We are developing an app that share user location on the map when they login and others can tap on their profile pic on map and start chatting with them .
Apple rejected the app with following reply :
"17.1 - Apps cannot transmit data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used.
Upon further review, we found that your app enables the display of nearby users’ locations on a map but only prompts users on sign up or sign in for permission to show their location. If the user has signed in and previously agreed, then they are not prompted again until they log out. This is not appropriate for the App Store.
Specifically, it is not appropriate to display the user's location automatically without the option to decline if they have already signed in to access your app." We already tried to add multiple popup/confirm boxes for user permissions. what should be done to take care of this privacy issue ?
Should we add a button to manually checkin , everytime they want to update thier location ? this will defeat the purpose though if they have to click a button to update location to show where they are .
Or
Should we ask for permission to Show location each time App is opened since apple's objection is that it don't ask for permission again untill user is logged out and log in back ?
This is a speculative answer, since Apple has somewhat fuzzy replies, but this is my view:
Specifically, it is not appropriate to display the user's location automatically without the option to decline if they have already signed in to access your app."
You could solve it by:
* Sending a push notification when the user's location is being used (this could be annoying depending on app usage of location)
* Showing some info in a very visible place in the app, e.g. in the lateral menu, along with the option to reject to share your location (or otherwise, tell the user there that they can do so by logging out)
There must be other possible solutions, since the reviewer is a human being and the guideline broad and unspecific enough... But I think any of these options would work.
Related
I have an iOS app on the app store that can:
show the user location on a map when the user clicks on a GPS button
record a tracking of the user location when the user clicks on a record button
That app passed validation in the past. I recently made an update that changes nothing to the location stuff, and that has been refused because of the message displayed when requesting the location permission to show the user location on a map (so, when the user clicks on the GPS button).
The message was:
MyAppName needs to access your location to show it on the map.
Seemed pretty clear to me, but reading the guidelines I saw that we should not display the app name. So I updated it to:
Your current location will be displayed on the map.
Which is nearly the same as the message of the guidelines. Rejected again. When the user clicks on the GPS button, the app does nothing more than showing the location on the map.
When the user clicks on the record button, a different message is displayed:
Your current location will be used to record a tracking. The setting must be set to "Always Allow" in order to record the tracking even when the app is in the background.
I explained all of that in an answer to the app rejection message and I'm waiting Apple's response. In the mean time, in order to avoid losing even more time, I'd like to know if someone ran into a similar problem, and what message did you display to pass validation?
Sooooo in the end, they validated my app, after a new message explaining in details the two different use cases (leading to the two different permission requests message).
I am currently working on an app that is going to use the users iCloud information, namely first name, last name and e-mail address as a way to automatically sign-up for the app, instead of filling out a huge form.
Currently the only way I see to get to this information, is to ask the user for permission using the only CloudKit permission type available (userDiscoverability).
CKContainer.default().requestApplicationPermission(CKApplicationPermissions.userDiscoverability, completionHandler: { (status, error) in
....
})
The problem with this is, is that the definition of userDiscoverability is:
The current user is discoverable (through the user's email address) to
other users of the app
Which leads to the default dialog shown here:
The problem is, is that I want access so that i can use the information above to sign someone in automatically (and use it for when someone changes devices, loses their device, etc) so that they don't have to sign up again. Therefore the dialog shown here isn't relevant to what I need it for and the users of the app are going to be confused as to why other users of the app will see that they are using the app(and in fact there is no functionality in the app to allow this at all anyhow).
Like other privacy entries available in Xcode, is there one available somewhere for CloudKit where I can add my own custom message so that I can customize the reason I need permission?
I know that others people have offered solutions, like providing your own custom dialog before the system asks or providing a Page View Controller to explain what's going on but I would like to avoid that. Apple really needs another permission type here but for the time being, thats all we have.
Suggestions/Comments/Feedback welcome.
I'm trying out this code: http://github.com/akpw/AssetLibraryPhotosViewer to access photos on my iPhone.
However when I run the application, I get an alert that says the application is trying to access my photos - and then I can allow this or decline.
Can I disable this when using the AssetLibrary, or does this message always appear?
If I can't turn this off, and I press "Don't Allow", can I still make the app access my photos?
Following on from answer above. This will appear once. If you allow access then it will not show again and you will have access to the photo's. If you disallow it then you will not be allowed to access this and the alert dialog will not appear again.
This permission can be changed at any time by the user in the settings app (Under Location and Privacy, or a variation of that.) This has been around since iOS 6 I believe.
You are never able to programtically state that access has been granted, the system handles the permissions which are shown to the user.
This is a security feature of the OS that cannot be disabled. If a user does not give your app permission to access the photo library your app will not be able to access any photos. Given this ability your app should be able to handle the situation gracefully from a UI/UX perspective.
For more information take a look at this guide from Apple about iOS security guidelines (page 47 takes about accessing personal data) iOS Security
My iOS app wants to display the users current location. Nothing special - but to do so, the first time the app is ran (or more to the point, the first time an MKViewMap in the app is displayed, I guess...) .. the user is asked for permission (which is awesome).
eg.
Now, if the user accidentally says DON'T ALLOW or decides to (later on) give permission ... is there technically a way we can reset their previous decision and when the app is restarted, ask them again automatically when the MKViewMap is next rendered again?
The user can enable or disable that option in the setting of the iphone. To do this, user have to select the Privacy option in the Setting Menu, and then select the Location Services option and than search the desired app to whom user want to enable or disable the permission and perform desired function by switching the toggle button on or off.
As it was a Private API provided from Apple the alert cannot be shown up again. Alternatively, we can check manually and show an alert like this.
The following can be read in the Apple docs:
"...it is recommended that you always call the locationServicesEnabled class method of CLLocationManager before attempting to start either the standard or significant-change location services. If it returns NO and you attempt to start location services anyway, the system prompts the user to confirm whether location services should be re-enabled. Given that location services are very likely to be disabled on purpose, the user might not welcome this prompt."
If I understand it right the alert will pop up everytime you try to get the users location, but it's not recommended to do so.
Link to full post:
https://developer.apple.com/library/ios/documentation/UserExperience/Conceptual/LocationAwarenessPG/CoreLocation/CoreLocation.html#//apple_ref/doc/uid/TP40009497-CH2-SW1
No you cannot do so. Rather than this, you can just check the latitude and longitude value and show alert to the user that enable the service from settings.
I am using core location framework to collect the device location in my iOS app. When i install the app for the first time in device, iOS asks for the user permission with a alert view as below.
Is there any way to disable this default alert view and display a customized message to the user?
I added screen shot where to add purpose message.
Those alerts are system generated and not editable by the developer. If they were editable, then the developer could change the meaning or make it not obvious to the end user what permissions they were asking for.
For user privacy reasons, this prompt/alert is system generated and you can't disable it if your app uses core location.
Having said that, however, you can delay the display of this alert in your app by organizing your code flow such that location services are only called when needed (lazy initialization).
As per apple docs, read notes under method -
+ (BOOL)locationServicesEnabled
Location services prompts users the first time they attempt to use location-related information in an app but does not prompt for subsequent attempts. If the user denies the use of location services and you attempt to start location updates anyway, the location manager reports an error to its delegate.