Exploring Indie Life: Adding App Privacy Details
I was doing some housekeeping for the release of Meshing for iOS 18 and started filling in the App Privacy details on the App Store. These details help users see what data an app might collect before downloading.
As an indie developer, I had to figure this out for my app. It was not as scary as I thought, but it made me look at what my app does with user data, especially with many different third-party packages.
So yes, my app collects data to make informed decisions and improve it further.
You can find the full list of questions here:
What's in Meshing?
First, I have not added a way to log in via any means, so my app is not collecting name, address, number or any other user contact info that could be used to contact the user outside the app.
Secondly, I have nothing related to health or financial data for a mesh gradient tool.
Again, there is no need for location, sensitive information, or contacts for a mesh gradient tool.
I do not think I have search capability yet, so that's another thing that I do not have to check mark.
I have no diagnostics tools or require body or surroundings movements. So, that's the last of the things that I do not have to checkmark!
Now, coming to the part where I have to check the marks. My app uses four main packages, and each one handles data a bit differently:
- AI Proxy
It helps me add different AI-related services without setting up complicated cloud functions or building my backend. In my app, I use AIProxy to add GPT4o-mini API. I needed to use it without risking my API key getting into the wrong hands and me getting broke.
From what I understand on data-related stuff, AIProxy takes notes of IP Addresses and Device IDs to prevent people from abusing the API. I can rate-limit the request per IP Address and user.
- WishKit
This one only takes an optional email address if the user wants to provide it. I can keep track of each person's wishes in the app. It is not tied to their real name or anything personal.
- TelemetryDeck
This package collects two types of data: Identifiers and Usage Data. These are not personally identifiable. Usage Data tells me which features are popular or if something in the app is not working right, as I have tracking for errors, too.
- RevenueCat
This one is all about purchases. RevenueCat keeps your purchase history if you buy something in the app. It does not see your credit card info— just what you purchased and when.
With that, these are the identifiers that I have to check:
Under Device ID, I have to checkmarks for analytics and app functionality because that's what I am using it for:
These data are not linked to the user's identity, so I have the answer to that question:
My app does not sell off the data for targeted advertising so that I can answer this question, too.
I then answer the same Purchases and Usage Data questions to wrap up this questionnaire.
Moving Forward
Adding these privacy details to my app listing was about following Apple's rules. But it made me think hard about what data I am collecting and why. I want the user to feel safe using Meshing, and I hope being open about this helps.
Happy shipping!