App Review Guidelines

Introduction

The App Store's guiding principle is simple: We want to provide users with a secure platform to get apps – and give developers a great opportunity to succeed. To do this, we offer a comprehensively curated App Store where every app is reviewed by experts, and an editorial team helps users discover new apps every day. We also scan every app for malware and other software that could affect user safety, privacy, and data protection. These measures have ensured that Apple's platforms are the safest for consumers worldwide.

In the European Union, developers can also offer certified iOS and iPadOS apps through alternative app marketplaces and directly through their websites. Learn more about alternative app marketplaces, web distribution, and certification of iOS and iPadOS apps.

You can see which guidelines apply to the certification of iOS and iPadOS apps by clicking on "Show only guidelines for certification review" in the left-hand menu.

For everything else, there is the open internet. If the App Store model and guidelines or alternative distribution options and iOS and iPadOS app certification are not a good fit for your app or business idea, we also offer Safari for a great web experience.

On the following pages, you will find our latest guidelines in five clear sections: "Safety," "Performance," "Business," "Design," and "Legal Notices." The App Store is constantly being updated and improved to keep pace with the demands of our customers and products. Your apps should also be constantly updated and improved to stay in the App Store.

Here are a few more points to consider when distributing your app on our platforms:

• There are many children who download many apps from the App Store. Parental controls work great for protecting children, but you also need to do your part. We keep an eye on children's safety.
• The App Store is a great way to reach hundreds of millions of people around the world. If you just want to show your app to your family and friends, the App Store isn't the best way. Consider using Xcode to install your app on a device for free, or use ad-hoc distribution available to members of the Apple Developer Program. If you're just starting out, learn more about the Apple Developer Program here.
• We are committed to representing all points of view in the App Store, as long as the apps respect users with differing opinions and the app quality meets the requirements. We reject apps for content or behavior that we deem inappropriate. But how do you recognize when that's the case? A US Supreme Court justice once put it this way: "I know it when I see it." We believe you'll know when you've gone too far.
• If you try to circumvent the system (e.g., trick the review process, steal user data, copy the work of other developers, or manipulate reviews or App Store discovery), your apps will be removed from the App Store. You will also be excluded from the Apple Developer Program.
• You are responsible for ensuring that your app fully complies with these guidelines, including ad networks, analytics services, and third-party SDKs. Review and select them carefully.
• Some features and technologies that are not generally available to developers may be offered as permissions for limited use cases. For example, we offer permissions for CarPlay Audio, HyperVisor, and Privileged File Operations.

We hope these guidelines help you navigate the review process smoothly and that approvals and rejections remain consistent. This document is constantly updated. New apps that raise new questions may lead to new rules at any time. It may even be your app that requires such an update. We appreciate that too, and we value your work. We are truly doing our best to offer the best platform in the world so that you can express your talents and earn a living.

Before You Submit

To ensure your app is approved as smoothly as possible, check the common mistakes listed below that may slow down the review process or lead to rejection. These do not replace the guidelines or guaranteed approval, but they are a good start to checking all the points on the list. If your app no longer functions as intended or you no longer actively provide support for it, it will be removed from the App Store. Learn more about App Store improvements.

Make sure of the following:

• Test your app for crashes and bugs.
• Make sure all app information and metadata are complete and accurate.
• Keep your contact information up to date in case App Review needs to reach you.
• Allow App Review full access to your app. If your app includes account-based features, provide either an active demo account or a fully functional demo mode, as well as any other hardware or resources required for App Review (e.g., login credentials or a sample QR code).
• Enable backend services so the App Review team can access them.
• Provide detailed information in the accompanying documentation for the app review process about any non-obvious features and in-app purchases, including accompanying documentation if applicable.
• Check if your app complies with other guidelines, such as those in the following documents:

Developer Documentation

• SwiftUI
• UIKit
• AppKit
• App extensions
• Optimizing Your App's Data for iCloud Backup
• Apple File System
• App Store Connect Help
• Developer Account Help

Design Guidelines

• Human Interface Guidelines

Brand and Marketing Guidelines

• Marketing Resources and Identity Guidelines
• Apple Pay Marketing Guidelines
• Add to Apple Wallet Guidelines
• Guidelines for Using Apple Trademarks and Copyrights

Guidelines that apply are for the certification of iOS and iPadOS apps in the EU.

1. Safety

When users install an app from the App Store, they want to be able to trust that it is safe – that the app does not contain offensive or objectionable content, does not damage their device, and is unlikely to cause physical harm. Below is a list of the most common reasons for rejection. If your goal is to shock and offend, the App Store is not the right place for your app. Some of these rules are also included in the guidelines for the certification of iOS and iPadOS apps.

1.1 Objectionable Content

Apps must not include content that is offensive, insensitive, upsetting, disgusting, exceptionally tasteless, or simply unpleasant. Here are some examples of such content:

• Defamatory, discriminatory, or malicious content, including remarks or comments about religion, ethnic origin, sexual orientation, gender, national origin, or other targeted attacks against specific groups, especially in cases where the app is likely to expose, intimidate, or endanger a target person or group. Political satirists and humorists are generally exempt from this provision by profession.
• Realistic depictions of people or animals being killed, mutilated, tortured, or abused, or content that promotes violence. "Enemies" in the context of a game may not be exclusively people of a certain skin color, culture, real government, or real company, or another real person.
• Depictions that promote the unlawful or reckless use of weapons and dangerous objects, or facilitate the purchase of firearms or ammunition.
• Obvious sexual or pornographic material, defined as "explicit descriptions or depictions of genitalia or activities that are intended to evoke erotic rather than aesthetic or emotional feelings." This includes "dating" apps and other apps that contain or can be used to facilitate prostitution or human trafficking and exploitation.
• Provocative religious comments or inaccurate or misleading quotes from religious texts.
• False information and features, including inaccurate device data or trick/joke features such as false location tracking. Stating that the app is for "entertainment purposes" does not bypass this guideline. Apps that enable anonymous or prank calls or SMS/MMS will be rejected.
• Harmful concepts that exploit or profit from current or recent events such as violent conflicts, terrorist attacks, and epidemics.

1.2 User-Generated Content

Apps with user-generated content present special challenges, ranging from intellectual property infringement to anonymous bullying. To prevent abuse, apps with user-generated content or social networking services must offer the following:

• A filtering method to prevent objectionable material from being published in the app
• A mechanism for reporting objectionable content and timely responses to concerns
• The ability to block abusive users from the service
• Publicly available contact information so users can easily reach you

Apps with user-generated content or services that are primarily for pornographic content, chatroulette-like experiences, the objectification of real people (e.g., polls about their attractiveness), threats of physical violence, or bullying are out of place in the App Store and may be removed without notice. If your app contains user-generated content from a web-based service, it may occasionally display non-child-friendly "NSFW" content, provided it is hidden by default and only displayed when users enable it via your website.

1.2.1 Creator Content

Apps that contain content from a specific user community (so-called "creators") offer a great opportunity if properly moderated. These apps offer customers a unique, unified experience to interact with various types of video content. With tools and programs, they support this community of non-developers in creating, sharing, and monetizing user-generated experiences. These experiences must not alter the core functionality of the native app, but rather complement these structured experiences with content. These experiences are not native "apps" programmed by developers, but content within the app itself. App Review treats them as user-generated content. Such creator content can include videos, articles, audio content, and even simple games. Apps that offer such user-generated content may be published in the App Store as long as they comply with all guidelines, including Guideline 1.2 on the moderation of user-generated content and Guideline 3.1.1 on payments and in-app purchases. Creator apps must include the age rating of the creator content with the highest age restriction and inform users which content requires additional purchases.

1.3 Category "Kids"

The "Kids" category is an easy way to find apps designed for children. If you want to publish content in the "Kids" category, you should focus on providing a great experience for younger users. Apps of this type must not include links to content outside the app, no purchase options, or other distractions for children, unless they are exclusively in sections of the app that offer parental controls. Remember that your app must meet the requirements of the "Kids" category in later updates, even if you remove the category selection. Learn more about parental controls.

You must comply with worldwide data privacy laws regarding the online collection of children's data. For more information, see the Privacy section of these guidelines. In addition, apps in the "Kids" category must not send personal data or device data to third parties. Apps in the "Kids" category must not contain third-party analytics or advertising. This provides a safer experience for children. In a few cases, third-party analytics may be permitted, provided that the services do not collect or transmit the IDFA or any personally identifiable information about children (such as name, date of birth, email address), location, or device. This includes all device and network data, as well as other information that could be used directly or in combination with other information to identify users and their devices. In some cases, third-party contextual advertising is also permitted, provided that the services include publicly documented practices and guidelines for apps in the "Kids" category that include human review of ads for age appropriateness.

1.4 Physical Harm

If your app behaves in a way that could cause physical harm, we may reject it. Examples:

• Medical apps that provide inaccurate data or information or could be used for diagnosis or treatment of patients may be subject to more thorough review.
• The data used by the app and the methods employed must be clearly disclosed to demonstrate that health-related measurements can be performed as accurately as stated. If the accuracy or reliability of the methods cannot be proven, your app will be rejected. For example, no apps are allowed that claim to create X-ray images using only the device's sensors, or measure blood pressure, body temperature, blood sugar, or blood oxygen levels.
• Apps must remind users to consult a doctor in addition to using the app and before making medical decisions.

If your medical app has received regulatory approval, you must provide a link to that documentation through your app.

• Dosage calculators for medicines must come from the drug manufacturer, a hospital, a university, a health insurance company, a pharmacy, or another authorized institution, or be approved by the FDA or a comparable international body. Given the potential risks such apps pose to patients, we must be able to rely on the app being supported long-term and that updates will be provided for it.
• Apps that promote the consumption of tobacco and vape products, illegal drugs, or excessive amounts of alcohol are not allowed. Apps that encourage minors to consume these substances will be rejected. Facilitating the sale of controlled substances (with the exception of licensed pharmacies and licensed or otherwise authorized cannabis dispensaries) or tobacco is not permitted.
• Apps may only display DUI checkpoints published by law enforcement agencies and must never promote drunk driving or other reckless behavior such as speeding.
• Apps must not encourage customers to participate in activities (such as betting, challenges, etc.) or use their devices in a way that could cause physical harm to themselves or others.

1.5 Developer Information

Users need to know how to reach you with questions and problems. Make sure your app and support URL provide an easy way to contact you. This is especially important for apps that may be used in education.

The lack of correct and up-to-date contact information not only frustrates customers but may also violate laws in some countries or regions. Also, ensure that Wallet cards contain valid issuer contact information and are signed with a special certificate associated with the trademark or brand owner.

1.6 Data Security

Apps must implement appropriate security measures to ensure the proper handling of user data collected in accordance with the license agreement for the Apple Developer Program and these guidelines (see Guideline 5.1 for more information), and to prevent unauthorized use, disclosure, or access by third parties.

1.7 Reporting Criminal Activity

Apps for reporting suspected criminal activity must involve local law enforcement and may only be offered in countries or regions where such involvement is active.

2. Performance

2.1 App Completeness

(a) Apps submitted for App Review, including apps you make available for preorder, must be final versions with all required metadata and fully functional URLs. Placeholder text, empty websites, and other temporary content must be deleted before submission. Check your app for errors and stability issues on a device before submitting, and also submit login credentials for a demo account with the app (and enable your backend service) if your app includes a login process. If you cannot provide a demo account due to legal or security obligations, you may use an integrated demo mode instead of a demo account with prior Apple consent. Make sure this demo mode shows all features and functions of your app. We reject incomplete app bundles and binaries that crash or have obvious technical problems.

(b) If you offer in-app purchases in your app, you must ensure that they are complete, up-to-date, visible to reviewers, and functional. If configured in-app purchase items cannot be found or reviewed in your app, state the reason in the review notes.

2.2 Beta Tests

Demos, beta versions, and test versions of your app do not belong in the App Store – use TestFlight instead. Beta versions of apps submitted for distribution via TestFlight must be intended for release and comply with the App Review Guidelines. However, note that any compensation is not allowed for apps distributed via TestFlight to testers. This also includes rewards for participating in a crowdfunding campaign. Important updates for your beta version must be submitted to App Review for TestFlight before distribution to testers. For more information, see the TestFlight Beta Testing page.

2.3 Accurate Metadata

Customers need to know what they are getting when they buy or download your app. So make sure all app metadata, including privacy information, app description, screenshots, and previews, accurately reflect the core experience in the app, and keep them up-to-date with new versions.

2.3.1

• Do not include any hidden, dormant, or undocumented features in your app. Your app's functionality must be clear to end-users and App Review. All new features, functions, and product changes must be clearly described (generic descriptions will be rejected) and accessible in the App Review notes in App Store Connect. Likewise, misleading marketing of your app, e.g., by advertising content or services it does not actually offer (such as iOS-based virus and malware scanners), and advertising a false price, whether inside or outside the App Store, are grounds for removing your app from the App Store or blocking an installation via alternative distribution and terminating your developer account.
• Especially severe or repeated behavioral violations are grounds for removal from the Apple Developer Program. We work hard to ensure that the App Store is and remains a trusted platform, and we expect our app developers to follow our example. We do not do business with dishonest people.

2.3.2

If your app includes in-app purchases, you must ensure that the app description, screenshots, and previews clearly indicate whether featured items, levels, subscriptions, etc., require additional purchases. If you choose to promote in-app purchases in the App Store, you must ensure that the display name, screenshot, and description of the in-app purchase are suitable for a public audience, that the guidelines for promoting in-app purchases are followed, and that the SKPaymentTransactionObserver method is properly set up in your app so that customers can seamlessly complete the purchase when your app is launched.

2.3.3

Screenshots must show the app in use, not just the title screen, login screen, or splash screen. They can also include text and image overlays (e.g., to demonstrate input mechanisms such as an animated touchpoint or an Apple Pencil) and show advanced features on the device, such as the Touch Bar.

2.3.4

Previews allow users to see what your app looks like and what features it includes. To help users understand what your app offers, previews should only include video recordings of the app itself. The user experience in the Messages app can be represented by stickers and iMessage extensions. You can add spoken text and video or text overlays to explain anything that is not clear from the video alone.

2.3.5

Choose the category best suited for your app and review the definitions for App Store categories if you need help. If you set a very different category, we may change it for you.

2.3.6

Answer the age rating questions in App Store Connect honestly so that your app is properly equipped with parental controls. An incorrect age rating for your app may surprise users with its content or trigger a request from a government agency. If your app contains media that requires content ratings or warnings (e.g., movies, music, games), you are responsible for complying with the local regulations of each territory where your app is available.

2.3.7

Choose a unique app name, assign keywords that accurately describe your app, and do not try to include trademarked terms, popular app names, pricing information, or other irrelevant phrases in your metadata just to bypass the system. App names can be up to 30 characters long. Metadata such as app names, subtitles, screenshots, and previews must not contain prices, terms, or descriptions that are not specific to the metadata type. App subtitles are a good way to provide additional context for your app. They must comply with our standard metadata rules and must not contain objectionable content, refer to other apps, or make unverified product claims. Apple may change inappropriate keywords at any time or take other appropriate measures to prevent abuse.

2.3.8

The metadata must be appropriate for all target audiences. Therefore, regardless of your app's age rating, always ensure that the app icons and in-app purchase icons, as well as screenshots and previews, are suitable for the 4+ age group. For example, if your app is a game that contains violence, choose images that do not depict a gruesome death or a weapon pointed at a specific character. The use of terms like "For Kids" in app metadata is reserved for the "Kids" category. Make sure your metadata – including app names and icons (small, large, Apple Watch app, alternative icons, etc.) – are similar to avoid confusion.

2.3.9

You are responsible for obtaining the rights to use all materials in your app icons, screenshots, and previews, and you should display fictional account information instead of real person data.

2.3.10

Ensure that your app focuses on the experience on the supported Apple platforms and does not use names, icons, or images from other mobile platforms or alternative app marketplaces in your app or metadata, unless specific, approved interactive features are present. Make sure your app metadata focuses on the app itself and the experience it offers. Do not include irrelevant information.

2.3.11

Apps submitted for preorder in the App Store must be complete and available as submitted. Ensure that the app you ultimately release does not differ significantly from the app advertising during the preorder phase. If you make significant changes to the app (e.g., change business models), you must restart preorders.

2.3.12

New app features and product changes must be clearly described in the announcement text for new features. Simple bug fixes, security updates, and performance improvements can be described generically, but more important changes must be listed in the release notes.

2.3.13

In-App Events are time-sensitive events within your app. To feature your event in the App Store, it must be associated with an event type available in App Store Connect. All event metadata must be accurate and relate to the event itself, not the app in general. Events must occur at the times and dates you select in App Store Connect, including across multiple storefronts. You may monetize an event as long as you follow the rules for businesses in Section 3. The deep link for the event must lead users to the correct destination within your app. You can find more information on allowed metadata and deep links for events under In-App Events.

2.4 Hardware Compatibility

• To ensure users benefit fully from your app, iPhone apps should also be usable on an iPad whenever possible. We recommend creating apps that customers can use on all devices.
• Design your app to be power-efficient and usable without damaging the device. Apps should not cause the battery to drain quickly, generate excessive heat, or excessively load the device's resources. For example, apps should not encourage placing the device under a mattress or pillow while charging, or performing excessive write cycles on the solid-state drive. Apps, including third-party advertisements, must not run background processes such as cryptocurrency mining.
• Users should be able to use your Apple TV app without additional hardware input beyond the Siri Remote or third-party game controllers. However, you can provide advanced features for other connected peripherals. If you require a game controller, you must clearly state this in the metadata so that users know they need additional equipment to play.
• Apps must never request or require a device restart or changes to system settings unless there is a connection to the app's core functionality. For example, do not encourage users to turn off Wi-Fi, disable security features, etc.
• For apps distributed through the Mac App Store, some additional requirements apply:

1. You must be in a suitable sandbox and comply with the macOS File System Documentation. Furthermore, you may only use the corresponding macOS APIs to modify user data stored by other apps (such as bookmarks, address books, or calendar entries).
2. You must be packaged and submitted using the technologies provided in Xcode. Third-party installers are not permitted. They must be self-contained installation packages for individual apps and may not install code or resources in shared locations.
3. You must not automatically start or automatically execute other code at startup or login without consent, or start processes that continue to run without consent after a user has closed the app. You must not automatically add icons to the Dock or create shortcuts on the user's desktop.
4. You must not load or install standalone apps, kexts, additional code, or resources to add functionality or significantly alter the app compared to the review process.
5. You must not request root privileges or use Setuid attributes.
6. You must not display a license screen at startup, request license keys, or implement your own copy protection.
7. You must provide updates through the Mac App Store. Other mechanisms for updates are not permitted.
8. Apps must run on the currently shipped operating system and must not use outdated or optionally installed technologies (e.g., Java).
9. Apps must include all language and localization support in a single app package.

2.5 Software Requirements

• Apps must only use public APIs and must run on the currently shipped operating system. Learn more about public APIs. Keep your apps up-to-date and ensure that you phase out any deprecated features, frameworks, or technologies that are no longer supported in future versions of the operating system. Apps must use APIs and frameworks for their intended purposes and indicate this integration in the app description. For example, the HomeKit framework should be used exclusively for home automation services, and HealthKit should only be used in the areas of health and fitness and integrated into the Health app.
• Apps must be self-contained in their respective packages and must not read or write data outside the designated container area, nor load, install, or execute code that introduces or modifies app features or functions, including other apps. Educational apps developed for teaching, developing, or testing executable code may load code under certain circumstances, provided it is not used for other purposes. Such apps must provide the source code provided by the app to users in a fully visible and editable manner.

2.5.3

Apps that transmit viruses, files, computer code, or programs that could interfere with or disrupt the normal operation of the operating system and/or hardware features, including push notifications and Game Center, will be rejected. Especially serious violations and repeated behavior will result in removal from the Apple Developer Program.

2.5.4

Multitasking apps must only use background services for their intended purposes: VoIP, audio playback, location queries, task completion, local notifications, etc.

2.5.5

Apps must be fully functional on pure IPv6 networks.

2.5.6

In apps that enable internet browsing, the corresponding WebKit framework and WebKit JavaScript must be used. You can request permission to use an alternative web browser engine in your app. Learn more about these permissions.

2.5.7

Intentionally omitted.

2.5.8

Apps that create alternative desktop/homescreen environments will be rejected.

2.5.9

Apps that modify or disable the functionality of standard switches such as "Volume Up/Down" and "Ringer/Silent" or other elements or behaviors of the native user interface will be rejected. For example, apps must not block links to other apps or features that users expect to function in a certain way.

2.5.10

Apps must not be submitted with empty banner ads or test ads.

2.5.11 SiriKit and Shortcuts

• Apps that integrate SiriKit and Shortcuts must only be registered for purposes for which they are suitable without the support of an additional app and for which users would expect based on the specified functionality. For example, if your app is a meal planning app, you should not integrate the purpose of starting a workout, even if the app can be integrated with a fitness app.
• Ensure that the vocabulary and phrases in your app's .plist file correspond to the purposes for which the app is registered and the Siri functionality. Aliases must directly refer to the name of your app or your company and must not be generic terms or include third-party app names or services.
• Edit the Siri request or shortcut as straightforwardly as possible and do not insert ads or other marketing between the request and the response. Request a clarification only if it is necessary to complete the task (e.g., ask users for more specific details about a type of workout).

2.5.12

Apps that use CallKit or include an extension for fraudulent SMS messages may only block phone numbers known to send spam. If apps include features for blocking calls, SMS, and MMS, or for identifying spam, these features must be clearly stated in the marketing text and meet the criteria for blocking and spam lists. You must not use the data accessed through these tools for purposes unrelated to the operation or improvement of your app or extension (e.g., you must not use them for tracking, sharing, or selling to create user profiles, etc.).

2.5.13

Apps that use facial recognition for account authentication must use LocalAuthentication (not ARKit or another facial recognition technology) whenever possible and must use an alternative authentication method for users under 13 years of age.

2.5.14

Apps must obtain the explicit consent of users when recording, logging, or otherwise capturing user activity and must clearly indicate this visually and/or audibly. This includes the use of the camera, microphone, screen recordings, or other user input.

2.5.15

Apps that allow users to view and select files should include elements from the Files app and users' iCloud documents.

2.5.16

Widgets, extensions, and notifications must relate to the content and functionality of your app.

(a) In addition, all features and functions of App Clips must be included in the main binary of the app. App Clips must not contain advertising.

2.5.17

Apps that support Matter must use Apple's support framework for Matter to initiate pairing. If you use a different Matter software component in your app than the Matter SDK provided by Apple, this software component must be certified by the Connectivity Standards Alliance for the respective platform.

2.5.18

Display advertising must be limited to the app's main binary and must not be included in extensions, App Clips, widgets, notifications, keyboards, watchOS apps, etc. Ads seen in an app must be appropriate for the app's age rating, allow users to see all information used to personalize that ad for them (without requiring users to leave the app), and must not include personalized or behavioral advertising based on sensitive user data such as health/medical data (e.g., from HealthKit APIs), school and educational data (e.g., from ClassKit), or children's data (e.g., from apps in the "Kids" category in the App Store), etc. Interstitial ads or ads that interrupt or block the user experience must be clearly recognizable as advertising, must not manipulate or entice users to tap on them, and must provide easily accessible and visible close/skip buttons that are large enough to dismiss the ad. Apps that contain advertising must also provide users with the ability to report inappropriate or age-inappropriate advertising.

3. Business

You have various options for monetizing your app in the App Store. If your business model is not obvious, you should explain it in the metadata and in the accompanying documentation for the app review process. If we cannot understand how your app works or your in-app purchases are not immediately clear, it will delay the review and may lead to rejection. While you may set your own prices, we do not distribute apps and in-app purchases that are clearly scams. We reject expensive apps that try to defraud users with disproportionately high prices.

If it turns out that you have tried to manipulate ratings or improve your ranking by paying for feedback or offering other incentives, faking or filtering feedback, or hiring a third party for this purpose, we will take steps to protect the integrity of the App Store. One of these steps may be the revocation of your eligibility to participate in the Apple Developer Program.

3.1 Payments

3.1.1 In-App Purchases

• If you want to unlock features or functions in your app (e.g., subscriptions, in-game currencies, game levels, access to premium content, or unlocking a full version), you must use in-app purchases. Apps must not use integrated mechanisms to unlock content or features such as license keys, augmented reality markers, QR codes, cryptocurrencies, and wallets for cryptocurrencies.
• In apps, in-app purchase currencies may be used to allow customers to give developers or digital content providers a "tip" within the app.
• Credits or in-game currencies purchased through in-app purchases must not expire. Make sure you have a recovery mechanism for all recoverable in-app purchases.
• Apps may allow elements eligible for in-app purchases to be gifted to others. Such gifts can only be refunded to the original purchaser and cannot be exchanged.
• In apps distributed through the Mac App Store, plug-ins or extensions may be hosted that are activated by mechanisms other than the App Store.
• Apps that include "loot boxes" or other mechanisms where randomized virtual items are offered for purchase must inform customers about the odds of receiving each type of item before purchase.
• Digital gift cards, certificates, vouchers, and coupons that are redeemed for digital goods or services may only be sold through in-app purchases within your app. For physical gift cards sold in an app and then sent to customers, other payment methods besides in-app purchases may be used.
• Apps without subscriptions may offer a free time-limited trial before offering an option to unlock fully. For this, a non-consumable IAP item is set up at price level 0, following the naming convention "XX-day trial." Before the trial begins, your app must clearly state the duration and the content or services that will no longer be accessible at the end of the trial, as well as any recurring fees that users would have to pay for the full functionality. Learn more about managing access to content and trial duration with Receipts and DeviceCheck.
• Apps may use in-app purchases to sell services related to Non-Fungible Tokens (NFTs), such as minting, listing, and transferring. Apps may allow users to view their own NFTs, provided that the NFT ownership rights do not unlock any features or functions within the app. Apps may allow users to browse other people's NFT collections, as long as the apps do not include buttons, external links, or other calls to action that lead customers to purchase mechanisms other than in-app purchases. Apps only in the US storefront are exempt from this.

3.1.1(a) Link to Other Purchase Methods

Developers may request permission to provide a link in their app to a website that the developer is responsible for or operates, to purchase digital content or services. These permissions are not required for developers who include buttons, external links, or other calls to action in their apps in the US storefront. Please see the further details below.

• Permissions for External StoreKit Purchase Links: Apps in the App Store in certain regions may offer in-app purchases and use permission for external StoreKit purchase links to include a link to the developer's website informing users about other ways to purchase digital goods or services. Learn more about these permissions. In accordance with the permission agreements, the link may inform users where and how they can purchase these in-app items and that these items may be available at a comparatively lower price. The permissions are limited to use in the iOS or iPadOS App Store in specific storefronts. In all other storefronts – with the exception of the US storefront, where this prohibition does not apply – apps and their metadata must not include buttons, external links, or other calls to action that lead customers to purchase mechanisms other than in-app purchases.
• Permissions for Music Streaming Services: Music streaming apps in certain regions may use permissions for music streaming services to include a link (in the form of a "Buy" button) to the developer's website, informing users about other ways to purchase digital music content or services. These permissions allow developers of music streaming apps to also encourage users to provide their email address so that a link can be sent to the developer's website, through which they can purchase digital music content or services. Learn more about these permissions. In accordance with the permission agreements, the link may inform users where and how they can purchase these in-app items and what the price for these items is. The permissions are limited to use in the iOS or iPadOS App Store in specific storefronts. In all other storefronts, apps for music streaming and their metadata must not include buttons, external links, or other calls to action that lead customers to purchase mechanisms other than in-app purchases.

If your app uses misleading marketing practices, attempts at fraud, or fraud in relation to eligibility, your app will be removed from the App Store and you may be expelled from the Apple Developer Program.

3.1.2 Subscriptions

Apps may offer auto-renewable in-app purchases regardless of the category in the App Store. When integrating auto-renewable subscriptions into your app, you must follow the following guidelines.

3.1.2(a) Permitted Uses

If you offer an auto-renewable subscription, you must provide customers with ongoing value. The subscription period must be at least seven days and must be available on all user devices. The following list is not exhaustive, but includes some examples of suitable subscriptions: new game levels; episodic content, multiplayer support, apps with consistently updated content, access to large collections of constantly updated media content, Software as a Service ("SAAS"), and cloud support. The following must also be met:

• Subscriptions may be offered in addition to freely combinable offers (e.g., you can offer a subscription to an entire library of movies in addition to purchasing or renting a single movie).
• For games offered as part of a subscription for streaming games, a single subscription may be offered across all third-party apps and services. However, they must be loaded directly from the App Store, be designed to avoid duplicate payments by subscribers, and must not disadvantage subscribers without a subscription.
• Subscriptions must function on all user devices on which the app is available. Learn more about offering a subscription across multiple apps.
• As with all apps, apps with subscription offers must allow users to use the options they have purchased without having to take further steps, such as posting to a social network, uploading contacts, or logging into the app multiple times.

3.1.2(b) Upgrades and Downgrades

Users should have a seamless upgrade/downgrade experience and should not be able to accidentally subscribe to multiple variations of the same thing. Read the best practices for managing upgrade and downgrade options for your subscription.

3.1.2(c) Subscription Information

Before asking customers to subscribe, you must clearly describe what benefits users will receive for the price. How many issues per month? How much cloud storage? What type of access to your service? Make sure you clearly communicate the requirements listed in Appendix 2 of the Apple Developer Program License Agreement.

3.1.3 Other Purchase Methods

The following apps may use purchase methods other than in-app purchases. Apps in this section must not encourage users within the app to use a purchase method other than in-app purchase, except for apps in the US storefront and in accordance with the provisions in 3.1.1(a) and 3.1.3(a). Developers may send notifications outside the app to their user base about other purchase methods besides in-app purchases.

3.1.3(a) "Reader" Apps

Apps may allow users to access previously purchased content or content subscriptions (especially: magazines, newspapers, books, audio, music, and videos). Reader apps may offer account creation for free tiers and account management for existing customers. Developers of reader apps may request permission for external links to provide an informative link within their app to a website owned or operated by the developer, to create or manage an account. This permission is not required for developers who include buttons, external links, or other calls to action in their apps in the US storefront. Learn more about permission for external links.

3.1.3(b) Cross-Platform Services

Apps that are used cross-platform may allow users to access content, subscriptions, or features that they have acquired in your app on other platforms or on your website, including consumables in cross-platform games, provided these elements are also available as in-app purchases in the app.

3.1.3(c) Business Services

If your app is sold directly by you to organizations or groups for their employees or students (e.g., professional databases and classroom management tools), you may allow business users to access previously purchased content or subscriptions. For sales to end consumers, individual users, or family members, in-app purchases must be used.

3.1.3(d) Personal Services

If your app facilitates the purchase of real-time personal services between two individuals (e.g., tutoring for students, medical consultations, property viewings, or fitness training), you may use purchase methods other than in-app purchases for these payments. Real-time services between one and many, or one and many individuals, must be handled via in-app purchase.

3.1.3(e) Goods and Services Outside the App

If your app facilitates the purchase of physical goods or services that are used outside the app, you must use purchase methods other than in-app purchases for these payments, such as Apple Pay or traditional credit card payment.

3.1.3(f) Free Standalone Apps

For free apps that function as a standalone supplement to a paid web-based tool (e.g., VoIP, cloud storage, email services, or web hosting), no in-app purchases are required, as long as no purchase or request to purchase outside the app takes place within the app.

3.1.3(g) Advertising Management Apps

For apps whose sole purpose is to enable advertisers (individuals or companies advertising a product, service, or event) to purchase and manage advertising campaigns for all media types (e.g., television, outdoor advertising, websites, or apps), no in-app purchases are required. These apps are for campaign management and do not display the ads themselves. For digital purchases of content accessed or used within an app, including the purchase of ads displayed within the same app (e.g., sales of "boosts" for posts in a social media app), in-app purchases must be used.

3.1.4 Hardware-Specific Content

Under certain circumstances, such as when functionality depends on specific hardware, this functionality may be unlocked in the app without an in-app purchase (e.g., an astronomy app that adds features when synchronized with a telescope). For app features that are used in combination with an authorized physical product (such as a toy) on an optional basis, functions may be unlocked without in-app purchases, provided an in-app purchase option is also available. However, you must not require users to purchase related products or participate in advertising or marketing activities to unlock app functionality.

3.1.5 Cryptocurrencies

• Wallets: Apps may allow the storage of virtual currency, provided they are offered by developers registered as an organization.
• Mining: Apps must not perform cryptocurrency mining, unless the processing occurs outside the device (e.g., cloud-based mining).
• Exchanges: Apps may facilitate transactions or transfers of cryptocurrency on an authorized exchange, provided they are offered exclusively in countries or regions where the app has the appropriate licenses and permissions to provide a cryptocurrency exchange.
• Initial Coin Offerings: Apps that facilitate Initial Coin Offerings ("ICOs"), cryptocurrency trading, and other cryptocurrency or securities-like businesses must originate from established banks, brokerage firms, Futures Commission Merchants ("FCMs"), or other authorized financial institutions and comply with all applicable laws.

3.2 Other Issues with the Business Model

The following lists are not exhaustive, and your submission may lead to a change or update of our guidelines, but here are some general rules:

3.2.1 Permitted

• Displaying your own apps for purchase or advertising within your app, as long as the app is not just a catalog of your apps.
• Displaying or recommending a collection of third-party apps developed for a specific approved purpose (e.g., health management, aviation, accessibility). Your app should provide comprehensive editorial content so that it does not appear as just a storefront.
• Disabling access to certain permitted licensed content (e.g., movies, TV shows, music, books) after the rental period expires; all other items and services must not expire.
• Wallet cards may be used to make or receive payments, submit offers, or identify yourself (e.g., movie tickets, coupons, and VIP login credentials). Other uses may lead to rejection of the app and revocation of wallet credentials.
• Insurance apps must be free, comply with the legal regulations of the regions in which they are distributed, and must not use in-app purchases.
• Authorized non-profit organizations may conduct fundraising campaigns directly within their own apps or third-party apps, provided these fundraising campaigns comply with all app review guidelines and support Apple Pay. These apps must disclose how the funds will be used, comply with all applicable federal and state laws, and ensure that appropriate tax receipts are available for donors. Additional information must be provided to App Review upon request. Non-profit platforms that connect donors with other non-profit organizations must ensure that all non-profit organizations listed in the app have gone through the non-profit organization approval process. Learn how to become an approved non-profit organization.
• Apps may allow individual users to give a monetary gift to another person without in-app purchases, provided that (a) the gift is a completely voluntary choice by the giver and (b) 100% of the funds go to the recipient of the gift. However, for gifts that are related to the receipt of digital content or services at any time, in-app purchases must be used.

3.2.2 Not Permitted

• Creating a user interface for displaying third-party apps, extensions, or plug-ins that resembles the App Store, or for a general collection, is not permitted.
• Intentionally omitted.
• Artificially increasing the number of ad impressions or click-throughs, as well as apps primarily designed for viewing ads.
• Collecting funds for charities and fundraising campaigns within the app, unless you are an authorized non-profit organization or this is otherwise permitted under Section 3.2.1(vi). Apps intended to collect funds for such purposes must be free in the App Store and may only collect funds outside the app, e.g., via Safari or SMS.
• Arbitrarily restricting who may use the app, e.g., by location or mobile carrier.
• Intentionally omitted.
• Artificially manipulating user visibility, status, or rank in other services, unless permitted by the terms of service of that service.
• Apps that facilitate binary options trading are not allowed in the App Store. Consider a web app instead. Apps that facilitate trading in contracts for difference ("CFDs") or other derivatives (e.g., FOREX) must be properly licensed in all countries where the service is available.
• Apps offering personal loans must clearly and fully disclose all credit terms, including, but not limited to, the corresponding maximum Annual Percentage Rate (APR) and payment due date. Apps must not charge a maximum APR of more than 36% including fees and charges, and must not require full repayment within 60 days or less.
• Apps must not compel users to rate or review the app, download other apps, or perform other store-related actions to access features or content or to use the app. Apps may otherwise encourage users to perform certain actions within apps (e.g., complete a level or watch an ad).

4. Design

Apple customers place great value on products that are simple, high-quality, innovative, and user-friendly, and that's exactly what we want to see in the App Store. It's up to you to create a great design, but you must adhere to the following minimum standards to get approved for the App Store. Remember that you must update your app even after approval to ensure it continues to function and appeals to both new and existing customers. Apps that no longer function or offer a limited experience may be removed from the App Store at any time.

4.1 Imitators

• Come up with your own ideas. We know you have them, but you have to put them into practice. You must not simply copy the latest popular app in the App Store or make minor changes to another app's name or interface and pass it off as your own. In addition to the risk of a lawsuit for intellectual property infringement, this makes navigating the App Store difficult and is simply unfair to other developers.
• Submitting apps that imitate other apps or services is a violation of the Developer Code of Conduct and can lead to exclusion from the Apple Developer Program.

4.2 Minimum Functionality

Your app must include features, content, and a user interface that differentiate it from a newly refreshed website. Apps that are not particularly useful or unique, or that do not behave like a typical app, are out of place in the App Store. If your app does not offer lasting entertainment value or adequate utility, it may not be accepted. Apps that are merely a song or movie must be submitted to the iTunes Store. Apps that are merely a book or game manual must be submitted to the Apple Books Store.

• Apps that use ARKit must offer comprehensive and integrated augmented reality experiences. It is not enough to simply display a model in an AR view or play an animation.
• Except for catalogs, apps must not primarily be marketing materials, advertisements, web clippings, a compilation of content, or a collection of links.

1. Your app must function independently without requiring another app to be installed.
2. If your app needs to load additional resources to function on first launch, state the download size and inform users in advance.

4.2.4

Intentionally omitted.

4.2.5

Intentionally omitted.

4.2.6

Apps created using a commercial template or an app generation service will be rejected unless they are submitted directly by the content provider. These services must not submit apps on behalf of their customers and must offer tools that allow their customers to create customized, innovative apps that offer unique customer experiences. Another permissible option for template providers is to create a single binary to host all customer content in an aggregated or "selection model", e.g., as an app for finding restaurants with separate custom entries or pages for each customer restaurant, or as an event app with separate entries for each customer event.

4.2.7 Remote Desktop Clients

If your remote desktop app functions as a mirror of specific software or services rather than a generic mirror of the host device, it must meet the following requirements:

• The app may only connect to a host device owned by the user, which is a user's PC or dedicated game console, and both the host device and the client must be connected via a local and LAN-based network.
• Any software or services in the client are fully executed on the host device (reproduced on the host device's screen) and must not use APIs or platform features beyond those required to stream the remote desktop.
• Account creation and management must be initiated from the host device.
• The user interface displayed on the client must not resemble any iOS or App Store view, must not provide a store-like interface, and must not offer the ability to browse, select, or purchase software that the user does not already own or is licensed for. For accuracy, no in-app purchases should be used for transactions that occur in mirrored software, provided the transactions are processed on the host device.
• Thin clients for cloud-based apps are not suitable for the App Store.

4.3 Spam

• Do not create multiple package IDs for the same app. If your app includes different versions for specific locations, sports teams, universities, etc., you can also submit a single app and provide variations through in-app purchases.
• Avoid categories that are already oversaturated. The App Store already contains enough apps for farting, burping, flashlights, fortune-telling, dating, drinking games, Kama Sutra, etc. We will reject these apps unless they offer a unique, high-quality experience. Spam in the store can lead to your removal from the Apple Developer Program.

4.4 Extensions

Apps that host or include extensions must comply with the App Extension Programming Guide, the Safari App Extensions Guide, or the Safari Web Extensions Documentation, and should, where possible, offer at least some features such as help screens and certain settings windows. They must clearly and explicitly state which extensions will be available in the app's marketing text, and the extensions must not contain marketing, advertising, or in-app purchases.

4.4.1

Additional rules apply to keyboard extensions. These must:

• Provide keyboard input functions (e.g., entered characters);
• Comply with the Sticker Guidelines if the keyboard contains images or emojis;
• Provide a method to get to the next keyboard;
• Be functional even without network access and without requiring full access;
• Only capture user activity to improve the functionality of the keyboard extension for users on the iOS device.

The following is not permitted:

• Launching other apps from settings; or
• Using keyboard keys for other behaviors (e.g., holding down the return key to launch the camera).

4.4.2

Safari extensions must run with the current version of Safari on the corresponding Apple operating system. They must not interfere with system elements or the Safari user interface and must never contain harmful or misleading content or code. Violation of this provision will result in removal from the Apple Developer Program. Safari extensions must not claim access to more websites than is strictly necessary for functionality.

4.4.3

Intentionally omitted.

4.5 Apple Websites and Services

• Apps may use approved Apple RSS feeds such as the iTunes Store RSS Feed, but may not read information from Apple websites (e.g., apple.com, iTunes Store, App Store, App Store Connect, Developer Portal) or use this information to create rankings.

4.5.2 Apple Music

• (i) With MusicKit on iOS, users can natively play Apple Music and their local music library from your apps and games. If a user grants access to their Apple Music account, your app can create playlists, add songs to playlists, and play one of millions of songs in the Apple Music catalog. Users must start playing an Apple Music stream and be able to navigate using standard media controls such as "Play," "Pause," and "Skip." Furthermore, your app must not charge for or indirectly monetize access to the Apple Music service (e.g., through in-app purchases, advertising, requesting user information). You must not load or upload music files from MusicKit APIs or allow their sharing, unless expressly permitted by the documentation for MusicKit.
• (ii) The use of MusicKit APIs is not a substitute for obtaining licenses that you may need for more comprehensive or complex music integration. For example, if you want your app to play a specific song at a specific time or create audio or video files that can be shared on social media, you must contact the rights holders directly to obtain their permission (e.g., the right to synchronize or adapt). Cover images and other metadata may only be used in connection with music playback or playlists (including screenshots from the app showing your app's functionality) and may not be used for marketing or advertising purposes without obtaining express permission from the rights holders. Follow the Apple Music Identity Guidelines when integrating Apple Music services into your app.
• (iii) Apps that access Apple Music user data, such as playlists and favorites, must clearly state this access in the purpose string. The collected data must not be shared with third parties for any purpose other than to support or improve the app experience. This data must not be used to identify users or devices or for advertising.

4.5.3

Do not use Apple services for spam, phishing, or to send unsolicited messages to customers. This includes Game Center, push notifications, etc. Do not attempt to track, trace, link, associate, mine, collect, or otherwise use player IDs, aliases, or other information obtained through Game Center, or you will be removed from the Apple Developer Program.

4.5.4

Push notifications must not be required for the app's functionality and must not be used to send sensitive personal or confidential data. Push notifications should not be used for advertising or direct marketing purposes unless customers have explicitly opted in to receive them based on the consent notice in your app's user interface, and you provide a method within your app for a user to unsubscribe from such messages. Misuse of these services may result in the revocation of your permissions.

4.5.5

Use Game Center player IDs only in a manner permitted by the Game Center terms, and do not display them in the app or to third parties.

4.5.6

Apps may use Unicode characters that are displayed as Apple emojis in the app and app metadata. Apple emojis must not be used on other platforms or embedded directly into your app binary.

4.6 Intentionally Omitted

4.7 Mini-Apps, Mini-Games, Streaming Games, Chatbots, Plug-ins, and Game Emulators

Apps may offer certain software that is not embedded in the binary file, particularly HTML5 mini-apps and mini-games, streaming games, chatbots, and plug-ins. In addition, emulator apps for retro game consoles and PCs may offer game downloads. You are responsible for all software offered in your app, including ensuring that this software complies with these guidelines and all applicable laws. Software that does not comply with one or more guidelines will result in your app being rejected. You must also ensure that the software complies with the additional rules from 4.7.1 to 4.7.5. These additional rules are important to maintain the experience that customers expect in the App Store and to ensure user safety.

4.7.1

Software offered in apps under this rule must:

• Comply with all privacy policies, including but not limited to the rules in Guideline 5.1 on the collection, use, and sharing of data and sensitive data (e.g., health and personal data of children);
• Include a method for filtering objectionable material, a mechanism for reporting content and timely responses to concerns, and the ability to block abusive users; and
• Comply with Guideline 3.1 to offer digital goods or services to end users.

4.7.2

Your app must not extend or provide native platform APIs to the software without prior Apple consent.

4.7.3

Your app must not share data or privacy permissions for individual software offered in your app without the user's explicit consent in that instance.

4.7.4

You must provide an index of the software and metadata available in your app. This must include universal links that lead to all software offered in your app.

4.7.5

Your app must specify the age rating of the content with the highest age rating available in your app.

4.8 Sign-In Services

Apps that use a third-party sign-in service or sign in via social media (e.g., Facebook Login, Google Sign-In, Sign in with Twitter, Sign In with LinkedIn, Login with Amazon, or WeChat Login) to set up or authenticate the user's primary account through the app must also offer another sign-in service with the following features as an equivalent option:

• The sign-in service limits data collection to the user's name and email address;
• The sign-in service allows users to keep their email address private when setting up their account; and
• The sign-in service does not collect interactions with your app for advertising purposes without consent.

The primary account is the account that users set up with your app for identification, login, and access to features and linked services.

In the following cases, no additional sign-in service is required:

• Your app exclusively uses your company's own systems for setup and login.
• Your app is an alternative app marketplace or an app distributed through an alternative app marketplace and uses a marketplace-specific login for account, download, and commerce functions.
• Your app is an app for educational institutions, businesses, or corporate departments where users must log in with an existing account for educational institutions or businesses.
• Your app uses a government or industry-supported identity verification system or an electronic ID to authenticate users.
• Your app is a client for a specific third-party service, and users must log in directly to their email, social media, or other third-party account to access their content.

4.9 Apple Pay

Apps that use Apple Pay must provide users with all essential purchase information before purchasing any goods or services and use the Apple Pay Marketing Guidelines and the Human Interface Guidelines as described. Apps that use Apple Pay for recurring payments must disclose at least the following information:

• The duration of the renewal period and the fact that it continues until cancellation
• What is provided during each period

4.10 Monetizing Integrated Features

You must not monetize integrated features provided by the hardware or operating system, such as push notifications, camera or gyroscope, or Apple services and technologies, such as access to Apple Music, iCloud storage, or Screen Time APIs.

5. Legal Notices

Apps must comply with the legal regulations of all locations where you make them available (consult a lawyer if you are unsure). These matters are complex, but it is your responsibility to understand the local laws and ensure that your app complies with them, not just the following guidelines. Of course, apps that incite, promote, or encourage criminal or clearly reckless behavior will be rejected. In extreme cases, such as apps that promote human trafficking and/or child exploitation, the competent authorities will be informed.

5.1 Privacy

User privacy is of utmost importance in the Apple ecosystem, and you must handle personal data carefully to ensure that you comply with best practices for privacy, applicable laws, and the terms of the Apple Developer Program License Agreement, not to mention customer expectations. Specifically, the following applies:

5.1.1 Data Collection and Storage

• (i) Privacy Policy: All apps must include a link to the privacy policy in the metadata field in App Store Connect and within the app that is easily accessible. The privacy policy must clearly and explicitly state the following:
• What data, if any, is collected by the app/service, how this data is collected, and how it is used.
• The fact that all third parties with whom an app shares user data (in accordance with these guidelines), such as analytics tools, ad networks, and third-party SDKs, as well as all parent and subsidiary companies and other affiliated companies that have access to user data, protect user data to the same or comparable extent as stated in the app's privacy policy and as required by these guidelines.
• The policies for data retention/deletion and the procedure when users withdraw consent and/or request the deletion of user data.
• (ii) Consent: Apps that collect user or usage data must obtain user consent for collection, even if this data is anonymized at the time of collection or immediately after collection. Paid features must not be dependent on or rely on a user granting access to this data. Apps must also provide customers with an easily accessible and understandable way to withdraw their consent. Make sure your purpose strings clearly and fully describe the use of the data. Apps that collect data for a legitimate interest without consent, by relying on the provisions of the EU General Data Protection Regulation ("GDPR") or similar laws, must comply with all provisions of that law. Learn more about obtaining consent.
• (iii) Data Minimization: Apps must only request access to data that is related to the app's core functionality and must only collect and use data that is necessary to fulfill the respective task. Whenever possible, use the process-external selection or a sharing form instead of requesting full access to protected resources such as photos or contacts.
• (iv) Access: Apps must comply with user permission settings and must not attempt to manipulate, trick, or force individuals to agree to unnecessary data access. For example, apps that can post photos to a social network must not request microphone access before users can upload photos. Provide alternative solutions for users who do not grant consent whenever possible. For example, if users do not want to share their location, offer the option to enter the address manually.
• (v) Account Login: If your app does not contain any important account-based features, users should be able to use it without logging in. If your app supports account creation, you must also offer account deletion within the app. Apps must not require users to enter personal data for the app to function, unless this data is directly relevant to the app's core functionality or required by law. If your app's core functionality is not related to a specific social network (e.g., Facebook, WeChat, Weibo, X, etc.), you must provide access without login or through another mechanism. Retrieving basic profile data, sharing on social networks, or inviting friends to use the app do not count as core app functions. The app must also include a mechanism within the app to revoke social network credentials and disable data access between the app and the social network. An app must not secure social network credentials or tokens outside the device and must only use such credentials or tokens to connect to the social network directly within the app while the app is in use.
• Developers who use their apps to covertly collect passwords or other private data will be removed from the Apple Developer Program.

5.1.2 Data Usage and Sharing

• (i) Unless otherwise permitted by law, you must not use, transmit, or share personal data without first obtaining the person's consent. You must provide information about how and where the data will be used. Data collected from apps may only be shared with third parties to improve the app or provide advertising (in accordance with the Apple Developer Program License Agreement). You must obtain explicit permission from users via the App Tracking Transparency APIs to track their activities. Learn more about tracking. Your app must not require users to activate system features (e.g., push notifications, location services, tracking) to access features and content, to use the app, or to receive payment or other compensation, including but not limited to gift cards and codes. Apps that share user data without user consent or otherwise comply with data protection laws may be removed from sale and may result in your removal from the Apple Developer Program.
• (ii) Data collected for a specific purpose must not be reused without further consent, unless legally expressly permitted otherwise.
• (iii) Apps must not attempt to unobtrusively create a user profile based on collected data, nor attempt or allow others to identify anonymous users or reconstruct user profiles based on data collected via APIs provided by Apple or your stated "anonymized," "aggregated," or otherwise non-identifiable means.

5.1.3 Health and Health Research

Health, fitness, and medical data are particularly sensitive, and apps in this area have some additional rules to ensure customer privacy is protected:

• (i) Apps must not use or share health, fitness, or health research data collected, including via the Clinical Health Records API, the HealthKit API, motion and fitness sensors, MovementDisorder APIs, or data collected from studies with human subjects, for advertising or marketing purposes or other usage-based data collection, unless it serves to improve health management or health research and the user has consented to it. However, apps may use users' health or fitness data to directly provide them with a benefit (e.g., a more favorable insurance premium), provided that the app is provided by the entity offering the benefit and the data is not shared with third parties. You must disclose the specific health data you collect through the device.
• (ii) Apps must not write false or erroneous data to HealthKit or any other health management or research app, and must not back up personal health data in iCloud.
• (iii) For apps conducting health-related clinical studies, participant consent or, for minors, parental or guardian consent must be obtained. This consent must include: (a) the nature, purpose, and duration of the research; (b) the procedures, risks, and benefits for the participant; (c) information on confidentiality and data handling (including sharing with third parties); (d) a point of contact for participant questions; and (e) the procedure for withdrawal.
• (iv) Apps conducting health-related clinical studies must be approved by an independent ethics committee. Proof of such approval must be provided upon request.

5.1.4 Children

• (a) For various reasons, it is extremely important to handle children's personal data carefully, and we recommend that you carefully review all legal compliance requirements such as the Children's Online Privacy Protection Act ("COPPA"), the EU General Data Protection Regulation ("GDPR"), and all other applicable regulations or laws.

Apps may only request parents' birth dates and contact information for the purpose of complying with these regulations, but must include some useful features or entertainment value regardless of a person's age.

Apps primarily intended for children must not contain any third-party analytics or advertising. This provides a safer experience for children.

• (b) In isolated cases, third-party analytics and advertising may be permissible, provided that the services comply with the same conditions as in Guideline 1.3.

Furthermore, apps in the "Kids" category, or apps that collect, transmit, or share personal data (e.g., name, address, email address, location, photos, videos, drawings, chat capabilities, other personal data, or persistent identifiers used in combination with the above elements) of a minor, must include a privacy policy and comply with all applicable children's data protection regulations. For accuracy, the requirements for parental controls that apply to the "Kids" category generally do not correspond to obtaining parental consent for the collection of a child's personal data under these data protection laws. As a reminder: Guideline 2.3.8 requires that the use of terms such as "For Kids" be reserved for the "Kids" category. Apps not belonging to the "Kids" category must not include terms in app names, subtitles, icons, screenshots, or descriptions that indicate that children are the primary target audience of the app.

5.1.5 Location Services

Only use location services in your app when they are directly relevant to the app's features and services. Location-based APIs must not be used for emergency services or for autonomous control of vehicles, aircraft, and other vehicles, except for small devices such as light drones and toys or remote-controlled car alarm systems, etc. Ensure that you inform users and obtain their consent before collecting, transmitting, or using location data. If location services are used in your app, you must explain their purpose within your app. Refer to the Human Interface Guidelines for best practices.

5.2 Intellectual Property

Make sure your app only contains content that you created or for which you have a license. Your app may be removed if you cross the red line and use content without permission. This naturally also means that another person's app can be removed if they have "helped themselves" to yours. If you believe your copyright has been infringed by another developer in the App Store, assert your claim via the web form. Laws vary by country and region, but at least the following common mistakes should be avoided:

5.2.1 General

Do not use third-party protected material such as trademarks, copyrighted works, or patented ideas in your app without permission, and do not include misleading, false, or imitative depictions, names, or metadata in your app package or developer name. Apps must be submitted by the natural or legal person who owns or is licensed for the copyrights and other applicable rights.

5.2.2 Third-Party Websites/Services

If your app uses, accesses, monetizes, or displays content from a third party, you must ensure that you are expressly permitted to do so under the service's terms of use. Permission must be provided upon request.

5.2.3 Audio/Video Downloads

Apps must not facilitate illegal file sharing or the ability to back up, convert, or download media from third parties (e.g., Apple Music, YouTube, SoundCloud, Vimeo, etc.) unless express permission from these sources is obtained. Streaming audio/video content may also violate the terms of use. Be aware of this before your app accesses these services.

Permission must be provided upon request.

5.2.4 Apple Representations

• (a) You must not claim or imply that Apple is the source or provider of the app or that Apple makes any specific representation regarding its quality or functionality.
• (b) If your app is selected as "Editor's Choice," Apple will automatically apply the badge.

5.2.5 Apple Products

Do not create apps that confusingly resemble existing Apple products, interfaces (e.g., Finder), apps (e.g., App Store, iTunes Store, or Messages), or advertising themes. Apps and extensions, including third-party keyboards and sticker packs, may not contain Apple emojis. Music from iTunes and Apple Music previews may not be used for entertainment value (e.g., as background music for a photo collage or soundtrack for a game) or in any other unauthorized manner. If you provide music previews from iTunes or Apple Music, you must display a link to the corresponding music in iTunes or Apple Music. If your app displays activity rings, they must not visualize movement, exercise, or standing data in a way that resembles the activity control. Refer to the Human Interface Guidelines for more information on using activity rings. If your app displays Apple Weather data, it must comply with the attribution requirements in the documentation for WeatherKit.

5.3 Games, Gambling, and Lotteries

Games, gambling, and lotteries can be difficult to manage and are among the most regulated offerings in the App Store. Only integrate this functionality if you have thoroughly reviewed your legal obligations wherever you provide your app and are prepared for the additional time investment during the review process. You should note the following:

• Sweepstakes and contests must be sponsored by the app developer.
• Official rules for sweepstakes, contests, and raffles must be displayed in the app and clearly state that Apple is not a sponsor or involved in the activity in any way.
• Apps must not use in-app purchases to buy credits or currency for use in connection with real-money games of any kind.
• Apps offering real-money games (e.g., sports betting, poker, casino games, horse racing) or lotteries must have the required licenses and permissions in the locations where the app is used, must be geographically restricted to those locations, and must be free in the App Store. Illegal game aids, including card counters, are not allowed in the App Store. Lottery apps must offer a stake, a randomly chosen winner, and a prize.

5.4 VPN Apps

Apps offering VPN services must use the NEVPNManager API and may only be offered by developers registered as an organization. They must clearly indicate which user data is collected and how it is used on an app screen before user actions (purchase or other use of the service). VPN apps must not violate local laws. If you wish to offer your VPN app in a region that requires a VPN license, you must provide the license information in the accompanying documentation for the app review process. Approved apps for parental controls, content blocking, and security may also use the NEVPNManager API. Apps that do not comply with this policy will be removed from the App Store and blocked from installation via alternative distribution, and you may be expelled from the Apple Developer Program.

5.5 Mobile Device Management

Apps for mobile device management that offer mobile device management services (MDM services) must request this function from Apple. Such apps may only be offered by commercial companies, educational institutions, or government agencies, and in individual cases by companies that use MDM for parental control services or device security. They must clearly indicate which user data is collected and how it is used on an app screen before user actions (purchase or other use of the service). MDM apps must not violate applicable laws. Apps offering MDM services must not sell, use, or disclose data to third parties for any purpose and must comply with their privacy policy. In restricted cases, third-party analytics are permissible, provided that the services only collect or transmit data about the performance of the developer's MDM app and not data about users, the user's device, or other apps used on that device. Apps that offer configuration profiles must also comply with these requirements. Apps that do not comply with this policy will be removed from the App Store and blocked from installation via alternative distribution, and you may be expelled from the Apple Developer Program.

5.6 Developer Code of Conduct

Please treat everyone with respect, whether in your responses to App Store reviews, in customer support inquiries, or in communication with Apple, as well as in your responses in App Store Connect. Harassment of any kind, discrimination, intimidation, bullying, and soliciting others to do so are not permitted. Repeated manipulative or misleading behavior or other fraudulent actions will result in your removal from the Apple Developer Program.

Customer trust is a cornerstone of the app ecosystem. Apps must never exploit users or try to rip off customers, coerce them into making unwanted purchases, force them to share unnecessary data, irresponsibly increase prices, charge for features or content that were not provided, or engage in other manipulative practices inside or outside the app.

Your Developer Program account will be terminated if you engage in activities or actions that do not comply with the Developer Code of Conduct. To reinstate your account, you must submit a written explanation outlining the planned improvements. If your plan is approved by Apple and we have verified that the changes have been made, your account may be reinstated.

5.6.1 App Store Reviews

Customer reviews in the App Store are an integral part of the app experience. Therefore, you should treat customers respectfully when responding to their comments. Make sure your responses are directed to user comments and do not contain personal information, spam, or marketing.

Use the provided API to prompt users to review your app. This feature allows customers to submit ratings and reviews in the App Store without leaving the app. Individual prompts for review are not permitted.

5.6.2 Developer Identity

For customer trust, it is crucial to provide verifiable information for Apple and customers. The representation of yourself, your company, and your offerings in the App Store or through alternative distribution channels must be accurate. The information provided must be truthful, relevant, and up-to-date so that Apple and customers understand who they are dealing with and can contact you with problems.

5.6.3 Fraud

Participation in the App Store requires integrity and a commitment to building and maintaining customer trust. Manipulating elements of the customer experience in the App Store, such as diagrams, search, or reviews or recommendations for your app, minimizes customer trust and is not permitted.

5.6.4 App Quality

Customers expect the highest quality from the App Store, and high-quality content, services, and experiences foster customer trust. Indications that this expectation is not being met include excessive customer reports of concerns about your app, such as negative customer reviews and excessive refund requests. The inability to maintain high quality can be a factor in deciding whether developers are complying with the code of conduct.

After Submission

When you have submitted your app along with the metadata via App Store Connect and your app is being reviewed, please consider the following:

• Review Time: App Review reviews your app as quickly as possible. However, if your app is complex or has new issues, it may require more thorough investigation and consideration. If your app has been repeatedly rejected for violating the same guidelines or you have attempted to manipulate the app review process, your app will not be reviewed further. Learn more about App Review.
• Status Updates: In App Store Connect, you can check the current review status of your app, so you are always up to date.
• Expedited Reviews: If time is short, you can request an expedited review process. Please submit these expedited requests with consideration for other app developers only when absolutely necessary. If it turns out that you are abusing this option, we may reject future requests of this kind.
• Release Date: If your app's release date is in the future, it will only be displayed in the App Store from that date, even if it has already been approved by App Review. Don't forget that it can take up to 24 hours for the app to appear on all selected storefronts.
• Rejections: Our goal is to apply these guidelines fairly and consistently, but we are not perfect either. If your app has been rejected and you have questions or would like to provide additional material, please contact the App Review Team directly through App Store Connect. This may result in your app being included in the store and gives us an opportunity to improve the app review process and determine which part of our guidelines may need clearer wording.
• Appeals: If you disagree with the outcome of a review, please file an appeal. This may help you publish your app in the store. You can also suggest changes to the guidelines yourself to help us improve the app review process or identify necessary clarifications to our guidelines.
• Bug Fix Submissions: For apps that are already available in the App Store or through an alternative distribution channel, bug fixes for guideline violations will not be delayed (exception: for legal or security-related aspects). If your app has been rejected and qualifies for this process, please contact the App Review Team directly through App Store Connect. Indicate that you wish to use this process and plan to address this issue in the next submission.

We look forward to your new ideas!

Last updated: June 9, 2025