get to prod tasks
This commit is contained in:
82
tasks/ios-production/25-privacy-manifest.md
Normal file
82
tasks/ios-production/25-privacy-manifest.md
Normal file
@@ -0,0 +1,82 @@
|
||||
# 25. Privacy Manifest & Nutrition Labels
|
||||
|
||||
meta:
|
||||
id: ios-production-25
|
||||
feature: ios-production
|
||||
priority: P1
|
||||
depends_on: []
|
||||
tags: [compliance, app-store, privacy, production]
|
||||
|
||||
objective:
|
||||
- Create and configure the required privacy manifest and App Privacy nutrition labels for App Store submission
|
||||
|
||||
deliverables:
|
||||
- Privacy manifest file (PrivacyInfo.xcprivacy)
|
||||
- App Privacy nutrition labels in App Store Connect
|
||||
- Third-party SDK privacy manifests
|
||||
- Data usage disclosure documentation
|
||||
|
||||
steps:
|
||||
1. Create privacy manifest:
|
||||
- Add PrivacyInfo.xcprivacy to project
|
||||
- Declare all collected data types:
|
||||
- Contact Info (name, email)
|
||||
- User Content (voice recordings for VoicePrint)
|
||||
- Identifiers (user ID, device ID)
|
||||
- Usage Data (analytics)
|
||||
- Diagnostics (crash logs)
|
||||
- Declare required reason APIs:
|
||||
- File timestamp APIs (if used)
|
||||
- Disk space APIs (if used)
|
||||
- System boot time APIs (if used)
|
||||
- Active keyboard APIs (if used)
|
||||
- User defaults APIs (used for preferences)
|
||||
2. Configure App Privacy nutrition labels:
|
||||
- Log into App Store Connect
|
||||
- Navigate to App Privacy section
|
||||
- Select all data types collected by app
|
||||
- Mark each as linked to user identity or not
|
||||
- Mark each as used for tracking or not
|
||||
- Specify purposes (analytics, app functionality, etc.)
|
||||
3. Audit third-party SDKs:
|
||||
- Check Firebase SDK privacy manifest
|
||||
- Check any analytics SDK privacy manifest
|
||||
- Ensure all SDKs have updated manifests for iOS 17+
|
||||
- Update SDKs if manifests missing
|
||||
4. Document data usage:
|
||||
- Create docs/IOS_PRIVACY.md
|
||||
- List all data collection and purposes
|
||||
- Explain user controls and opt-out options
|
||||
- Document data retention periods
|
||||
5. Test manifest validation:
|
||||
- Build app in Xcode
|
||||
- Check for privacy manifest warnings
|
||||
- Validate with App Store Connect upload
|
||||
|
||||
tests:
|
||||
- Build: No privacy manifest warnings in Xcode
|
||||
- Upload: App Store Connect accepts privacy labels
|
||||
- Review: Privacy labels match actual data collection
|
||||
|
||||
acceptance_criteria:
|
||||
- PrivacyInfo.xcprivacy file in project
|
||||
- All collected data types declared
|
||||
- Required reason APIs documented
|
||||
- App Privacy nutrition labels complete in App Store Connect
|
||||
- All third-party SDKs have privacy manifests
|
||||
- Privacy labels accurate and honest
|
||||
- No Xcode warnings about missing privacy manifests
|
||||
- Documentation of data usage available
|
||||
- User-facing privacy policy linked
|
||||
|
||||
validation:
|
||||
- Build app → no privacy manifest warnings
|
||||
- Upload to App Store Connect → privacy section complete
|
||||
- Review data types → all actual collection declared
|
||||
- Check SDK versions → all include privacy manifests
|
||||
|
||||
notes:
|
||||
- Apple requires privacy manifests for all apps starting 2024
|
||||
- Nutrition labels must be accurate — false claims can lead to rejection
|
||||
- Third-party SDKs without manifests may cause build warnings
|
||||
- Update manifests when adding new data collection features
|
||||
Reference in New Issue
Block a user