Privacy Policy required from October (Apple)

Just a heads up.

"Apple has announced that, starting October 3, 2018, all new apps and app updates will require a privacy policy in order to be submitted for distribution on the App Store or through TestFlight for beta testing purposes. "

https://www.macrumors.com/2018/08/31/all-app-store-apps-to-require-privacy-policy/

I got this e-mail today, but my app doesn’t have access to any privacy data.

Dear Developer,

We identified one or more issues with a recent delivery for your app, “xxxxxxx”. Your delivery was successful, but you may wish to correct the following issues in your next delivery:

"Missing Purpose String in Info.plist File. Your app’s code references one or more APIs that access sensitive user data. The app’s Info.plist file should contain a NSLocationAlwaysUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. Starting spring 2019, all apps submitted to the App Store that access user data will be required to include a purpose string.If you’re using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. You can contact the developer of the library or SDK and request they release a version of their code that doesn’t contain the APIs. Learn more (https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).

"Missing Purpose String in Info.plist File. Your app’s code references one or more APIs that access sensitive user data. The app’s Info.plist file should contain a NSLocationWhenInUseUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. Starting spring 2019, all apps submitted to the App Store that access user data will be required to include a purpose string.If you’re using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. You can contact the developer of the library or SDK and request they release a version of their code that doesn’t contain the APIs. Learn more (https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).

After you’ve corrected the issues, you can use Xcode or Application Loader to upload a new binary to iTunes Connect.

Best regards,

The App Store Team

Me too.
I’ve tried adding entries to the info.plist but I mustn’t be adding it properly because they keep reporting this.

It seems both notes are for location usage. Could it be that maybe not your app directly, but one of its libraries or plug-ins has location-related functions? Depending on how the checks are being made they may be detecting them even if you don’t actively end up using them.

It may also be that this is all in testing and even adding these (like Jeff) has no effect or it may be that they’re false positives.

My app has these extensions:
• ViewExtensionsXC
• TextFieldExtensionsXC
• TableExtensionsXC
• SegmentedControlExtensionsXC
• ScrollViewExtensionsXC
• ExtensionsXC
• ControlExtensionsXC
• ButtonExtensionsXC
• CSDevice
• Foundation
• UIKit
• iOSDeclares
• iOSStuff

None of the …XC modules use location.

Maybe it is just Xojo referencing these.
Which version of Xojo did you use to build your app ?

2018R2

Just uploaded a new build.
Got the same advisory message back, but I can not understand why.

MY info.plist is this, which seems to do what they are asking for. (I don’t use location services!)

[code]<?xml version="1.0" encoding="UTF-8"?>

UIFileSharingEnabled NSLocationAlwaysAndWhenInUseUsageDescription NSLocationUsageDescription This app does not require your location. NSLocationWhenInUseUsageDescription This app does not require your location. [/code]

Solved.

This info.plist generated an app that they didnt complain about:

[code]<?xml version="1.0" encoding="UTF-8"?>

    <key>NSLocationAlwaysUsageDescription</key>
<string>Not used</string>
<key>NSLocationAlwaysAndWhenInUseUsageDescription</key>
<string>Not used</string>
<key>NSLocationUsageDescription</key>
<string>Not used</string>
<key>NSLocationWhenInUseUsageDescription</key>
<string>Not used</string>
[/code]

@ jeff: today I submitted an app to the Store, but I was asked to enter the URL of my Privacy Policy. Well, I made one and loaded it on my website. The app is now under review.

Then I saw this post. So I’d like to ask if adding the above info.plist the URL is no more needed.
Besides, should I add a new info.plist, or just add the keys and strings to the existing one?

Thank you,

My info.plist effectively says ‘Hey Apple, I dont use any of that stuff, so I don’t need a policy’

By supplying a URL, you are saying ‘I may use something sensitive, so if you want to know what I do with it, look at this URL’

“The way things are going”

Apple will supply a 1,000 pages books on madatory stuff for applications mandatory stuff to be in App Store / Mac Store / iTunes Store / Whatever Name store… ;-:slight_smile:

if it comes back

…into existing one , along with whatever else you need in there

Fine. I copy/pasted them through App Wrapper (and checked the info.plist if they were inserted).
Yet, when submitting the new binary, I was still asked to add an URL for each localization; so I made them happy by supplying it.

Thanks.