What are Apple’s Privacy Nutrition Labels?
What are Privacy Nutrition Labels?
Introduced in 2020 alongside iOS 14.3 and as part of Apple’s continued privacy-centric evolution, Privacy Nutrition Labels are a feature on Apple devices designed to give users utmost transparency into how apps use their data. App developers are required to disclose all information on their data usage practices, along with the data collection and usage practices of any third-party partners with code integrated in the app. This information is then presented in the Privacy Nutrition Label, accessible to users on each app’s App Store page.
As the name suggests, Privacy Nutrition Labels are designed to look like a nutrition label typically found on a packaged food product. The idea is that users can get a quick and easy-to-understand look into exactly how their data is used and why, the same way that nutrition labels summarize exactly what can be found in the given product.
All information must be provided via App Store Connect before publishing a new app or an update to an existing app.
Privacy Nutrition Labels on iPhone look like this:
What are the Privacy Nutrition Label categories?
There are three Privacy Nutrition Label categories:
- Data Used to Track You
- Data Linked to You
- Data Not Linked to You
When viewed by the user on the App Store, each of these containers will be filled out with predefined labels based on the information declared by the developer.
These labels are: Contact Info, Health & Fitness, Financial Info, Location, Sensitive Info, Contacts, User Content, Browsing History, Search History, Identifiers, Purchases, Usage Data, Diagnostics, and Other Data.
In order to submit an app to the App Store, or to publish an app update, it’s essential that developers accurately and comprehensively describe how their app uses the above data types when selecting answers in App Store Connect.
Starting with iOS 17, there are a series of new features aimed to make it easier for developers to do this. These include signatures for third-party SDKs and privacy manifests, where detailed information regarding all data collected and used by integrated partners is detailed.
Privacy manifests are a big part of Apple’s latest move to increase transparency and the overall “integrity of the software supply chain”. Apple has a list of data use purposes and definitions that can be referred to for help clarifying typical uses. For example:
-
Purpose: Third-Party Advertising
Definition: Displaying third-party ads in your app, or sharing data with entities who display third-party ads. -
Purpose: Analytics
Definition: Using data to evaluate user behavior, including to understand the effectiveness of existing product features, plan new features, or measure audience size or characteristics.
It’s also required to link to your Privacy Policy on your app product page, and it is recommended to link to an additional Privacy Choices page, where users can learn more about their choices when using your app and how to manage them.
How do I create a Privacy Nutrition Label?
When you’re getting ready to publish in App Store Connect, you’ll be presented with a series of questions around the data that your app collects. The answers will be used to create your app’s Privacy Nutrition Label. Keep in mind that answers must also be inclusive of all of the data collected by third-party partners (ad networks, analytics tools, SDKs, external vendors, etc.).
Any time that your practices change, you’re also responsible for updating your responses in App Store Connect.
Note that there are some data types that fall into the Optional disclosure category, meaning you don’t have to report them if all of the criteria are met. These criteria include:
- The data is not used for tracking purposes and not linked with third-party data for advertising.
- The data is not used for third-party advertising, marketing purposes, or for other purposes defined as Tracking by Apple.
- The specific data collection is infrequent, not part of the app’s primary functionality, and is optional to the user.
- The data is provided by the user themselves within the app’s interface, it is clear what is being collected, and the user affirmatively chooses to provide the data for collection in each instance where it is being collected.
Some examples of data that may meet all of these criteria are optional feedback forms or customer service requests.
Once you’re got all of the information together and ready to declare, you next need to determine whether each data type is linked to the user, whether you or any of your third-party partners are using that data to track users, and what the purposes for that tracking are. This determines which of the overarching three categories that the data label will be included in.
For more information on Privacy Nutrition Labels or for any Apple, iOS, SKAdNetwork (SKAN), AdAttributionKit, App Tracking Transparency (ATT), or privacy related questions in general, get in touch with your Adjust contact person or reach out to learn more.
Never miss a resource. Subscribe to our newsletter.