How to Add a Privacy Policy to Your App Store Listing

Both the Apple App Store and Google Play Store require a privacy policy for every app. Without one, your app will be rejected during review or removed from the store. This guide walks you through adding a privacy policy to both platforms, step by step.

Why App Stores Require a Privacy Policy

App stores act as gatekeepers between developers and users. Both Apple and Google have strengthened their privacy requirements significantly in recent years:

• Apple requires a privacy policy for all apps (Section 5.1.1 of App Store Review Guidelines), plus App Privacy Labels
• Google requires a privacy policy for all apps that access sensitive permissions or collect personal data, and their Data Safety section

Beyond store requirements, privacy laws like GDPR, CCPA, and COPPA legally mandate that you disclose your data practices to users.

Step 1: Create Your Privacy Policy

Before you can add a privacy policy to your store listing, you need one. Your privacy policy should cover:

• What data your app collects
• How the data is used
• Third-party services that access user data (analytics, ads, crash reporting)
• How users can contact you
• User rights regarding their data
• Data retention and deletion practices

The fastest way to create one is with PrivacyPage — answer a few questions and get a professional, compliant privacy policy in 60 seconds.

Step 2: Host Your Privacy Policy

Both app stores require a publicly accessible URL for your privacy policy. The URL must be reachable without authentication — anyone should be able to view it by visiting the link.

Popular hosting options:

Option A: Your Own Website

The most professional choice. Add a /privacy or /privacy-policy page to your existing website. This also helps with SEO and user trust.

Option B: GitHub Pages (Free)

Create a repository, add your privacy policy as an index.html file, enable GitHub Pages, and you have a free hosted privacy policy at yourusername.github.io/privacy-policy.

Option C: Notion Public Page

Write your privacy policy in Notion, click "Share to web," and use the public URL. Simple but less professional.

Option D: Static Hosting (Vercel, Netlify)

Deploy a simple HTML page to Vercel or Netlify for free. Fast, reliable, and professional.

Important: Whatever option you choose, make sure the URL is stable. Changing your privacy policy URL after submission can cause issues with store reviews.

Step 3: Add to Apple App Store (App Store Connect)

Here's how to add your privacy policy URL to your iOS app listing:

For a New App:

1. Log in to App Store Connect
2. Go to My Apps → select your app
3. Click on App Information in the left sidebar (under General)
4. Scroll down to the Privacy Policy URL field
5. Paste your privacy policy URL
6. Click Save

For an Existing App:

1. Log in to App Store Connect
2. Go to your app → App Information
3. Update the Privacy Policy URL field
4. Save changes — this takes effect immediately (no new build required)

App Privacy Labels (Nutrition Labels):

Since December 2020, Apple also requires you to fill out App Privacy Labels. Go to your app in App Store Connect → App Privacy → and answer the questions about what data your app collects, how it's used, and whether it's linked to the user's identity.

Your privacy policy and App Privacy Labels should be consistent — Apple may reject apps where they contradict each other.

Step 4: Add to Google Play Store (Google Play Console)

Here's how to add your privacy policy to your Android app listing:

For a New App:

1. Log in to Google Play Console
2. Select your app
3. Go to Policy → App content in the left sidebar
4. Click on Privacy policy
5. Paste your privacy policy URL
6. Click Save

For an Existing App:

1. Go to your app in Google Play Console
2. Navigate to Policy → App content → Privacy policy
3. Update the URL and save

Data Safety Section:

Google also requires a Data Safety section (similar to Apple's Privacy Labels). Go to Policy → App content → Data safety and fill out the questionnaire about data collection, sharing, and security practices.

Common Rejection Reasons (and How to Avoid Them)

Here are the most common reasons apps get rejected for privacy policy issues:

1. Privacy Policy URL Returns a 404

The most common issue. Double-check your URL works in an incognito browser window before submitting. Make sure there are no typos and the hosting is live.

2. Privacy Policy Doesn't Match App Functionality

If your app collects location data but your privacy policy doesn't mention it, expect a rejection. Make sure your policy accurately reflects your app's actual data practices.

3. Privacy Policy Is Too Generic

Both stores look for specificity. A privacy policy that says "we may collect data" without details about your specific app will raise red flags.

4. Missing Required Sections

For GDPR compliance, you need sections on user rights, legal basis for processing, and data retention. For CCPA, you need a "Do Not Sell" disclosure. Missing these can lead to rejection in certain regions.

5. App Privacy Labels / Data Safety Don't Match the Policy

Apple and Google cross-reference your privacy labels with your actual privacy policy. If you claim "no data collected" in the labels but your privacy policy mentions analytics, you'll get flagged.

6. Privacy Policy Is Not in the App's Primary Language

If your app is in Spanish but your privacy policy is only in English, some reviewers may flag this. At minimum, provide the policy in your app's primary language.

Best Practices

• Keep your privacy policy updated — When you add new features or third-party services, update your policy
• Use a stable URL — Don't change your privacy policy URL frequently
• Make it readable — Avoid walls of legal jargon. Use clear headings, short paragraphs, and plain language
• Link it from within your app — Add a privacy policy link in your app's settings or about screen, not just in the store listing
• Test the URL regularly — Set a reminder to check that your privacy policy URL is still accessible

Generate Your App Store Privacy Policy Now

Don't risk rejection. Use PrivacyPage to generate a professional privacy policy that meets both Apple and Google's requirements. It takes 60 seconds, it's free to preview, and it covers GDPR, CCPA, and all major privacy regulations.

Generate your privacy policy →