2

My app (version 1.13) was rejected last night from the Apple review team.

The reason:

Guideline 5.1.2 - Legal - Privacy - Data Use and Sharing

Your app accesses user data from the device but does not have the required precautions in place.

To clarify, since your app accesses user contact data from the device you must have a Privacy Policy URL in the metadata and ensure that the URL you provide directs users to your privacy policy.Additionally, when the contacts access prompt is displayed, the usage string in your access request should clearly inform the user why and how their device contacts information is used.

My app is 2 years old and I have had no problems with any of the previous 13 versions - from 1.00 to 1.12. The changes were fixes in the database, navigation and widget code, as well as some miscellaneous bug fixes. In the info.plist file there is a text value under Privacy - Contact Using Description. This has been the case from the outset, i.e., since ver.1.00.

Moreover - the Pro version of this app, with the same interface and info.plist file (but without Ads serving) was approved two days ago!

I don't have Privacy policy URL - either in the app or in the iTunes app page.

So, as I understand, I have to include a Privacy policy URL. And maybe I have to revise my text under the Privacy - Contact Using Description key in the app info.plist.

My first question is: should there be a link (URL) for the Privacy policy besides in the iTunes app page, in the app itself (somewhere in "About" section or in "Settings")?

My second question is: how detailed the text be keyed in Privacy - Contact Using Description in the plist? This shows when user starts the app for the first time and there are two choices: Don't allow / Allow . The current message is

".. this apps requests permission to access your contacts. If you do not allow, you will not use some of the functionality of this application."

Should I add more details here?

Edit: I don't collect user contacts, I don't upload user contacts on my servers or other servers. The app just searching for matches in the names in the contact list. Nothing more.

Community
  • 1
  • 1
Panayot
  • 484
  • 1
  • 6
  • 18
  • 1
    You are opening Contact so you have to add privacy policy. You have to add privacy policy in plist of the app. Mention your privacy policy with description. For e.g. https://stackoverflow.com/questions/39610590/how-to-give-permission-to-access-phone-addressbook-in-ios-10-0 here is the list of policy https://stackoverflow.com/questions/29894749/complete-list-of-ios-app-permissions – Gagan_iOS Jul 07 '17 at 11:45
  • @Gagan_iOS - Do I understand that my text in the description is not enough? There I mentioned that the application wants to access the user contacts. And in this description I would not be able to put the whole of the Privacy policy. Maybe you mean to include there a link to the policy? – Panayot Jul 07 '17 at 12:00
  • No need to add any extra info on alert. You can show only required information. In plist Just mention the reason for accessing the contacts & when user access contacts in the app. – Gagan_iOS Jul 07 '17 at 12:47

1 Answers1

9

Here's what my problem solved:

I've edited the description in info.plist of how I use the address book if the user agrees. Added all details there.

In addition, I added a very detailed privacy policy (URL for the policy) in the details in iTunes page of the app.

No URL to the privacy policy somewhere in my app.

A few minutes ago Apple review team approved the new build of my app.

Panayot
  • 484
  • 1
  • 6
  • 18
  • Hey can you please explain how did you generate the URL for the policy and how did you generate the actual policy itself ? – Zeus Eternal Oct 15 '17 at 20:46
  • @Zeus Eternal, Hello, my choice was Google Sites, there are my policies placed. Texts are in English and in Bulgarian - my native language, also the language of some of my apps. I just get the link for the app policy and put in the app info in iTunes. Here are my policies: [link](https://sites.google.com/view/ios-ppanayotov/home). – Panayot Oct 16 '17 at 06:26
  • @sabiland I'm glad I helped! – Panayot Mar 11 '19 at 17:16