Platform Guide

iOS Privacy Manifest: Requirements and Implementation Guide

Starting in 2024, Apple requires privacy manifests for all apps and SDKs. The manifest declares which privacy-sensitive APIs your app uses and why. Apps without proper manifests face rejection. Here is what you need to know and how to implement it correctly.

Scan your app against 180+ review rules

Get a detailed compliance report in under 5 minutes. Single scan $9, Pro $29/mo.

Start Free Scan

What Is a Privacy Manifest?

A privacy manifest (PrivacyInfo.xcprivacy) is a property list file that declares: which required reason APIs your app calls (file timestamps, disk space, user defaults, system boot time), the approved reasons for each API call, what data types your app or SDK collects, and whether collected data is linked to user identity. Apple uses this to verify your app's behavior matches your declarations.

Required Reason APIs

Apple has identified specific APIs that require justification in your privacy manifest: NSFileManager APIs for creation date and modification date, NSProcessInfo for system uptime, UserDefaults for third-party SDK use, Disk space APIs, and Active keyboard APIs. Each API has a set of approved reasons. Using an API without declaring an approved reason triggers rejection.

Creating Your Privacy Manifest

Add a PrivacyInfo.xcprivacy file to your Xcode project. Declare each required reason API you use with the corresponding approved reason code. List all data types your app collects with their purposes and linkage. Test by building and checking for privacy report warnings in Xcode. Third-party SDKs must also include their own privacy manifests.

180+ Apple & Google review rules

Scan results in under 5 minutes

Specific fix recommendations

Both platforms in one scan

Updated within 48hrs of guideline changes

Priority-ranked findings

Frequently Asked Questions

Do I need a privacy manifest if I use no sensitive APIs?

You still need a privacy manifest to declare your data collection practices. Even if you use no required reason APIs, the manifest serves as your privacy declaration.

What about third-party SDKs?

Third-party SDKs must provide their own privacy manifests. Starting May 2024, Apple rejects apps that include SDKs without proper manifests. Update your SDKs to versions that include privacy manifests.

How do I check if my manifest is correct?

Xcode generates a privacy report that shows all API usage and data collection across your app and its dependencies. Review this report before submission. NoReject AI also verifies manifest completeness.

Related Resources

iOS App Review Guidelines Checker

Check your iOS app against Apple's App Store Review Guidelines. Automated scanning covers all 5 guideline sections with specific fix recommendations.

App Rejected for Tracking Transparency

Fix App Tracking Transparency rejection issues. How to properly implement ATT on iOS and comply with tracking policies on both platforms.

App Rejected for Data Collection Issues

Fix data collection rejection issues for App Store and Google Play. How to properly disclose data practices, SDKs, and tracking.

Stop Guessing. Start Scanning.

Join developers who pass app store review on their first try.

Start Free Scan

Single scan $9 · Pro $29/mo · Team $79/mo