# Guideline 5.1.1(i) - Privacy: Missing Privacy Policy

**Guideline:** 5.1.1 · **Store:** Apple App Store · **Risk:** low · **Difficulty:** easy · **Typical turnaround:** 1-2 hours

Canonical URL: https://appstorereject.com/rejections/apple/5/guideline-511i-privacy-missing-privacy-policy

## Description

Apple is rejecting your app because it does not include a privacy policy, or the privacy policy is not accessible from both App Store Connect and within the app itself. Apple requires every app — not just those collecting personal data — to have a visible, functional privacy policy link in two places: (1) the Privacy Policy URL field in App Store Connect, and (2) inside the app where it is easily accessible to users. This is a binary, automated check for the App Store Connect side — if the Privacy Policy URL field is empty or the URL returns a non-200 HTTP status, the rejection is virtually guaranteed. The in-app requirement is checked by the human reviewer, who will look for a link in your settings screen, onboarding flow, or registration page. The fastest path to approval is to host a privacy policy page on your website (even a simple static page is fine) and link it in both locations. The policy does not need to be written by a lawyer — Apple cares that it exists, is accessible, and accurately describes what data your app collects and how it is used. Template generators like Termly, iubenda, or Privacy Policy Generator are commonly used and accepted.

## Common variations

- App does not include a privacy policy
- Missing privacy policy link in App Store Connect
- Privacy policy link within the app is not accessible or returns an error
- App collects user data but does not include a privacy policy
- Privacy policy URL field is empty in App Store Connect

## Example rejection email

```
Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage

Your app does not include a privacy policy, which is required for all apps on the App Store.

Specifically, your app is missing a valid privacy policy link in App Store Connect and/or does not include a link to the privacy policy within the app.

Next Steps:
Please add a link to a valid, publicly accessible privacy policy in:
1. The Privacy Policy URL field in App Store Connect.
2. Within the app itself, accessible from the app's settings or equivalent area.

The privacy policy must clearly identify what data is collected, how it is collected, all uses of that data, and the data retention/deletion policies.
```

## Resolution steps

## Quick Assessment
- **Risk level:** Low
- **Resolution path:** Fix & Resubmit
- **Typical turnaround:** 1-2 hours

## The Fix

01. **Create a privacy policy page** — If you don't have one, use a template generator (Termly, iubenda, PrivacyPolicies.com). It must describe what data is collected, how it's used, third-party sharing, and deletion rights.

02. **Host it at a stable HTTPS URL** — Post the privacy policy on your website, a GitHub Pages site, or any publicly accessible HTTPS URL. Verify it loads without authentication and returns HTTP 200.

03. **Add the URL to App Store Connect** — In App Store Connect, go to your app → App Information → Privacy Policy URL. Paste the URL. This field is required for all apps.

04. **Add a link inside your app** — Place a tappable 'Privacy Policy' link in your app's Settings screen, About screen, or registration/login flow. It must open the same policy URL in a SafariViewController or WKWebView.

05. **Verify both links work** — Test the App Store Connect URL in an incognito browser. Test the in-app link on a physical device.

## Prevention
- Set up the privacy policy before your first submission
- Use a monitoring service or uptime check on the privacy policy URL
- Include the link in your app's settings screen as a standard pattern

## Before / after examples

**Before:** App Store Connect Privacy Policy URL field is empty; app Settings screen has no privacy policy link
**After:** Privacy Policy URL field contains https://example.com/privacy; app Settings screen includes a tappable 'Privacy Policy' link opening the same URL
**Why it works:** Apple requires the privacy policy in two locations — App Store Connect metadata AND inside the app itself. Both must be present and functional.

## Common questions

**How long does this typically take to fix?**

Typical turnaround is 1-2 hours (difficulty: easy). After resubmission, most re-reviews complete within 24-48 hours.

---
*Machine-readable source: https://api.appstorereject.com/api/rejections/detail?slug=guideline-511i-privacy-missing-privacy-policy*