Apple defines the information an app collects on you in three different categories: data used to track you, data linked to you, and data not linked to you.
Data used to track you
The tracking data comes from the act of linking user or device data collected in an app with user or device data collected from other apps, websites, or offline properties. Examples of those offline properties include retail receipt aggregations used to target ads at users or measure the effectiveness of advertising. Apps share user and device data with data brokers who sell the information to advertisers.
Data linked to you
This information specifically links to your identity. That link comes from your user account on the app, your device, or other details. There is a lot of information that an app collects about you. Personal contact info, including your address, email address, and phone number? Contacts provides it. Health and fitness information is accessible from health APIs or apps.
Financial information like payment and credit info is linkable to an account or device. Apps easily capture location, whether regional or precise. Browsing and search histories link back to users, so advertisers know who they need to target their products or services. Even user content like emails, audio files, texts, customer support requests, and more is traceable to you or your device.
Data not linked to you
Apps also collect anonymized and aggregated information not necessarily linked to a particular user. The aggregated info data is useful for research or other purposes.
Developers must understand and explain what information their app collects and how it is used. Apple provides some exceptions to its disclosure requirements. As an example, user feedback or customer service requests do not need to be specifically noted. Almost every other bit of data collected by an app must now be disclosed.
Apple isn’t exempt from the requirements. Its own internal apps that aren’t listed on App Stores (examples include the macOS Dictionary, TextEdit, the iOS Watch app, etc.) have privacy disclosures on the company website.
What if Developers Don’t Follow The Guidelines?
Apple does not remove apps from the App Store if they don’t have the privacy info. However, it does not app updates to post until privacy information is listed. Any app not abandoned by its developer must include the details.
So, where do you find this privacy information? Eventually, Apple wants every app in each App Store to have a special screen in the app’s product listing page to have privacy info presented in easily understood tabs. A search of many popular apps in both the iOS and Mac App Stores today showed that almost none of them currently use Apple’s suggested format (seen at right).
In this format, the developer marks each category with icons indicating the data captured by the app.