website.
Apple reviews apps both during the initial submission and during updates. The App Review team can also re-review existing apps at any time. Apps found to be non-compliant can be removed from the App Store. Developers with repeated privacy violations risk having their Apple Developer account terminated.
Required
For every App Store app
Public
Visible on your App Store listing
Enforced
Rejection or removal from store
Did you know?
Apple's App Tracking Transparency framework has had a massive impact on the advertising industry. Since its introduction, only about 25% of iOS users opt in to tracking when prompted. This has cost major ad platforms billions of dollars in revenue and forced a fundamental shift in how mobile advertising works. Your privacy policy should reflect whether your app uses tracking and how you handle users who opt out.
Q: Does my app need a privacy policy even if it collects no data?
Yes. Apple requires a privacy policy URL for every app submitted to the App Store, regardless of data collection. Even if your app collects zero user data, you still need a privacy policy that states this clearly. The privacy policy URL field in App Store Connect is mandatory.
Q: Does this apply to apps distributed through TestFlight?
TestFlight apps do not require a privacy policy URL in the same way App Store apps do. However, if your app collects user data during beta testing, privacy laws like GDPR and CCPA still apply. It is a good practice to have your privacy policy ready before beta testing so it is in place when you submit to the App Store.
Privacy Nutrition Labels
Apple's privacy nutrition labels are displayed on every app's App Store listing page. They give users a clear summary of what data the app collects before they download it. You must fill out these labels accurately in App Store Connect. Apple checks them during App Review, and inaccurate labels are a common rejection reason.
For each data type your app collects, you must declare whether the data is "Linked to Your Identity" (associated with the user's account or identity), "Not Linked to Your Identity" (collected anonymously), or "Used to Track You" (shared with third parties for tracking across apps and websites). Your privacy policy must match these declarations exactly.
| Data Category | What It Includes | Common Sources |
|---|---|---|
| Contact Info | Name, email address, phone number, physical address | Registration forms, account creation |
| Health & Fitness | Health data, fitness data, clinical health records | HealthKit, fitness trackers, manual input |
| Financial Info | Payment info, credit score, salary, debts, assets | Payment processors, banking APIs, user input |
| Location | Precise location, coarse location | GPS, Wi-Fi, IP address geolocation |
| Contacts | Contacts list from user's device | Address book access, social features |
| User Content | Emails, texts, photos, videos, audio, gameplay content | User uploads, camera, microphone, messaging |
| Browsing History | Websites visited, in-app browsing activity | In-app browsers, WebView, link tracking |
| Search History | Search queries within the app | In-app search, search analytics |
| Identifiers | User ID, device ID, IDFA, IDFV | Authentication, analytics, advertising SDKs |
| Usage Data | Product interaction, advertising data, app launches, taps | Analytics SDKs, event tracking, Firebase |
| Diagnostics | Crash data, performance data, diagnostic logs | Crashlytics, Sentry, built-in crash reporting |
| Other Data | Any data type not covered by the categories above | Custom data collection, third-party SDKs |
The most common mistake developers make with nutrition labels is forgetting to account for third-party SDKs. If you use Firebase Analytics, it collects usage data and diagnostics. If you use Facebook SDK, it may collect identifiers. If you use AdMob, it collects advertising data. You are responsible for declaring all data collected by your app, including data collected by SDKs you integrate.
Your privacy policy must cover every data type you declare in your nutrition labels. If your labels say you collect "Usage Data" and "Diagnostics," your privacy policy must explain what usage data and diagnostics you collect, why you collect them, and how they are used.
Did you know?
Apple's nutrition labels are self-reported by developers, but Apple does verify them during App Review. If a reviewer finds that your app collects data not declared in your nutrition labels, your app will be rejected. Apple also accepts reports from users and researchers about inaccurate nutrition labels, which can trigger a re-review of your app.
App Tracking Transparency (ATT)
App Tracking Transparency is Apple's framework that requires apps to get explicit user permission before tracking them across apps and websites owned by other companies. If your app tracks users as defined by Apple, you must present the ATT permission prompt before any tracking occurs. Your privacy policy must explain your tracking practices clearly.
What Counts as Tracking
- Using the IDFA: Accessing the Identifier for Advertisers to serve targeted ads or measure ad effectiveness across apps.
- Sharing data with data brokers: Sending any user data or device data to companies that aggregate and sell data.
- Cross-company data linking: Combining user data from your app with user data from other companies' apps or websites for advertising or ad measurement.
- Device fingerprinting: Using device characteristics to identify a device across apps, even without the IDFA.
What Does Not Count as Tracking
First-party analytics (tracking user behavior within your own app only) is not considered tracking under ATT. Linking user data with data from your own other apps or websites on the same device is also not tracking, as long as you are not sharing that data with third parties. Sending data to a third party that acts as a service provider (processing data only on your behalf) is also not tracking, provided the service provider does not use the data for its own purposes.
How to Disclose ATT in Your Privacy Policy
Your privacy policy should explain whether your app tracks users, what data is involved in tracking, which third parties receive tracking data, and how users can opt out via the ATT prompt. If your app does not track users, state this clearly. If a user denies the ATT prompt, your app must not track them, and your policy should confirm this behavior.
Q: What happens if my app tracks without showing the ATT prompt?
Apple will reject your app during App Review. If the tracking is discovered after approval (through user reports or Apple's own analysis), your app can be removed from the App Store. Apple takes ATT compliance very seriously. There is no grace period or warning system. Your app must request permission before any tracking begins.
Q: Do I need ATT if I only use first-party analytics?
No. First-party analytics that stay within your app and are not shared with third parties for tracking purposes do not require the ATT prompt. However, if your analytics SDK sends data to a third-party server that uses the data for its own purposes (like improving its own products), that could constitute tracking. Check your SDK documentation carefully.
Privacy Manifests
Privacy manifests are a newer Apple requirement introduced to improve transparency around API usage and third-party SDK data practices. Starting in 2024, apps that use certain APIs must include a PrivacyInfo.xcprivacy file that declares each API and the reason for using it.
Required Reason APIs
Apple has identified specific APIs that can be used for fingerprinting or accessing sensitive data. These are called "required reason APIs." If your app or any SDK it includes calls these APIs, you must declare the reason in your privacy manifest. The required reason APIs include file timestamp APIs (like NSFileCreationDate), system boot time APIs, disk space APIs, active keyboard APIs, and user defaults APIs when accessed from outside your app group.
For each API call, you must select from Apple's approved list of reasons. You cannot provide a custom reason. If your use case does not match any approved reason, you should not be calling that API. Using a required reason API without declaring it in your privacy manifest will cause your app to be rejected.
Third-Party SDK Privacy Manifests
Apple also requires popular third-party SDKs to provide their own privacy manifests. When you build your app, Xcode aggregates the privacy manifests from your app and all included SDKs into a single privacy report. This report shows all API usage and data collection across your entire app, including third-party code.
If you use a third-party SDK that does not include a privacy manifest when one is required, your app submission may be flagged. Apple maintains a list of commonly used SDKs that must include privacy manifests. Make sure all SDKs you use are up to date and include the required privacy manifest files.
Did you know?
You can generate a privacy report in Xcode by archiving your app and then selecting "Generate Privacy Report" from the Organizer. This report shows all required reason API usage and data collection declarations from your app and every third-party SDK it includes. Reviewing this report before submission helps you catch missing declarations that would cause a rejection.
Common App Review Rejection Reasons for Privacy
These are the most common privacy-related reasons apps get rejected during App Review. Each one represents a mismatch between what your app does and what your privacy disclosures say.
Incomplete or missing privacy policy
The privacy policy URL is missing from App Store Connect, the URL leads to a broken page, or the policy does not cover all data types the app collects. Apple requires the policy to be accessible without a login and to clearly describe all data practices. A generic, template privacy policy that does not mention your specific app or its data handling will also be flagged.
Nutrition labels do not match actual data collection
Your nutrition labels declare "no data collected" but your app includes analytics SDKs that collect usage data. Or your labels omit a data category that your app clearly collects. Apple reviewers test your app and compare its behavior to your declared nutrition labels. Any mismatch results in rejection with a specific explanation of which data types are missing.
ATT prompt inconsistency
Your app tracks users (uses IDFA, shares data with ad networks, or performs cross-app tracking) without presenting the ATT prompt first. Or your app shows the ATT prompt but continues tracking even when the user declines. Apple tests for both of these scenarios. Your app must respect the user's choice completely.
Third-party SDK data collection not disclosed
Your app includes third-party SDKs (ad networks, analytics, social login, crash reporting) that collect data, but your privacy policy and nutrition labels do not account for this data collection. You are responsible for all data collected by your app, including data collected by SDKs. Review every SDK in your project and declare its data collection in your nutrition labels and privacy policy.
No account or data deletion mechanism
Your app allows users to create accounts but does not provide a way to delete their account and associated data. Since 2022, Apple requires all apps that offer account creation to also offer account deletion. The deletion option must be available within the app itself, not just through a support email. Your privacy policy must explain how users can request and complete data deletion.
The App Review Process for Privacy
Understanding how Apple reviews privacy during App Review helps you prepare your submission and avoid common pitfalls. The review team checks several specific areas related to privacy compliance.
What Reviewers Check
- Privacy policy URL: The reviewer verifies that the URL in App Store Connect is accessible, loads correctly, and contains a substantive privacy policy that covers the app's data practices.
- Nutrition label accuracy: The reviewer tests the app and compares observed data collection (network requests, permissions requested, SDK behavior) against the declared nutrition labels.
- ATT compliance: If the app uses tracking, the reviewer checks that the ATT prompt appears before any tracking occurs and that the app respects the user's choice.
- Privacy manifest: The reviewer checks that required reason APIs are declared with valid reasons in the PrivacyInfo.xcprivacy file.
- Account deletion: If the app supports account creation, the reviewer verifies that account deletion is available and functional.
Review Timeline
Most App Review decisions are returned within 24 to 48 hours. However, apps that trigger privacy concerns may take longer as they require more thorough review. If your app is rejected for a privacy issue, you will receive a specific explanation of what needs to be fixed. You can then update your app, privacy policy, or nutrition labels and resubmit.
Responding to Rejections
When your app is rejected for a privacy issue, read the rejection message carefully. Apple usually specifies exactly which guideline was violated and what needs to change. Fix the specific issue mentioned, update your privacy policy if needed, update your nutrition labels if they were inaccurate, and resubmit. If you believe the rejection was a mistake, you can use the Resolution Center in App Store Connect to respond and explain your position.
New Apps
Rejected
Will not pass App Review without complete privacy compliance
Existing Apps
Removed
Can be pulled from the App Store during re-review
How to Meet Apple App Store Privacy Requirements (6 Steps)
Follow this process to ensure your app meets all of Apple's privacy requirements and passes App Review without privacy-related rejections.
Audit all data your app collects
Review every piece of data your app collects, processes, or shares. Include data from third-party SDKs like Firebase, Facebook SDK, AdMob, Crashlytics, and any analytics tools. For each data type, note whether it is linked to the user's identity and whether it is used for tracking across other apps.
Complete privacy nutrition labels in App Store Connect
In App Store Connect, navigate to your app's privacy section and declare every data type your app collects. For each type, specify whether it is used for tracking, linked to the user's identity, or collected for app functionality, analytics, or advertising. These must match your actual practices.
Implement App Tracking Transparency if needed
If your app tracks users across other companies' apps or websites, implement the ATT framework. Present the tracking permission prompt before any tracking begins. Respect the user's choice completely. If your app does not track, you do not need the ATT prompt, but document this in your privacy policy.
Create and include privacy manifests
Add a PrivacyInfo.xcprivacy file to your Xcode project if your app uses any required reason APIs. Verify that all third-party SDKs include their own privacy manifests. Use Xcode's privacy report feature to review the aggregated privacy declarations before submitting.
Generate your privacy policy
Use a privacy policy generator to create a policy that covers all data types from your nutrition labels, your ATT practices, third-party SDK data collection, and user rights including account and data deletion. The policy must be consistent with your App Store Connect declarations.
Add your privacy policy URL and submit
In App Store Connect, go to App Information and enter your publicly accessible privacy policy URL. Verify the URL loads correctly and does not require a login. Double-check that your privacy policy, nutrition labels, and ATT implementation are all consistent. Then submit your app for review.
Frequently Asked Questions
Does every iOS app need a privacy policy?
Yes. Apple requires a privacy policy for every app submitted to the App Store, regardless of whether the app collects user data. The privacy policy URL must be provided in App Store Connect before submission. Even apps that collect no data need a policy stating that fact.
What are Apple's privacy nutrition labels?
Privacy nutrition labels are Apple's system for displaying an app's data practices on its App Store listing. You must declare what data your app collects across categories like Contact Info, Health, Financial Info, Location, and more. For each type, you specify whether it is linked to the user's identity and whether it is used for tracking.
When is the ATT prompt required?
The App Tracking Transparency prompt is required whenever your app tracks users across apps and websites owned by other companies. This includes using the IDFA, sharing data with data brokers, linking user data with other companies' data for advertising, and device fingerprinting. First-party analytics do not require ATT.
What are privacy manifests?
Privacy manifests (PrivacyInfo.xcprivacy files) are Apple's requirement for declaring API usage and reasons. Apps that use required reason APIs must include a privacy manifest documenting each API call and its purpose. Third-party SDKs must also include their own privacy manifests, which Xcode aggregates into a unified report.
What causes privacy-related App Review rejection?
Common causes include a missing or incomplete privacy policy, nutrition labels that do not match actual data collection, tracking without the ATT prompt, undisclosed third-party SDK data collection, and missing account deletion functionality. Apple provides specific rejection reasons so you can fix the issue and resubmit.
Does my privacy policy need to mention ATT?
If your app uses tracking as defined by Apple, your privacy policy should explain what tracking occurs, what data is shared, and how users can opt out via the ATT prompt. Even if your app does not track, it is good practice to state that clearly in your policy to avoid confusion during App Review.
How do I add a privacy policy URL in App Store Connect?
In App Store Connect, navigate to your app and go to App Information under the General section. Enter your publicly accessible privacy policy URL in the dedicated field. This URL is displayed on your app's App Store listing and must remain accessible without a login for as long as your app is on the store.
Related Resources
Privacy Policy for Apps
General app store privacy policy requirements
Privacy Policy for Google Play
Google Play Store privacy policy requirements
Privacy Policy for Mobile Apps
Complete guide for iOS and Android privacy policies
Do Mobile Apps Need a Privacy Policy?
When a mobile app privacy policy is required
Mobile App Privacy Policy Template
Free template for iOS and Android apps
iOS App Privacy Policy Template
Apple-specific privacy policy template
Generate Your Privacy Policy
Create a compliant policy in under 60 seconds
What Happens Without a Privacy Policy
Real consequences of operating without one
Ready to Submit Your App to the App Store?
Do not let a privacy policy issue delay your launch. Generate a compliant policy that covers nutrition labels, ATT, data deletion, and user rights. Takes under 60 seconds.
Covers GDPR, CCPA, and Apple App Store requirements · Customized for iOS apps · Just $4.99