I use Firebase for user authentication, I just resubmitted my app and got the following rejection:
Guideline 5.1.2 - Legal - Privacy - Data Use and Sharing
We noticed you do not use App Tracking Transparency to request the
user's permission before tracking their activity across apps and
websites. The app privacy information you provided in App Store
Connect indicates you collect data in order to track the user,
including Other Diagnostic Data, Audio Data, Performance Data, Crash
Data, Product Interaction, Phone Number, User ID, Emails or Text
Messages, Photos or Videos, and Search History.
Starting with iOS 14.5, apps on the App Store need to receive the
user’s permission through the AppTrackingTransparency framework before
collecting data used to track them. This requirement protects the
privacy of App Store users.
Next Steps
Here are two ways to resolve this issue:
You can remove the tracking functionality from your app and update your app privacy information in App Store Connect.
If you decide to continue tracking users, you must implement App Tracking Transparency and request permission before collecting data
used to track the user or device.
My app has no ads but I have to track users throughout the app using their userID so that I know what post belongs to which user etc etc.
If the user declines the prompt AppTrackingTransparency isn't that basically saying that I can no longer track them? I have no idea what to do here.
Here are the Privacy checkboxes that I filled out. Apparently i can change something but I don't know what to change.
I resubmitted my app and it got approved. Seems the key is to make sure it is only Used for App Functionality.
To make that happen I made these changes to the App Policy page in App Store Connect.
I clicked the blue Edit button next to each policy. Of the 10 policies, here are 4 red arrows next to 4 of the Edit buttons. Click each one for the same results for steps two, three, and four.
After clicking the Edit button, you will be presented with a screen with a bunch of selections, for that screen all I did was check App Functionality:
For the 2nd screen, I selected No, user IDs collected from this app are not linked to the user's identity.
For the 3rd screen I selected No, we do not use phone numbers for tracking purposes. Notice on the 3rd screen, under Definitions and Examples, it says:
Tracking does not apply in the following situations:
• When the data broker uses the data shared with them solely for fraud
detection or prevention or security purposes
Here is a screen shot with it in purple underline:
Here are how all of my Privacy Policies look now:
Here is the email approval:
Related
I'm planning on publishing an app on Google Play that uses AdMob and location data to draw pins on an in-app Google Map and need a privacy policy. I'm not sure how to make one so I thought I would use a policy generator for now until I can see if I can afford to have a lawyer write one up.
So the question is what privacy policy generator should I use?
I use this generator it is very good. if you have Facebook login in your app you may need to add a paragraph to enable user to retrieve and/or delete their data from your app, usually I add an email for people who wants to remove their data and that's it.
The most recent update to my app on Google Play was rejected because the app "contains ad content that is not appropriate for children".
App update rejected
More specifically it was rejected because the app is rated 3+ but it showed an ad for Bigo Live, a social app rated 12+.
Bigo Live ad in the app
I know the solution is to block ads of this kind using MoPub Content Blocking. But the question is, what IAB category does it fall under?
Use Content Blocking in mopub and block this app:
Content blocking at the account level is the one-stop place to apply advertising filters across your account. Here, you can block advertiser URLs, install ads for specific apps, and general ad categories across all the apps in your account. You can always override these account-wide settings at the app level if you want to set unique content filters for individual apps.
Also, if you app is not targeted toward kids you can got to Google Play Console > App Content > Target audience and content > and chose higher target age
What I want to build:
I want to build a website where users can connect their google calendars (this will use Google Calendar API's)
and view their calendar events, as well as edit them, and create new ones.
My problem:
In order to do so, google says my app needs to be verified, which can take weeks, and I also need to set up terms of services pages, privacy policy pages
I also need to supply authorised javascript origins which MUST start with https, which of course is a problem during development, since my origin is http://localhost
I also need to set up support emails and homepage link
Question
I just want to start building my application without having to set up a whole production-ready website eco system.
Is there anyway I can use these Google Calendar APIs for editing/creating calendar events locally, without having to set up everything mentioned above first?
Unverified apps can still be used by the developer who created the project on google developer console.
Unverified app screen
The app or script might display an "unverified app" screen before it displays the consent screen. This is based on the specific scopes that your app includes in the request.
You can still work on your app while you are going though the verification process. However that being said i would start that process asap it can take a long time to get verified.
Yes, you can. As far as I am able to tell, all the verification step does is remove the "unverified app" screen. As long as you click Advanced > Go To ... (unsafe), you should be able to create and edit calendar events for that user in your application.
In order to be able to create and edit calendar events, you need to use the most sensitive scope, which is https://www.googleapis.com/auth/calendar. I couldn't figure out how to edit and create calendar events in my web app until I changed my scope from calendar.events to calendar.
Creating Events: https://developers.google.com/calendar/create-events
Is it possible to get the amount of times an URL is received by a device from the proximity beacon API? I want to know what the click through ratio is of the broadcasted URL.
That depends. If you write your own app that scans for Eddystone-URL beacons and triggers some content (e.g., the web page itself) off of that, then naturally you're in full control and can implement this kind of analytics. Though it'll only apply to people which installed the app.
If you rely on Chrome for iOS, or the Physical Web iOS and Android apps to discover the Eddystone-URL beacons, then these apps do not provide any such numbers.
However, both Chrome for iOS and the Physical Web apps do fetch some metadata about the URL they detect, such as the page title and page description, without the user first clicking on the link. So there's a slim possibility that you could filter such requests out (they will be made by the Physical Web Service, or some similar "bot"), separate them from the actual visits, and do analytics based on that. Most likely however, this "bot," or the proxying service (which is there precisely to prevent this kind of tracking, and protect the user's privacy), will also do some caching, so you'll see fewer requests than the actual number of times the URL is received by the device.
And finally, dropping to a lower level, a note: most beacons are uni-directional, i.e., they broadcast information, but don't receive any information back, so beacons themselves usually can't count the number of packets on the receiving end. (I guess you could technically use the Bluetooth "scan response" mechanism to do that, but it would require custom beacon hardware/firmware.)
Unfortunately, no, it will not do this by itself.
Google's Proximity Beacon Api is a server-side system that stores metadata about beacons (location, battery level, etc) It requires you to add special client code integrated with your app to submit detection data.
Similarly, detecting Eddystone-URL beacons generally requires you to add custom code to your app to do the detections and and present the URL to the user. (The only exception to this is for some Chrome for iOS users with the Chrome Today widget enabled, and no public system provides click through rates.)
Since your app must present the URL itself you really have to roll your own solution to this problem.
If I understand right, you should be able to achieve this by Google analytics campaign. Setup a campaign, add campaign url to ibeacon url and you should be able to check the details analytics through Google analytics.
Hi
I've built an IOS app that has a tab bar and extracts content from a website and displays it.
I need it to be approved in itunes but when i sent it to review they replied
"We've completed the review of your app but cannot post this version to the App Store because it is only a content aggregator and provides a limited set of features and functionality to users"
I've read about it and i noticed that there are a lot of apps just like my app that are used by news sites and they were approved.
My content must be on a remote web server due to security reasons and i have complied with the reachibility protocol that apple requires which means that i monitor if there is network available on the device and warns the user that the content can only appear on connected ipad.
Is there a way that i can add approve my app or must i become a large news site in order to make my app approved?
Add searching or filtering of the content displayed in your app. That should do the trick.