Privacy policy and disclosures checklist

  • Does your app have a privacy policy?

  • Does your privacy policy explain how your app works to help consumers understand what you do, and don’t do, with their data?

    • Where applicable, your privacy policy should discuss whether your app:
      • collects personally identifiable information and/or information for internal use;
      • includes in-app purchases;
      • has social media capabilities, and how they are utilized;
      • includes advertising, and if that advertising is behavioral or contextual
      • includes links to the internet and/or app store; uses third party services or plug-ins.
  • Is your privacy policy clear, concise, and written in language that consumers can understand?

  • Is your privacy policy easily accessible, displayed prominently on your website, and accessible from all your app store listings?

  • Does your privacy policy include contact information that consumers may use if they have a question? You should consider including an email address, phone number, and a mailing address where they can contact you.

  • Does your app utilize robocall and/or text messaging notifications?

  • Is your privacy policy accessible to end users with recognized disabilities, as defined by the Americans with Disabilities Act?

After you’ve completed the checklist, remember that if your app handles sensitive data, such as information pertaining to children, health and wellness, and/or finances, it may require additional privacy disclosures.

Category-Specific Requirements

If you’re building apps directed to children, it’s important to consider regulations that are designed to protect the privacy of children.

Health and wellness apps may need to comply with Health Insurance Portability and Accountability Act (HIPAA) rules that regulate the use of medical information. You’ll also need to be aware of ad networks and analytics providers.

Consumers need to trust the integrity of financial and retail apps before they hand over their sensitive information. It’s essential that you honor their trust by safeguarding all data.