I have a app which writes active calories data to health kit. To prevent duplication of data writing in health kit i read health kit active calories to check if one instance already exsists.
I was under the impression that to read active calories from health kit we need to ask user permission to read active calories.
But after some testing i have observed that i am able to read the active calories data from health kit without getting the user permission.
Is this normal behaviour, that i am able to read data from health kit without the user permission beacuse i have written it?
Should i continue with this implementation or is this a bug?
Found the answer in deep hidden documentation of health kit.
If your app is given share permission but not read permission, you see only the data that your app has written to the store. Data from other sources remains hidden.
If your app has permission to read a data type, you can query that data from the HealthKit store; however, even knowing that the user has denied your request to read data could reveal private health information. Therefore, your app cannot determine whether it has permission to read a particular type of data. If the user does not grant permission, queries for the restricted data types return only the samples that your app has shared. Otherwise, the HealthKit store appears to be empty.
So its not a bug.We can read data written by us in health kit.
Apple's documentation says:
Because health data can be sensitive, HealthKit grants users control over their data by providing fine-grained control over the information that apps can share. The user must explicitly grant each app permission to read and write data to the HealthKit store. Users can grant or deny permission separately for each type of data. For example, a user could let your app read the step count data but prevent it from reading the blood glucose level. To prevent possible information leaks, an app does not know whether it has been denied permission to read data. From the app’s point of view, if the app has been denied permission to read data, no data of that type exists.
If you are able to read actual items from the store and you are sure that you haven't already allowed a previous version of the application the right access (check Settings), this sounds like a bug that should be reported to Apple.
Related
I am currently in the process of bringing an app to the iOS app store. It's just a small app I made in my free time. It is workout-related, so the app requires access to location and health data from the user. The data, however, is only stored on user devices. My app does not send this data anywhere (except for iCloud sync), no login is required, and I also do not implement any tracking frameworks except for the built-in Apple one that you have to agree to when setting up iOS.
Now the app store requires me to link to a privacy policy (probably because health data is potentially sensitive information). I searched for privacy policy generators online, but all I could find just seem to assume that you collect personal data. They include statements such as:
We collect several different types of information for various purposes to provide and improve our Service to you.
or
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
I am afraid this might confuse users, since I explicitly state on my app store description that the data is not stored on my servers. Should I keep this in the policy nonetheless to be on the safe side legally? Or can anyone point me into the right direction what I need to include in my policy if I actually do not collect personal user data?
You collect + use personal data (location data + health data) in your app, regardless of the method of storage: on your own servers, locally on user's device, and so on. The only difference is that you do not send the collected data anywhere else (except iCloud sync).
If you don't use the collected data, simply disclose it in your Privacy Policy. Disclose that the data you collect is not store outside the user's device (except for iCloud).
Ecquire has an example of Privacy Policy for "no collection of data":
I am developing a chat app that uses CloudKit to authenticate the users, store data on the cloud and then exchange content between users.
Initially, according to the reviewer following guideline was breached when asking user to have an iCloud account setup on the device to make use of app entire set of functionality.
5.1 Privacy
5.1.1 Data collection and storage
(ii) If your app doesn’t include significant account-based features, let people use it without a log-in. Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law.
On a phone call I explained to him the app allows the user to open it, navigate around. But wont allow the user to create chat rooms or upload/share data within the rooms as it needs CloudKit authentication to store the data to then share it between users. According paragraph (ii) that was a significant account based feature to require authentication. He was fine with that.
Then he said he would still not be able to approve the app because CloudKit should only be used if the app intends to store data on the cloud. Data like, documents, photos, etc... according to him a chat app (WhatsApp a example) that stores images and text on the cloud to then share it between users is not actually storing data on the cloud and for that reason should not be using CloudKit and would be a definitive rejection.
Designing for CloudKit documentation says:
You can represent all the persistent model objects in your app using a CloudKit schema. However, the CloudKit framework should not be used to replace model objects in your app and should not be used for storing objects locally. It is a service for moving data to and from iCloud and sharing data between users of your app.
Not seeing where is my breach when the app:
only asks the user to authenticate when a core feature of the app is
called
uses the authentication to store messages, images, etc... in
the users iCloud account
uses the authentication to exchange this data that has been stored between users
After investing huge amounts of time and money in the app it is hard to accept a permanent rejection for such an odd reason. There is no documentation to sustain his argument or stop us from investing time/money with CloudKit wrongly.
Not sure where to go from here. Anyone with similar issue when using CloudKit?
I'm developing iOS app, friends of mine suggested me to use some tracking system, to find out how "really" people are using my app, analyze result. And pivot if needed.
I decked to use Mixpanel system. Do I need to to ask user about permission ? I just wonder that somebody could be offended by tracking. On the other hand data is anonymous.
What Apple says about tracking ?
Can I easily disable Mixpanels's track method (https://mixpanel.com/site_media/doctyl/uploads/iPhone-spec/Classes/Mixpanel/index.html#//apple_ref/occ/instm/Mixpanel/track:properties:) or I need to check some flags myself ?
PS:
I also have some doubts about the fact, that my app don't use network connection at all (besides buying in app purchases). And I wonder that user could be not aware that I track his behaviour and send it to the serwer (using network conneciton)
According to the App Store Review Guidelines, you may not transmit data about a user without permission:
17.1 Apps cannot transmit data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used
There is even a more specific guideline regarding collection information on minors:
17.4 Apps that collect, transmit, or have the capability to share personal information (e.g. name, address, email, location, photos, videos, drawings, the ability to chat, other personal data, or persistent identifiers used in combination with any of the above) from a minor must comply with applicable children's privacy statutes, and must include a privacy policy
I suspect this isn't the case here, but if you include location information, you must request permission for that, too:
4.1 Apps that do not notify and obtain user consent before collecting, transmitting, or using location data will be rejected
Whether you can collect non-identifying information (e.g. anonymous app usage information), is less clear. If you collect anything, though, your app should disclose its privacy policy regarding both identifying and non-identifying information.
If I wanted to get access to the metadata on the music stored in a user's iTunes library via MPMediaQuery, would that require the user to give their permission, in a similar way apps request access to Photos, Contacts, etc.?
I've never seen an app ask for access to my iTunes library, but I'm wondering whether that's because it's implicit, or it's impossible. I'd perhaps like to do some scanning and make some assumptions about the user's musical taste based on the information, preferably without them knowing or needing to consent to it.
Accessing the song list does not require a permission (iOS6 and iOS7).
According to Apple (link for iOS6), Data Privacy section,
In addition to location data, the system now asks the user’s
permission before allowing third-party apps to access certain user
data, including: Contacts, Calendars, Reminders, Photo Library.
This policy has not changed for the newly-released iOS7:
iOS is designed to put your privacy first. For example, if an app
wants your location information or data from Calendar, Contacts,
Reminders, or Photos, it needs your permission first.
I have an app that I did as a proof of concept and put on the app store just to gain experience going through the process but it turns out, it gets quite a few downloads, probably 30 a week. No Angry Birds but the app is very specific on the data it provides. It's a free app and what I would like to do now is gather some data on the users - how often they use it, where they are, what information they are searching and saving. I have no intention of touching personal data but I'd like to be able to aggregate what all the users are doing and see if there's any value in that.
Is this permitted in an iOS app? I see reports where apps are gathering more data than that (like Path pulling all your contacts) and I would think what I am looking to do is pretty standard.
Any advice is appreciated.
Check the App Store approval guidelines. That is the best resource you have.
https://developer.apple.com/appstore/resources/approval/guidelines.html
A few excerpts that may be relevant to you:
Location
4.1 Apps that do not notify and obtain user consent before collecting, transmitting, or using location data will be rejected
4.2 Apps that use location-based APIs for automatic or autonomous control of vehicles, aircraft, or other devices will be rejected
4.3 Apps that use location-based APIs for dispatch, fleet management, or emergency services will be rejected
4.4 Location data can only be used when directly relevant to the features and services provided by the App to the user or to support
approved advertising uses
Privacy
17.1 Apps cannot transmit data about a user without obtaining the user's prior permission and providing the user with access to
information about how and where the data will be used
17.2 Apps that require users to share personal information, such as email address and date of birth, in order to function will be rejected
17.3 Apps that target minors for data collection will be rejected
Independent of what the guideline says, you should be mindful of your users privacy. As long as you don't pin the information you collect to individual users, I guess you might be fine.
Regarding location data, the guideline states you can't collect for analytical purposes if it is not relevant to the app's usage. However, it is referring to the gps data. You can obtain location for analytical purposes through network access information.