Troubleshooting

App Rejected for Privacy Policy: What You Need to Fix

Privacy policy rejections are the single most common app store rejection reason. Whether your policy is missing, your URL is broken, or your policy does not match your actual data practices, here is exactly what both platforms require and how to fix it.

Scan your app against 180+ review rules

Get a detailed compliance report in under 5 minutes. Single scan $9, Pro $29/mo.

Start Free Scan

Apple's Privacy Policy Requirements

Apple requires every app to have a privacy policy accessible via a working URL. The policy must describe: what data you collect, how you collect it (directly or through third-party SDKs), how you use the data, who you share it with, how users can request data deletion, and your data retention practices. It must also match your App Privacy nutrition labels. Any mismatch between your labels and your policy triggers rejection.

Google's Privacy Policy Requirements

Google requires a privacy policy for all apps, accessible from your store listing and within the app. It must cover: the types of personal and sensitive user data accessed, collected, used, and shared, how data is handled (encryption, deletion upon request), your data retention and deletion procedures. It must also align with your Data Safety section declarations.

Fixing Privacy Policy Rejections

Step 1: Verify your privacy policy URL works and loads quickly. Step 2: Audit your actual data practices by checking all SDKs and APIs. Step 3: Update your policy to accurately describe all data collection. Step 4: Ensure your App Privacy labels (Apple) and Data Safety section (Google) match your policy. Step 5: Scan with NoReject AI to verify everything aligns. Most privacy policy rejections are fixed within 1-2 hours.

180+ Apple & Google review rules
Scan results in under 5 minutes
Specific fix recommendations
Both platforms in one scan
Updated within 48hrs of guideline changes
Priority-ranked findings

Frequently Asked Questions

Do I need a privacy policy if my app collects no data?

Yes. Both Apple and Google require a privacy policy for all apps regardless of data collection. If you collect no data, your policy should explicitly state that.

Can I use a privacy policy generator?

Generators provide a starting point, but you must customize the output to match your actual data practices. A generic policy that does not reflect your app's behavior will be flagged.

Where does my privacy policy URL need to be?

In your App Store Connect / Google Play Console listing, in your app (typically in Settings or About), and if requested by Apple, in your app's onboarding flow.

Related Resources

Privacy Policy Requirements for App Store

Complete privacy policy requirements for Apple App Store and Google Play. What must be included, where to host it, and how to keep it current.

App Store Rejection Reasons

Complete list of App Store and Google Play rejection reasons. Learn why apps get rejected and how to prevent each rejection type.

App Rejected for Data Collection Issues

Fix data collection rejection issues for App Store and Google Play. How to properly disclose data practices, SDKs, and tracking.

Stop Guessing. Start Scanning.

Join developers who pass app store review on their first try.

Start Free Scan

Single scan $9 · Pro $29/mo · Team $79/mo