0370 270 6000

Apps for Apple will need GDPR compliant privacy policies - update yours now!

5 October 2018

From this week - if you want to continue to offer your app via the apple store you’re going to need to have a GDPR compliant privacy policy in place.

After updating its App Store Review Guidelines back in June to require that all apps, including those being submitted for testing, must have a privacy policy in place, Apple has recently announced to its app developers that as of 3 October 2018 it will be enforcing these new guidelines. This means that going forward, you will no longer be able to submit an app for distribution through the App Store or through TestFlight for testing without providing a privacy policy.

The guidelines require that the privacy policy must include certain information, which is similar to the Article 13 and 14 ‘right to information’ requirements of the General Data Protection Regulation (GDPR).

If your app already has a GDPR compliant privacy policy then you do not need to take any action, though we recommend that if you are not confident that your current privacy policy is GDPR complaint, that you seek advice on this as soon as possible, as there is a now a risk your app may be removed from the App Store.

If you are developing a new app or considering updating your existing app, you will need to ensure you have a GDPR complaint privacy policy to accompany it as soon as possible and in any event before you submit it to testing or the App Store.

Under Apple’s new rules you will only be able to edit your policy when you submit a new version of your app, so it is imperative you get your policy right and GDPR compliant the first time, if not you will be in breach of the GDPR and will also expose yourself to the risk of a complaint to the Information Commissioner’s Office.

In our view, it’s not surprising that Apple are taking this more proactive approach and will be reviewing privacy policies themselves before allowing new/updated apps onto the App Store, meaning if your policy is not compliant when submitted it may hold up or block your app making it on to the App Store altogether.

So what does a GDPR compliant privacy policy look like?

Under the GDPR, the requirements for what must be contained in a privacy policy are much more onerous than under the previous legislation. It’s not going to be sufficient to use a generic one - you’re going to need to make sure it sets out the following as they relate to your own app:

  • purposes for processing
  • legal basis for processing
  • recipients or categories of recipients of the data
  • retention periods
  • details of any transfers of data outside the EEA
  • details of individual’s rights.

If you’d like a GDPR compliant privacy policy for your app, or would like a review of your privacy policy for GDPR compliance, please contact us at GDPR@brownejacobson.com.

Written by Ella Greenwood and Tom Nanson

Related opinions

IR35 rules to be scrapped from April 2023

The Chancellor’s recent mini-budget provided a significant announcement for business as it was confirmed that the off-payroll working rules (known as “IR35”) put in place for public and private sector businesses from 2017 and 2021 will be scrapped from April 2023.

View blog

Cameras in convenience stores: a potential hornet’s nest..?

A convenience retailer has opted to install cameras (the “Facewatch” system) at a limited number of its English stores to reduce crime and protect its staff.

View blog

Proceed with caution – covenants in franchise agreements

In the recent case of Dwyer (UK Franchising) Limited v Fredbar Limited and ano’r [2022] EWCA Civ 889, the Court of Appeal considered the reasonableness of restrictive covenants in a franchise agreement.

View blog

Court of Appeal overturns “fire and re-hire” injunction

The Court of Appeal overturned the “fire and re-hire” injunction, finding that there was nothing in the express contractual provisions preventing Tesco from giving the notice to terminate employment in the usual way.

View blog

Mailing list sign up

Select which mailings you would like to receive from us.

Sign up