I’m working towards publishing the iOS version of our New Testament app in the App Store. I see that they require a URL to a privacy policy.
What are people’s experience with this? Also, would someone be willing to share their privacy policy with me or point me to some sort of "privacy policy generator"?
Thanks!
Hi Luke, we use a privacy policy that I generated via a free service, I believe it was https://www.privacypolicygenerator.info/ but I’m not completely sure, there are a bunch out there. I think we tweaked it here or there as team members weighed in but not much. We use a free Mailchimp landing page to host it (with a URL shortener, optional but you can just use bit.ly etc): http://sng.al/priv.
[Feel free to copy, edit and use our privacy policy linked there.]
Thanks for the quick reply!
Good idea about the Mailchimp landing page. So the fact that the privacy policy was on a stand alone web page not connected to an organization or larger entity didn’t bother Apple? Just curious. Any other tips about the iOS app approval process as well (separate from the privacy policy) would be appreciated.
Just checked out the Mailchimp landing page. I like it - thanks for that example.
Curious - the one screenshot on the landing page…how do you overlay it on a phone? I’ve seen those types of screenshots in the Play Store and App store but haven’t looked into how to create them yet.
Yeah man no problem! It being on that landing page was not a problem. We are using the landing pages for now although I can think of many reasons not to do it that way. We actually have a Wolof Bible website but without the nice page builders etc. We can also maintain a news email list via Mailchimp etc. I do not think it’s the only way to do it but it fits us for now. It also insulates a bit from a finding-out-who’s-who perspective. We also use the same privacy policy link for Android.
We are in Senegal, hence the http://sng.al shortlinks - rebrandly.com offers shortlink creation up to 100 for free. You can grab a URL for very little a year if you want that kind of just-for-you short link. Other ways to do it but I think this may be the easiest.
For iOS app approval I think the main thing I would pass along is the part about “Do you have encryption in your app?” question. After a bit of research it’s not too bad but the hard part is understanding what to do for that report. Even if you just make a call to https, you have to file the report apparently. But good news is all you have to do is send a CSV file with the info they need once a year and you are legal. (This is apparently according to Apple what we should be doing for Android apps but Google doesn’t make us declare anything about it.) Grab the template here. Save as CSV format and send to crypt-supp8@bis.doc.gov and enc@nsa.gov once a year. Done.
Other than that I can’t think of anything in particular to add about iOS but let me know if you have any questions as you move forward.
For the screenshots there are a couple ways to do it depending on what software you have, and I’m not convinced I am doing it the easiest way! I have Adobe Illustrator for other things and that’s what I use but you can use other apps where you can do layers. Photoshop is the big one here, psd extension. Lots of templates available in that format.
That one I have on the privacy policy is iOS but I don’t do those anymore, I just do Android. If you have a particular phone you want to do you can Google for example “Pixel 5 mockup” and plenty of templates come up, and you grab and then put your screenshot in the right layer under the screen glare (see http://sng.al/app for how I’m doing them now). Or try goodmockups.com, free ones there.
If you have Photoshop or Illustrator, use those. If you do not, try Gimp for free - it can handle the psd layers, and you just change out the layer for the screen. Google “working with layers in gimp”.
Alternative (I have not tried) is online tools like this: https://mockuphone.com/googlepixelverysilver - do your screenshot and drop it in. I believe that one is free.
Whichever you use, make sure you get the aspect ratio/pixels the same on the Android emulator as the phone you want to do a mockup for.
All good info, especially about the encryption question because I would have just assumed “yes” since SAB encrypts the app itself but they’re asking about connections outside the app (for audio, video, or analytics). Thanks for sharing your experience and how to deal with this.
All great info - thanks so much!
Our IOS app has not had nearly the use of the Android, but we have not had any issues re our privacy policy. You can see it here. https://lannabible.weebly.com/apple-app-privacy-policy.html
Weebly is a free web hosting service. This is where we have a webpage of all our media and apps. The privacy policy is just a sub page on the site.
rg
Thanks for sharing your example RG - that’s helpful.
I see your example is very basic, which apparently doesn’t bother Apple. I’m curious…does your app have analytics? If so which ones?
Just asking as some of the people I work with on our app are very cautious about using analytics (like they so far have said they don’t want to use analytics) so in the future someone couldn’t be identified as using the app based on leaked analytics information. I don’t believe analytics usually has PII. Kind of asking so I have an example of a bible app that collects analytics but acknowledges they don’t collect PII.
Thanks
LS
I use an app called Screener on my Android. It is very easy to use, as soon as you take the screenshot, tap share and Screener will be one of the options. There are a list of frames, unfortunately not many new ones, and you can choose a background colour. I normally choose transparent. After that you can share or save.
A standard example of a privacy policy that reflects what SAB actually does, especially with regards to Firebase analytics, would be helpful. It is easy to find an example of one that might do the job but I want to make sure it is accurate for my app. The truth is I don’t really know what Firebase does with users’ data. Being Google, I suspect it does a lot.
As far as I know the iOS apps from SAB so far do not work with Firebase, or at least not in the same way so there might need to be one policy for Android and another for Apple. Is that correct?