Navigating Apple’s New Privacy Disclosure Requirements
Apple’s new privacy label requirements and creating a data inventory for your company.
Have you heard of Apple’s new privacy label requirements for iOS apps? When submitting a new app or updating an existing app, developers must now provide information about privacy practices including details about what data your company or app collects and shares. The good news is that companies subject to data protection laws such as the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) may already have this information readily available and documented as part of their overall privacy compliance program.
”Your company can use the information to conduct an analysis of which data types require disclosure.”
Building a data inventory is the first step to understanding what data your company collects and how it collects, uses, and shares that data. If your company hasn’t already built or completed an annual update of your data inventory, complying with Apple’s new privacy requirements is a great business case for completing this task. Even if your company doesn’t have the resources to complete a company-wide data inventory, it’s okay to serve a limited scope data inventory covering the data collected, used, and shared by your app.
A data inventory will help your company meet Apple’s new privacy requirements by identifying three things:
1. The types of data your app collects from users.
2. The purpose for using that data.
3. For each data type, whether a company or third party links that data to a user’s identity. Either through the user’s account, device, or other details.
After the data inventory is complete, your company can use the information to conduct an analysis of which data types require disclosure under Apple’s guidelines. Additionally, the data inventory can be used to support statements made in your company or app’s privacy notice. Another Apple privacy label requirement is to provide a link to your company or app’s publicly accessible privacy notice.
If you have questions about building or updating your company’s data inventory or how to comply with Apple’s new app store privacy requirements, leave a comment below or reach out to Aleada Consulting by using our buttons below.
*** This is a Security Bloggers Network syndicated blog from "Ask Aleada" Blog - Aleada Consulting authored by Mari Pizzini. Read the original post at: https://www.aleada.co/ask-aleada-blog/2021/5/13/navigating-apples-new-disclosure-requirements
