Non-compliance can cost up to €20M or 4% of annual revenue. With GDPR, CCPA, and app store privacy requirements, data privacy is non-negotiable. This guide ensures compliance.
Why Data Privacy Matters
- Legal: GDPR fines up to €20M or 4% revenue
- Trust: 84% of users care about data privacy
- App Store: Required privacy labels (iOS/Android)
- Competitive advantage: Privacy as a feature
- Brand reputation: Breaches are costly
Major Privacy Regulations
GDPR (EU)
Scope: EU residents (applies worldwide if you have EU users)
Key requirements:
- Lawful basis for data processing
- Explicit consent
- Right to access data
- Right to deletion ("right to be forgotten")
- Right to portability
- Data breach notification (72 hours)
- Privacy by design
- DPO required (for large-scale processing)
Penalties: Up to €20M or 4% of annual revenueCCPA (California)
Scope: California residents (applies to companies with $25M+ revenue, 50K+ users, or earn 50%+ from selling data)
Key requirements:
- Disclose data collection
- Right to know what data is collected
- Right to deletion
- Right to opt-out of sale
- Do Not Sell link
- No discrimination for opting out
Penalties: $2,500 per violation ($7,500 intentional)Other Regulations
- LGPD (Brazil): Similar to GDPR
- PIPEDA (Canada): Consent-based
- PDPA (Singapore): Consent and purpose
- COPPA (US): Children under 13
- UK GDPR: Post-Brexit GDPR
Apple Privacy Requirements
App Privacy Labels (Nutrition Labels)
Required in App Store Connect:
Categories:
1. Data Linked to User
- Contact Info (name, email, phone, address)
- Health & Fitness
- Financial Info
- Location
- User Content (photos, messages, docs)
- Browsing History
- Search History
- Identifiers (User ID, Device ID, IDFA)
- Purchases
- Usage Data
- Diagnostics
- Other Data
2. Data Used to Track You
- IDFA
- Cross-app tracking
- Third-party advertising
3. Data Not Linked to You
- Anonymous analytics
- Crash reports
For each:
- How it's used (Analytics, Product personalization, etc.)
- Whether it's linked to user identityApp Tracking Transparency (ATT)
iOS 14.5+ requirement:
Must request permission to track users:
// Info.plist
NSUserTrackingUsageDescription
We use this to provide personalized ads and measure campaign effectiveness
// Request tracking
import AppTrackingTransparency
func requestTrackingAuthorization() {
if #available(iOS 14, *) {
ATTrackingManager.requestTrackingAuthorization { status in
switch status {
case .authorized:
// Tracking authorized
print("IDFA: \(ASIdentifierManager.shared().advertisingIdentifier)")
case .denied, .restricted, .notDetermined:
// Use alternative (SKAdNetwork)
break
@unknown default:
break
}
}
}
}
When to request:
- After onboarding
- When user benefits are clear
- Contextually (e.g., before enabling feature)Google Play Privacy Requirements
Data Safety Section
Required since July 2022:
Disclose:
1. What data is collected
- Location, Personal info, Financial info, etc.
2. Why data is collected
- App functionality, Analytics, Advertising, etc.
3. Data sharing
- Who receives data
- Is it shared with third parties?
4. Security practices
- Data encrypted in transit
- Data encrypted at rest
- User can request deletion
- Committed to Play Families Policy
5. Data retention and deletion
- How long data is kept
- How users can request deletion
Complete in: Play Console → App content → Data safetyConsent Management
GDPR Consent Requirements
Valid consent must be:
✓ Freely given (no forced bundling)
✓ Specific (purpose-specific)
✓ Informed (clear information)
✓ Unambiguous (active opt-in)
✓ Easy to withdraw
Invalid:
❌ Pre-checked boxes
❌ Forced consent (to use app)
❌ Bundled consent (all-or-nothing)
❌ Unclear languageConsent UI Implementation
iOS:
class ConsentManager {
static func showConsentDialog(from: UIViewController) {
let alert = UIAlertController(
title: "Your Privacy Matters",
message: """
We collect and process your data for:
• App functionality (necessary)
• Analytics to improve our service
• Personalized advertising
You can change your preferences anytime in Settings.
""",
preferredStyle: .alert
)
alert.addAction(UIAlertAction(title: "Manage Preferences", style: .default) { _ in
showDetailedConsent()
})
alert.addAction(UIAlertAction(title: "Accept All", style: .default) { _ in
saveConsent(analytics: true, ads: true)
})
alert.addAction(UIAlertAction(title: "Reject All", style: .cancel) { _ in
saveConsent(analytics: false, ads: false)
})
from.present(alert, animated: true)
}
static func saveConsent(analytics: Bool, ads: Bool) {
UserDefaults.standard.set(analytics, forKey: "consent_analytics")
UserDefaults.standard.set(ads, forKey: "consent_ads")
UserDefaults.standard.set(Date(), forKey: "consent_date")
// Configure SDKs
if analytics {
Analytics.setAnalyticsCollectionEnabled(true)
}
if ads {
// Enable ad personalization
}
}
}
Android:
class ConsentManager(private val context: Context) {
fun showConsentDialog(activity: Activity) {
MaterialAlertDialogBuilder(context)
.setTitle("Your Privacy Matters")
.setMessage("""
We collect and process your data for:
• App functionality (necessary)
• Analytics to improve our service
• Personalized advertising
""".trimIndent())
.setPositiveButton("Accept All") { _, _ ->
saveConsent(analytics = true, ads = true)
}
.setNegativeButton("Reject All") { _, _ ->
saveConsent(analytics = false, ads = false)
}
.setNeutralButton("Manage") { _, _ ->
showDetailedConsent(activity)
}
.show()
}
private fun saveConsent(analytics: Boolean, ads: Boolean) {
val prefs = context.getSharedPreferences("privacy", Context.MODE_PRIVATE)
prefs.edit()
.putBoolean("consent_analytics", analytics)
.putBoolean("consent_ads", ads)
.putLong("consent_date", System.currentTimeMillis())
.apply()
// Configure SDKs
FirebaseAnalytics.getInstance(context)
.setAnalyticsCollectionEnabled(analytics)
}
}Consent Management Platforms
- OneTrust: Enterprise solution
- Usercentrics: GDPR/CCPA compliant
- Cookiebot: Easy integration
- iubenda: Privacy policy + consent
- TrustArc: Comprehensive platform
Privacy Policy
Required Sections
1. Introduction
- Who you are
- Contact information
2. Data Collection
- What data you collect
- How it's collected (automatic, user-provided)
3. Purpose of Processing
- Why you need the data
- Legal basis (consent, legitimate interest, etc.)
4. Data Sharing
- Third parties who receive data
- Why they receive it
5. Data Retention
- How long you keep data
- Deletion criteria
6. User Rights
- Access, correction, deletion
- How to exercise rights
7. Security Measures
- How data is protected
8. Children's Privacy (if applicable)
9. International Transfers
- If data leaves EU/US
10. Changes to Policy
- How users will be notified
11. Contact Information
- DPO email/address (GDPR)
- Privacy contactPrivacy Policy Generators
- TermsFeed: Free templates
- iubenda: Customizable ($27+/month)
- PrivacyPolicies.com: One-time fee
- Termly: Free with attribution
Data Minimization
Principle
Only collect data you actually need.
Good:
✓ Email for login
✓ Name for personalization
✓ Location for location-based features
Bad:
❌ Full address when city is enough
❌ Date of birth when age range is enough
❌ Phone number if not used
❌ Social security number (never)Anonymous Analytics
iOS - Firebase:
Analytics.setAnalyticsCollectionEnabled(true)
Analytics.setUserProperty(nil, forName: "user_id") // Don't set user ID
Android - Firebase:
FirebaseAnalytics.getInstance(context).apply {
setAnalyticsCollectionEnabled(true)
setUserId(null) // Anonymous
}
Alternative: PostHog, Plausible (privacy-focused)Data Security
Encryption
Data at rest:
iOS:
- Use Keychain for sensitive data
- FileProtection for files
Android:
- EncryptedSharedPreferences
- Android Keystore
- SQLCipher for databases
Data in transit:
✓ HTTPS only (TLS 1.3)
✓ Certificate pinning
✓ No HTTP fallbackAuthentication
- Strong password requirements
- Multi-factor authentication
- OAuth 2.0 for third-party auth
- Biometric authentication
- Session management
User Rights Implementation
Right to Access
Provide data export:
API endpoint:
GET /api/user/data
Response:
{
"user_info": {
"email": "[email protected]",
"name": "John Doe",
"created_at": "2023-01-15"
},
"activity": [...],
"preferences": {...}
}
Download format: JSON or CSVRight to Deletion
Implement account deletion:
iOS:
func deleteAccount() {
let alert = UIAlertController(
title: "Delete Account",
message: "This will permanently delete all your data. This action cannot be undone.",
preferredStyle: .alert
)
alert.addAction(UIAlertAction(title: "Cancel", style: .cancel))
alert.addAction(UIAlertAction(title: "Delete", style: .destructive) { _ in
API.deleteAccount { success in
if success {
// Clear local data
UserDefaults.standard.removePersistentDomain(forName: Bundle.main.bundleIdentifier!)
// Log out
navigateToLogin()
}
}
})
present(alert, animated: true)
}
API:
DELETE /api/user/account
Backend:
- Delete user data
- Anonymize analytics (keep aggregate stats)
- Delete backups within 30 days
- Send confirmation emailRight to Portability
Export data in machine-readable format:
- JSON (preferred)
- CSV
- XML
Include all user data:
- Profile information
- User-generated content
- Settings and preferences
- Activity historyThird-Party SDKs
Audit SDKs
For each SDK, document:
- What data it collects
- How it's used
- Where it's stored
- Data retention
- Privacy policy
Common SDKs:
- Firebase (Analytics, Crashlytics)
- Facebook SDK (Login, Analytics)
- Google Ads
- AppsFlyer
- Adjust
- Mixpanel
Update App Privacy Labels to include SDK data collection.SDK Privacy Settings
Firebase - Disable data collection:
FirebaseApp.configure()
Analytics.setAnalyticsCollectionEnabled(false)
Crashlytics.crashlytics().setCrashlyticsCollectionEnabled(false)
Facebook - Limited Data Use:
Settings.setAdvertiserTrackingEnabled(false)
Settings.setDataProcessingOptions(["LDU"], 1, 1000) // CCPA
AdMob - Consent:
let request = GADRequest()
let extras = GADExtras()
extras.additionalParameters = ["npa": "1"] // Non-personalized ads
request.register(extras)Breach Notification
GDPR Requirements
If data breach occurs:
1. Document breach (within hours)
- What data was accessed
- How many users affected
- What risk to users
2. Notify supervisory authority (within 72 hours)
- Report to relevant data protection authority
- Describe breach and impact
3. Notify affected users (without undue delay)
- If high risk to rights and freedoms
- Clear, plain language
- Mitigation steps
4. Take action
- Fix vulnerability
- Prevent future breaches
- Document learningsChildren's Privacy (COPPA)
Requirements for Apps Targeting Children < 13
COPPA requirements:
- Parental consent for data collection
- Clear privacy policy
- Data minimization
- Data security
- No behavioral advertising
- No persistent identifiers without consent
Age gate:
- Ask user age before collecting data
- If < 13, require parental consent
- Alternative: Age-neutral app (no data collection)Compliance Checklist
□ Privacy policy created and linked in app
□ Consent mechanism implemented
□ App Privacy Labels completed (iOS)
□ Data Safety section completed (Android)
□ ATT implementation (iOS)
□ Data encryption (at rest and in transit)
□ Data retention policy defined
□ User rights implemented (access, deletion, portability)
□ Third-party SDKs audited
□ Data processing agreement with vendors
□ Breach response plan
□ GDPR representative appointed (if applicable)
□ DPO appointed (if required)
□ Privacy by design in development
□ Regular privacy audits
□ Team privacy trainingConclusion
Data privacy is not a one-time task but an ongoing commitment. By implementing proper consent management, respecting user rights, and following GDPR/CCPA requirements, you build trust, avoid fines, and create a privacy-first app that users feel good about using.