Privacy Policy Free, Paid & Cheap for Mobile App


(Daveyon Mayne) #1

My app is now in the Apple App Store awaiting review. Next, I’ll need testers and a required field is needed for privacy url. I dont have one. This app my fail or be a success. Either way, I wish not to spend too much money at this stage – or non at all.

As you know, my app is a basic bookkeeping app and that means I store users sensitive data. I need a tailored privacy policy for this starting stage. Is there such a thing? Can I get a free or very, very cheap policy?


(Daniel Hollands) #2

From what I understand, a privacy policy is nothing more than a declaration of what you’re going to do with a customer’s data. As such, it is a legal document and something which could get you into a lot of trouble if you don’t do it properly, and/or do something which goes against what you’ve stated in the policy.


(Daveyon Mayne) #3

So basically it’s not needed for testers?


(Steve Jalim) #4

If you can’t run testing without it being in the App Store, then you’ll still need it to pass Apple’s review policy, IIRC. Can you send a pre-release version directly to testers?


(Daveyon Mayne) #5

I’ve never done this before. I’m using iTunes Connect TestFlight. I’ll see but I see no reason I wont be able to.


(Guillaume Piot) #6

Yes you don’t need to be on the App Store to have people testing your app, which is what TestFlight enables you to do. We have apps that have been in TestFilght for month and still not in App Store. We roll it out to internal testers (our team) and external (a selection of your target audience).

On your case you won’t need to have an official privacy policy for apple, but you’ll want to get your testers to sign a disclaimer, that their data may be lost or anonymously access for testing purpose.

The level of privacy and more importantly security you can offer will depend on your infrastructure, and you are the only person who define what it is. I would strongly encourage encrypting your database and all api connections (if any).

As long as you follow the country recommended level of protection for your customer data, you shouldn’t liable if you get hacked or the data is accessed pass your current security implementation.

If your app only save data in local storage, and the data disappear when you delete the app then that’s quite safe. If you have a backend server holding your data, this is what will be the main concern for privacy.


(Daveyon Mayne) #7

Hi. I’ve just realised what TestFlight was for. I use firebase and few people mentioned about country specific policy such as where firebase stores the data etc. What you’ve said is vital so thanks for that.