App privacy details on the App Store

App privacy details on the App Store

在 App Store 上的 App 私有信息详情

Later this year, the App Store will help users understand an app’s privacy practices before they download the app on any Apple platform. On each app’s product page, users can learn about some of the data types the app may collect, and whether that data is linked to them or used to track them. You’ll need to provide information about your app’s privacy practices, including the practices of third-party partners whose code you integrate into your app, in App Store Connect. This information will be required to submit new apps and app updates to the App Store starting December 8, 2020.

不久以后,用户在通过任何平台下载App之前就可以通过 App Store 了解 App 隐私数据用来干什么。在每个 App 的产品页,用户可以知道App 可能收集哪些方面数据,并且这些数据那些是关联到自己,那些是追踪自己的。在App Store Connect您需要提供有关你 App 以及 App 中第三方所有使用隐私数据的信息。 2020年12月8日开始 App Store App 更新和新的 App 上架 都必须披露隐私信息。


Answering app privacy questions(回答应用程序隐私问题注意事项)

As you get ready to select your answers from the options presented in App Store Connect, keep in mind:

当您准备从App Store Connect中提供的选项中选择答案时,请记住:

  • You need to identify all of the data you or your third-party partners collect, unless the data meets all of the criteria for optional disclosure listed below.


  • Your app’s privacy practices should follow the App Store Review Guidelines and all applicable laws.

您使用 App 的 隐私数据时应遵循《 App Store审查指南》和所有适用法律。

  • You’re responsible for keeping your responses accurate and up to date. If your practices change, update your responses in App Store Connect. You may update your answers at any time, and you do not need to submit an app update in order to change your answers.

您有责任确保您的回复最新且准确的,如果隐私数据使用情况变更,你可以在App Store Connect更新你的回复。你可以实时更新你的回答,没有必要为了更改回答而更新App。

Account Holders and Admins can learn how to enter their responses in App Store Connect.

账号持有者和管理者可以在App Store Connect 学习怎么输入回答

Data collection(数据收集)

You’ll need to know the types of data that you and/or your third-party partners collect from your app before answering the questions in App Store Connect.

在回答App Store Connect中的问题之前,您需要了解您和/或第三方合作伙伴从您的应用程序收集的数据类型。

“Collect” refers to transmitting data off the device in a way that allows you and/or your third-party partners to access it for a period longer than what is necessary to service the transmitted request in real time.


“Third-party partners” refers to analytics tools, advertising networks, third-party SDKs, or other external vendors whose code you’ve added to your app.


Optional disclosure(可选的信息披露)

Data types that meet all of the following criteria are optional to disclose:


  • The data is not used for tracking purposes, meaning the data is not linked with Third-Party Data for advertising or advertising measurement purposes, or shared with a data broker. For details, see the Tracking section.


  • The data is not used for Third-Party Advertising, your Advertising or Marketing purposes, or for Other Purposes, as those terms are defined in the Tracking section.

该数据不用于第三方广告、您的广告或营销目的,或其他目的,这些术语在Tracking 部分中定义

  • Collection of the data occurs only in infrequent cases that are not part of your app’s primary functionality, and which are optional for the user.


  • The data is provided by the user in your app’s interface, it is clear to the user what data is collected, the user’s name or account name is prominently displayed in the submission form alongside the other data elements being submitted, and the user affirmatively chooses to provide the data for collection each time.


If a data type collected by your app meets some, but not all, of the above criteria, it must be disclosed in App Store Connect.

如果你的应用收集的数据类型符合上面的一些标准,但不是全部,它必须在app Store Connect中公开。

Examples of data that may not need to be disclosed include data collected in optional feedback forms or customer service requests that are unrelated to the primary purpose of the app and meet the other criteria above.


For the purpose of clarity, data collected on an ongoing basis after an initial request for permission must be disclosed.


Types of data(数据类型)

Refer to the list of data types below and compare them to the data collection practices in your app.


Contact Info(联系信息)
Name Such as first or last name (如名字或姓氏)
Email Address Including but not limited to a hashed email address (包括但不限于哈希电子邮件地址)
Phone Number Including but not limited to a hashed phone number (包括但不限于哈希电话号码)
Physical Address Such as home address, physical address, or mailing address (例如家庭住址,实际地址或邮寄地址)
Other User Contact Info Any other information that can be used to contact the user outside the app (可以用于在App之外联系用户的任何其他信息)
Health and Fitness(健康和健身)
Health (健康) Health and medical data, including but not limited to data from the Clinical Health Records API, HealthKit API, MovementDisorderAPIs, or health-related human subject research or any other user provided health or medical data(健康和医疗数据,包括但不限于来自Clinical Health Records API、HealthKit API、MovementDisorderAPIs或与健康相关的人体受试者研究或任何其他用户提供的健康或医疗数据)
Fitness (健身) Fitness and exercise data, including but not limited to the Motion and Fitness API (健身和运动数据,包括但不限于Motion(运动)和(Fitness)健身API
Financial Info(财务信息)
Payment Info(付款信息) Such as form of payment, payment card number, or bank account number. If your app uses a payment service, the payment information is entered outside your app, and you as the developer never have access to the payment information, it is not collected and does not need to be disclosed. (例如付款方式、付款卡号或银行户口号码。如果你的应用使用了支付服务,支付信息会在你的应用之外输入,而你作为开发者永远无法访问支付信息,它不会被收集,也不需要公开。)
Credit Info(信用信息) Such as credit score (如信用评分)
Other Financial Info(其他财务信息) Such as salary, income, assets, debts, or any other financial information (例如工资、收入、资产、债务或任何其他财务信息)
Location (位置)
Precise Location (精确定位) Information that describes the location of a user or device with the same or greater resolution as a latitude and longitude with three or more decimal places (描述用户或设备位置的信息,其分辨率与经纬度的精确度大于等于三个小数的定位(小数点后三个或更多))
Coarse Location (粗略定位) Information that describes the location of a user or device with lower resolution than a latitude and longitude with three or more decimal places, such as Approximate Location Services (描述用户或设备位置的信息,其分辨率和经纬度小于等于三位小数,如近似位置服务)
Sensitive Info(敏感信息)
Sensitive Info Such as racial or ethnic data, sexual orientation, pregnancy or childbirth information, disability, religious or philosophical beliefs, trade union membership, political opinion, genetic information, or biometric data (例如种族或民族数据、性取向、怀孕或分娩信息、残疾、宗教或哲学信仰、工会会员资格、政治观点、遗传信息或生物特征数据)
Contacts (联系人/通讯录)
Contacts (联系人/通讯录) Such as a list of contacts in the user’s phone, address book, or social graph (例如用户电话,通讯录或社交图中​​的联系人列表)
User Content(用户内容)
Emails or Text Messages(电子邮件或短信) Including subject line, sender, recipients, and contents of the email or message (包括主题行,发件人,收件人以及电子邮件或消息的内容)
Photos or Videos(照片或视频) The user’s photos or videos (用户的照片或视频)
Audio Data(音频数据) The user’s voice or sound recordings (用户的语音或录音)
Gameplay Content(游戏内容) Such as user-generated content in-game (例如游戏中用户生成的内容)
Customer Support(客户支持) Data generated by the user during a customer support request (用户在客户支持请求期间生成的数据)
Other User Content(其他用户内容) Any other user-generated content (任何其他用户生成的内容)
Browsing History(浏览记录)
Browsing History(浏览记录) Information about content the user has viewed that is not part of the app, such as websites (用户浏览过的不属于当前应用程序的内容的信息,例如网站)
Search History(搜索历史记录)
Search History(搜索历史记录 Information about searches performed in the app (在应用程序中搜索行为相关的信息)
Identifiers (身份标识)
User ID Such as screen name, handle, account ID, assigned user ID, customer number, or other user- or account-level ID that can be used to identify a particular user or account (例如屏幕名称,句柄,帐户ID,分配的用户ID,客户编号或其他可用于标识特定用户或帐户的用户级别或帐户级别的ID)
Device ID Such as the device’s advertising identifier, or other device-level ID (例如设备的广告标识符或其他设备级别的ID)
Purchases (采购记录)
Purchase History (采购记录) An account’s or individual’s purchases or purchase tendencies (账户或者个人购买记录以及购物趋势)
Usage Data(使用数据)
Product Interaction (交互产生的数据) Such as app launches, taps, clicks, scrolling information, music listening data, video views, saved place in a game, video, or song, or other information about how the user interacts with the app (例如应用启动,点击,点击,滚动信息,音乐收听数据,视频观看,游戏中保存的位置,视频或歌曲,或其他有关用户与应用交互方式的信息)
Advertising Data Such as information about the advertisements the user has seen (例如有关用户已看到的广告的信息)
Other Usage Data Any other data about user activity in the app (应用中有关用户活动的任何其他数据)
Diagnostics (诊断分析)
Crash Data (崩溃数据) Such as crash logs (例如崩溃日志)
Performance Data (性能数据) Such as launch time, hang rate, or energy use (例如启动时间,悬挂率或能源消耗)
Other Diagnostic Data (其他诊断数据) Any other data collected for the purposes of measuring technical diagnostics related to the app (为衡量与该应用程序相关的技术诊断而收集的任何其他数据)
Other Data (其他数据)
Other Data Types (其他数据类型) Any other data types not mentioned (未提及的任何其他数据类型)

Data use (数据用途)

You should have a clear understanding of how each data type is used by you and your third-party partners.


For example, collecting an email address and using it to authenticate the user and personalize the user’s experience within your app would include App Functionality and Product Personalization.


Purpose(目的) Definition(定义)
Third-Party Advertising (第三方广告) Such as displaying third-party ads in your app, or sharing data with entities who display third-party ads (例如在您的应用中显示第三方广告,或与显示第三方广告的实体共享数据)
Developer’s Advertising or Marketing (开发者的广告或营销) Such as displaying first-party ads in your app, sending marketing communications directly to your users, or sharing data with entities who will display your ads (例如在您的应用中显示第一方(开发者提供的)广告,直接向您的用户发送营销信息或与将显示您广告的实体共享数据)
Analytics (分析工具) Using data to evaluate user behavior, including to understand the effectiveness of existing product features, plan new features, or measure audience size or characteristics (使用数据评估用户行为,包括了解现有产品功能的有效性,计划新功能或衡量受众规模或特征)
Product Personalization (产品个性化) Customizing what the user sees, such as a list of recommended products, posts, or suggestions (自定义用户看到的内容,例如推荐产品,帖子或建议的列表)
App Functionality (应用功能) Such as to authenticate the user, enable features, prevent fraud, implement security measures, ensure server up-time, minimize app crashes, improve scalability and performance, or perform customer support (例如验证用户、启用特性、防止欺诈、实现安全措施、确保服务器正常运行、最小化应用程序崩溃、提高可扩展性和运行性能,或执行客户支持)
Other Purposes Any other purposes not listed (未列出的任何其他目的)

Data linked to the user (与用户有关的关联)

You’ll need to identify whether each data type is linked to the user’s identity (via their account, device, or other details) by you and/or your third-party partners. Data collected from an app is often linked to the user’s identity, unless specific privacy protections are put in place before collection to de-identify or anonymize it, such as:


  • Stripping data of any direct identifiers, such as user ID or name, before collection.


  • Manipulating data to break the linkage and prevent re-linkage to real-world identities.


Additionally, in order for data not to be linked to a particular user’s identity, you must avoid certain activities after collection:


*You must not attempt to link the data back to the user’s identity.


*You must not tie the data to other datasets that enable it to be linked to a particular user’s identity.


Note: “Personal Information” and “Personal Data”, as defined under relevant privacy laws, are considered linked to the user.



You’ll need to understand whether you and/or your third-party partners use data from your app to track users and, if so, which data is used for this purpose.


“Tracking” refers to linking data collected from your app about a particular end-user or device, such as a user ID, device ID, or profile, with Third-Party Data for targeted advertising or advertising measurement purposes, or sharing data collected from your app about a particular end-user or device with a data broker.


“Third-Party Data” refers to any data about a particular end-user or device collected from apps, websites, or offline properties not owned by you.

"Third-Party Data"是指从您不拥有的应用程序,网站或脱机属性中收集的有关特定最终用户或设备的任何数据。

Examples of tracking include:


  • Displaying targeted advertisements in your app based on user data collected from apps and websites owned by other companies.


  • Sharing device location data or email lists with a data broker.


  • Sharing a list of emails, advertising IDs, or other IDs with a third-party advertising network that uses that information to retarget those users in other developers’ apps or to find similar users.


  • Placing a third-party SDK in your app that combines user data from your app with user data from other developers’ apps to target advertising or measure advertising efficiency, even if you don’t use the SDK for these purposes. For example, using a login SDK that repurposes the data it collects from your app to enable targeted advertising in other developers’ apps.


The following situations are not considered tracking:


  • When the data is linked solely on the end-user’s device and is not sent off the device in a way that can identify the end-user or device.


  • When the data broker uses the data shared with them solely for fraud detection or prevention or security purposes, and solely on your behalf.


Learn more about tracking.


Privacy links(隐私权关联)

By adding the following links on your product page, you can help users easily access your app’s privacy policy and manage their data in your app.


  • Privacy Policy (Required): The URL to your publicly accessible privacy policy.


  • Privacy Choices (Optional): A publicly accessible URL where users can learn more about their privacy choices for your app and how to manage them. For example, a webpage where users can access their data, request deletion, or make changes.


Additional guidance(附加指导)

You collect different types of data from users depending on whether the user is a child, whether they are a free or paid user, whether they opt in, where they live, or for some other reason.


Please disclose all data collected from your app, unless it meets all of the criteria outlined in the Optional Disclosure section. You may use the Privacy Choices or Privacy Policy links to provide additional detail about how your data collection practices may vary.


You use Apple frameworks or services, such as MapKit, CloudKit, or App Analytics.If you collect data about your app from Apple frameworks or services, you should indicate what data you collect and how you use it. You are not responsible for disclosing data collected by Apple.

你使用苹果框架或服务,如MapKit、CloudKit或App Analytics。如果你从苹果框架或服务中收集关于你的应用程序的数据,你应该说明你收集了什么数据以及你如何使用它。您没有责任披露由苹果收集的数据。

You use location, device identifiers, and other sensitive data, but only on device, and the data is never sent to a server.Data that is processed only on device is not “collected” and does not need to be disclosed in your answers. If you derive anything from that data and send it off device, the resulting data should be considered separately.


You collect precise location, but immediately de-identify and coarsen it before storing.Disclose that you collect Coarse Location, since the precise location data is immediately coarsened and precise location is not stored.


Your app includes free-form text fields or voice recordings, and users can save any type of information they want through those mediums, including names and health data.Mark "Other User Content" to represent generic free form text fields and "Audio Data" for voice recordings. You’re not responsible for disclosing all possible data that users may manually enter in the app through free-form fields or voice recordings. However, if you ask a user to input a specific data type into a text field, such as their name or email, then you’ll need to disclose the specific type of data that you request.

您的应用程序包含自由格式的文本字段或语音记录,用户可以通过这些媒体保存任何类型的信息,包括姓名和健康数据。标记“其他用户内容(Other User Content)”表示通用的自由形式文本字段,标记“音频数据(Audio Data)”表示语音记录,用户可能通过自由形式的字段或录音手动输入到App里,您无需披露所有可能的数据。但是,如果您要求用户在文本字段中输入特定的数据类型,例如他们的姓名或电子邮件,那么您需要公开披露您所请求的特定类型的数据。

You collect data to service a request but do not retain it after servicing the request."Collect" refers to transmitting data off the device and storing it in a readable form for longer than the time it takes you and/or your third-party partners to service the request. For example, if an authentication token or IP address is sent on a server call and not retained, or if data is sent to your servers then immediately discarded after servicing the request, you do not need to disclose this in your answers in App Store Connect.

您收集数据以处理请求,但在处理请求后不保留数据。“collect” 指从设备上传输数据,并以可读形式存储,时间长于你和/或你的第三方合作伙伴处理请求所需的时间。例如,如果一个认证令牌或IP地址在服务器调用中被发送而没有被保留,或者如果数据被发送到您的服务器,然后在服务请求后立即被丢弃,您不需要在App Store Connect的答案中披露这些。

  • platform     
  • track     
  • integrate     
  • presented     
  • criteria     
  • identify     
  • identity     
  • applicable     
  • transmitting     
  • external     
  • vendors     
  • terms     
  • infrequent     
  • primary     
  • interface     
  • prominently     
  • affirmatively     
  • clarity     
  • feedback     
  • unrelated     
  • purpose     
  • above     
  • hashed     
  • Fitness     
  • medical     
  • Clinical     
  • exercise     
  • Motion     
  • debts     
  • describes     
  • decimal     
  • Approximate     
  • Sensitive     
  • ethnic     
  • racial     
  • sexual orientation     
  • philosophical     
  • opinion     
  • graph     
  • recipients     
  • sender     
  • viewed     
  • Interaction     
  • hang     
  • rate     
  • mentioned     
  • evaluate     
  • effectiveness     
  • audience     
  • characteristics     
  • Customizing     
  • fraud     
  • scalability     
  • specific     
  • Stripping     
  • link back to     
  • tie     
  • relevant     
  • retarget     
  • repurposes     
  • detection     
  • behalf     
  • paid     
  • opt     
  • outlined     
  • vary     
  • processed     
  • derive     
  • separately     
  • coarsen     
  • Disclose     
  • possible     
  • responsible     
  • readable     
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 216,544评论 6 501
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 92,430评论 3 392
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 162,764评论 0 353
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 58,193评论 1 292
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 67,216评论 6 388
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 51,182评论 1 299
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 40,063评论 3 418
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 38,917评论 0 274
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 45,329评论 1 310
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 37,543评论 2 332
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 39,722评论 1 348
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 35,425评论 5 343
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 41,019评论 3 326
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 31,671评论 0 22
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,825评论 1 269
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 47,729评论 2 368
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 44,614评论 2 353
