0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

apps for Apple will need GDPR compliant privacy policies - update yours now!

5 October 2018

From this week - if you want to continue to offer your app via the apple store you’re going to need to have a GDPR compliant privacy policy in place.

After updating its App Store Review Guidelines back in June to require that all apps, including those being submitted for testing, must have a privacy policy in place, Apple has recently announced to its app developers that as of 3 October 2018 it will be enforcing these new guidelines. This means that going forward, you will no longer be able to submit an app for distribution through the App Store or through TestFlight for testing without providing a privacy policy.

The guidelines require that the privacy policy must include certain information, which is similar to the Article 13 and 14 ‘right to information’ requirements of the General Data Protection Regulation (GDPR).

If your app already has a GDPR compliant privacy policy then you do not need to take any action, though we recommend that if you are not confident that your current privacy policy is GDPR complaint, that you seek advice on this as soon as possible, as there is a now a risk your app may be removed from the App Store.

If you are developing a new app or considering updating your existing app, you will need to ensure you have a GDPR complaint privacy policy to accompany it as soon as possible and in any event before you submit it to testing or the App Store.

Under Apple’s new rules you will only be able to edit your policy when you submit a new version of your app, so it is imperative you get your policy right and GDPR compliant the first time, if not you will be in breach of the GDPR and will also expose yourself to the risk of a complaint to the Information Commissioner’s Office.

In our view, it’s not surprising that Apple are taking this more proactive approach and will be reviewing privacy policies themselves before allowing new/updated apps onto the App Store, meaning if your policy is not compliant when submitted it may hold up or block your app making it on to the App Store altogether.

So what does a GDPR compliant privacy policy look like?

Under the GDPR, the requirements for what must be contained in a privacy policy are much more onerous than under the previous legislation. It’s not going to be sufficient to use a generic one - you’re going to need to make sure it sets out the following as they relate to your own app:

  • purposes for processing
  • legal basis for processing
  • recipients or categories of recipients of the data
  • retention periods
  • details of any transfers of data outside the EEA
  • details of individual’s rights.

If you’d like a GDPR compliant privacy policy for your app, or would like a review of your privacy policy for GDPR compliance, please contact us at GDPR@brownejacobson.com.

Written by Ella Greenwood and Tom Nanson

related opinions

Beards: Smart or Not?

In Sethi v Elements Personnel Services Limited, the Employment Tribunal has considered the implications of dress codes on men.

View blog

Supreme Court provides comfort to public authorities facing village green applications

In a lengthy majority judgment accompanied by two powerful dissenting opinions, the Supreme Court found yesterday that land acquired and held for statutory purposes cannot be registered as a village green where that registration is incompatible with the statutory purpose for which it is held.

View blog

Multi Skilled Visit: what is the impact of it being a right under the new Electronic Communications Code?

A Multi Skilled Visit (MSV) is when a survey is carried out on behalf of operators for the purpose of seeing whether a new site is suitable for the installation and operation of electronic communications equipment.

View blog

Retail woes extending beyond the property sector and into financial markets

Some commentators had anticipated that persisting retail sector challenges might disrupt more than the make-up of the high street or commercial property negotiations between landlords and tenants.

View blog

mailing list sign up

Select which mailings you would like to receive from us.

Sign up