Timeline - Your Day at a Glance

Privacy Policy

Apple requires every app to have a proper privacy policy that explains how user data is collected, used, and protected.

Depending on your app you might just use a simple, one paragraph privacy policy describing what data is collected (if any) in human friendly terms. But for more complex case you might need a more and more formal language.

AI chatbot of choice is your best friend here. Here is a prompt template, customize and give it to AI, it should produce a decent first draft that you can iterate on further:

You are a privacy-policy drafting assistant. Generate a clear, App Store–ready Privacy Policy for an iOS app.

Constraints:
- Output in plain English.
- Use clear headings and short paragraphs.
- Must match the data practices described below exactly (do not invent practices).
- Include sections: Overview, Data We Collect, How We Use Data, Sharing, Third-Party Services, Data Retention, Security, Your Choices & Rights, Children’s Privacy, International Transfers, App Tracking Transparency, Push Notifications, Contact Us, Changes to This Policy.
- Keep it suitable for a single webpage.
- Ask follow up questions if any details are unclear.

APP INFORMATION
- App name: [APP_NAME]
- Company / Developer name: [DEVELOPER_NAME]
- Website: [WEBSITE_URL]
- Support email: [SUPPORT_EMAIL]
- Countries/regions offered: [REGIONS] (e.g., “Worldwide” or list)
- Target audience age: [AGE_RATING] (e.g., 4+, 12+, 17+)

DATA COLLECTION SUMMARY (Apple “App Privacy” style)
For each data type, specify: collected? (yes/no), linked to user? (yes/no), used for tracking? (yes/no), purposes.
Use ONLY the items marked “yes”.

Data types (fill each line):
- Contact info (name, email, phone): collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Identifiers (user ID, device ID): collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Usage data (product interaction, diagnostics): collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Diagnostics (crash data, performance): collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Purchases (purchase history): collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Location (precise/approx): collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- User content (photos, files, text): collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Health & fitness: collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Financial info: collected [YES/NO]; linked [YES/NO]; tracking [YES/NO]; purposes: [PURPOSES]
- Other: [LIST_ANY_OTHER_APPLE_DATA_TYPES_USED]

TRACKING (App Tracking Transparency)
- Do you track users across apps/sites owned by other companies? [YES/NO/UNKNOWN]
- If YES: describe tracking data and partners: [DETAILS]
- If NO: state that the app does not track as defined by Apple.

ACCOUNT & AUTH
- Does the app have accounts? [YES/NO]
- Sign-in methods: [Apple ID / Email+Password / Google / etc.]
- If accounts exist: what profile fields are stored: [FIELDS]
- Password handling (if applicable): [e.g., “handled by Firebase Auth” / “stored hashed” / “N/A”]

PAYMENTS
- Monetization model: [Free / Paid / IAP / Subscriptions / Ads]
- Payment processor(s): [Apple In-App Purchase / Stripe / etc.]
- If using Apple IAP: confirm you do not receive full card details: [YES/NO/UNKNOWN]

THIRD-PARTY SDKs & SERVICES
List every SDK/service and what data it receives.
For each item include: name, provider, purpose, data types shared, whether linked/tracking, and link to provider privacy policy.

Third parties (fill as list):
1) [SERVICE_NAME] by [PROVIDER] — purpose: [PURPOSE]
   - Data shared: [DATA_TYPES]
   - Linked: [YES/NO/UNKNOWN]
   - Tracking: [YES/NO/UNKNOWN]
   - Provider policy: [URL]
2) …

Common examples to consider (remove if unused):
- Analytics: [Firebase Analytics / Amplitude / Mixpanel / NONE]
- Crash reporting: [Crashlytics / Sentry / NONE]
- Ads: [AdMob / Meta Audience Network / NONE]
- Attribution: [AppsFlyer / Adjust / Branch / NONE]
- Cloud sync: [CloudKit / Firebase / custom backend / NONE]
- Payments: [Apple IAP / Stripe / NONE]
- Customer support: [Intercom / Zendesk / email only / NONE]
- Push notifications: [APNs only / OneSignal / Firebase Messaging / etc.]
- Maps: [Apple Maps / Google Maps / NONE]

DATA STORAGE & RETENTION
- Where is data stored? [On-device only / iCloud / CloudKit / Your servers / Vendor servers]
- If on your servers: hosting provider and regions: [DETAILS]
- Retention rules:
  - Account data retained until: [e.g., deletion request / X days after inactivity / UNKNOWN]
  - Logs/diagnostics retained for: [DURATION]
  - Backups retained for: [DURATION]
- Data deletion method:
  - In-app deletion: [YES/NO]
  - Email request: [YES/NO]
  - Steps user must take: [DETAILS]

CHILDREN
- Is the app directed to children under 13? [YES/NO]
- If NO: state you do not knowingly collect data from children under 13.
- If YES: describe parental consent flow and data limits: [DETAILS]

SECURITY
Describe security measures accurately:
- Transport security: [HTTPS/TLS/ATS]
- At-rest encryption: [YES/NO/UNKNOWN]
- Access controls: [DETAILS/UNKNOWN]

CONTACT
- Privacy contact email: [PRIVACY_EMAIL or SUPPORT_EMAIL]
- Mailing address (optional): [ADDRESS or NONE]

Now generate the full Privacy Policy.