{"id":1118,"date":"2022-03-14T14:20:29","date_gmt":"2022-03-14T13:20:29","guid":{"rendered":"https:\/\/stage.usercentrics.com\/?post_type=resource&#038;p=22146"},"modified":"2024-12-10T09:51:21","modified_gmt":"2024-12-10T08:51:21","slug":"gdpr-checklist-for-apps","status":"publish","type":"resource","link":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/","title":{"rendered":"GDPR Checklist for Apps"},"content":{"rendered":"\n\n\n<p>Following these steps will help ensure that your mobile app is compliant with the GDPR and ePrivacy Directive. This will protect your company from fines and your users\u2019 data from misuse. Tick the boxes to see how compliant you are or need to be.<\/p>\n\n\n<h2 class=\"wp-block-heading\">Compliant data is a critical business resource<\/h2>\n<p>Marketing strategy and data privacy regulations are both evolving rapidly. Move beyond performance-based to outcome-based marketing with a bulletproof and futureproof user acquisition strategy that centers user consent.<\/p>\n<p>Privacy regulations and enforcement bring complexity to the digital business landscape that app professionals are navigating. We help manage the complexity for you. Mobile publishers, developers, and the mobile advertising ecosystem need high-quality data, for which user consent is now critical.<\/p>\n<p>User consent enables:<\/p>\n<ul>\n<li>running remarketing or re-engagement campaigns<\/li>\n<li>correct attributions for installs to specific campaigns<\/li>\n<li>decreased user acquisition costs<\/li>\n<li>permission to use analytics, attribution, advertising, and other marketing tools and SDKs<\/li>\n<\/ul>\n<p>This toolkit provides a step-by-step guide to help align your app marketing strategy with the GDPR and the ePrivacy Directive.<\/p>\n\n\n<div id=\"uc-cta_69ea910e06940\" class=\"uc-cta uc-cta--button uc-cta--primary uc-ctx--blue\">\n    <div class=\"uc-cta__inner container\">\n        <div class=\"uc-cta__content\">\n                                        <div class=\"uc-cta__heading no-default-margin\">Choose a GDPR CMP designed for Apps<\/div>\n                                        <div class=\"uc-cta__description\">\n                    <p>Our SDK supports 4 platforms, is globally compliant and provides consented user-data insights<\/p>\n                <\/div>\n                                                                    <\/div>\n                            <div class=\"uc-cta__section\">\n                                        <a id=\"387ce10f-d510-45ea-aa3d-970697f7b422\" class=\"uc-button uc-button-size-m uc-button-contained  no-default-link-decoration\" href=\"\/in-app-sdk\/\" target=\"\"><span>Discover our SDK<\/span><\/a>                                    <\/div>\n            <\/div>\n<\/div>\n    <script type=\"module\">\n        new Uc_Cta(document.getElementById(\"uc-cta_69ea910e06940\"));\n    <\/script>\n\n\n<h3>Step 1: Conduct an audit of your mobile app<\/h3>\n<ul>\n<li>Identify all SDKs installed in your apps<\/li>\n<li>Document the scope of each third-party technology: what data they access (i.e. AAID, IDFA, IP address, etc.) and why<\/li>\n<li>Make sure third-party technologies (i.e. ad network, mediation etc.) can receive and apply user consent choice (i.e. can they receive and apply GDPR consent?)<\/li>\n<li>Avoid access to persistent identifiers (e.g. IMEI and device number)<\/li>\n<li>Limit your apps permissions request only to the essentials to run your service<\/li>\n<\/ul>\n<h3>Step 2: Explain what the tracking technologies are doing and why in a comprehensive privacy policy<\/h3>\n<ul>\n<li>Inform users about what data are collected, how, and why in the privacy policy<\/li>\n<li>Check relevant data protection laws for further details<\/li>\n<li>Ensure the privacy policy is updated and is easy to find, read, and understand for the average user<\/li>\n<\/ul>\n<h3>Step 3: Let users know you are using tracking technologies (e.g. SDKs) via a consent banner<\/h3>\n<ul>\n<li><strong>Show a consent banner<\/strong> before any SDK starts collecting data<\/li>\n<li>Ensure that you inform users and <strong>receive valid consent<\/strong> (check #4), especially for non-essential technologies (e.g. marketing, monetization, mediation, attribution)<\/li>\n<li>Collect consent again every time technologies in use change<\/li>\n<li><strong>Inform users<\/strong> about the purpose of each SDK separately in the consent banner<\/li>\n<\/ul>\n<h3>Step 4: Obtain valid user consent per the GDPR<\/h3>\n<p>For consent to be valid, it has to be:<\/p>\n<ul>\n<li><strong>Explicit<\/strong>: active acceptance, e.g. ticking a box or clicking a link<\/li>\n<li><strong>Informed<\/strong>: what, why, by whom, for how long<\/li>\n<li><strong>Documented<\/strong>: ensure you can provide proof of consent in the case of an audit (also check #7)<\/li>\n<li><strong>In advance<\/strong>: no data can be collected before opt-in, e.g. SDKs cannot \u201cfire\u201d before the user\u2019s consent has been passed to them<\/li>\n<li><strong>Granular<\/strong>: individual consent options for each purpose must be offered &#8211; consent cannot be bundled to cover other purposes or activities<\/li>\n<li><strong>Freely given<\/strong>: \u201cAccept\u201d and \u201cReject\u201d options, e.g. button or link<\/li>\n<li><strong>Easy to withdraw<\/strong>: easy access to change consent preferences in the future (also check #8)<\/li>\n<\/ul>\n\n\n<div id=\"uc-cta_69ea910e06ff2\" class=\"uc-cta uc-cta--button uc-cta--primary uc-ctx--blue\">\n    <div class=\"uc-cta__inner container\">\n        <div class=\"uc-cta__content\">\n                                        <div class=\"uc-cta__heading no-default-margin\">Download a PDF version of this checklist<\/div>\n                                                                                <\/div>\n                            <div class=\"uc-cta__section\">\n                                        <a id=\"ff9093d9-e121-4fa7-b41d-4f0adf77eb3b\" class=\"uc-button uc-button-size-m uc-button-contained  no-default-link-decoration\" href=\"https:\/\/usercentrics.com\/wp-content\/uploads\/2022\/03\/UC-App-Checklist-2023.pdf\" target=\"_blank\"><span>Download Checklist<\/span><\/a>                                    <\/div>\n            <\/div>\n<\/div>\n    <script type=\"module\">\n        new Uc_Cta(document.getElementById(\"uc-cta_69ea910e06ff2\"));\n    <\/script>\n\n\n\n<h3>Step 5: Enable users to access your service even if they do not consent to tracking technologies<\/h3>\n<ul>\n<li>If a user refuses data processing, <strong>no non-essential tracking can collect data<\/strong>, essential tracking technologies needed for the app to function can keep operating<\/li>\n<li>Ensure users can still <strong>access your app<\/strong> even if they refuse the use of tracking technologies, blocking them can be a discriminatory action<\/li>\n<\/ul>\n<h3>Step 6: Collect and process data only after obtaining valid consent<\/h3>\n<ul>\n<li>Ensure that SDKs are not loaded until the user has given consent<\/li>\n<li>Once you have obtained valid consent, <b>you can collect and process personal data<\/b> (e.g. AdID, IDFA) for the purposes that users have been informed about<\/li>\n<\/ul>\n<h3>Step 7: Document and store consent received from users<\/h3>\n<ul>\n<li>Comply with your documentation obligation and ensure you are able to verify users\u2019 consent in case of an <strong>audit by data protection authorities (DPA)<\/strong><\/li>\n<\/ul>\n<h3>Step 8: Opt out must be as simple as opt in<\/h3>\n<ul>\n<li>Make it as easy for users to withdraw their consent as it was to give it in the first place &#8211; <strong>easy in, easy out<\/strong><\/li>\n<li><strong>External links<\/strong> to a third page for opt out are not sufficient<\/li>\n<li>Make sure that the <strong>options for acceptance and rejection are comparably designed<\/strong>, e.g. on the same level, in the same format, with the same degree of simplicity<\/li>\n<\/ul>\n<h3>Step 9: Opt out must be as simple as opt in<\/h3>\n<ul>\n<li>After opt out ensure that no further data is collected or forwarded<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n\n\n<div id=\"uc-cta_69ea910e075af\" class=\"uc-cta uc-cta--button uc-cta--primary uc-ctx--blue\">\n    <div class=\"uc-cta__inner container\">\n        <div class=\"uc-cta__content\">\n                                        <div class=\"uc-cta__heading no-default-margin\">Usercentrics Consent Management Platform can help you simplify the privacy compliance complexity for your apps<\/div>\n                                        <div class=\"uc-cta__description\">\n                    <p>Sign up for your 30-day free trial today<\/p>\n                <\/div>\n                                                                    <\/div>\n                            <div class=\"uc-cta__section\">\n                                        <a id=\"fedc4e12-cbee-4b39-bcb3-4ef0284b28cb\" class=\"uc-button uc-button-size-m uc-button-contained  no-default-link-decoration\" href=\"https:\/\/usercentrics.com\/free-trial-web\/\" target=\"\"><span>Start trial<\/span><\/a>                                    <\/div>\n            <\/div>\n<\/div>\n    <script type=\"module\">\n        new Uc_Cta(document.getElementById(\"uc-cta_69ea910e075af\"));\n    <\/script>\n\n\n","protected":false},"excerpt":{"rendered":"<p>We help you achieve privacy compliance with your apps. Build user trust and accelerate user acquisition to boost growth.<\/p>\n","protected":false},"featured_media":7181,"template":"","meta":{"_acf_changed":false,"editor_notices":[],"footnotes":""},"tags":[],"industry":[],"magazine_issue":[],"magazine_tag":[],"product":[],"resource_tag":[11,14],"class_list":["post-1118","resource","type-resource","status-publish","has-post-thumbnail","hentry","resource_tag-apps","resource_tag-privacy"],"acf":[],"yoast_head":"<title>GDPR Checklist for Apps: Improve Data Privacy Compliance<\/title>\n<meta name=\"description\" content=\"Follow our GDPR checklist for apps to address compliance and build user trust. Enhance app security while expanding your audience with confidence.\" \/>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GDPR Checklist for Apps: Improve Data Privacy Compliance\" \/>\n<meta property=\"og:description\" content=\"Follow our GDPR checklist for apps to address compliance and build user trust. Enhance app security while expanding your audience with confidence\" \/>\n<meta property=\"og:url\" content=\"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/\" \/>\n<meta property=\"og:site_name\" content=\"Usercentrics - US\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/usercentrics\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-10T08:51:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2022\/03\/55.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"GDPR Checklist for Apps | Mobile App Privacy Compliance\" \/>\n<meta name=\"twitter:description\" content=\"Download our GDPR checklist for mobile apps to ensure data privacy compliance easily and efficiently. Usercentrics specializes in consent management APKs.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/usercentrics.com\/wp-content\/uploads\/2022\/03\/Checklist.jpg\" \/>\n<meta name=\"twitter:site\" content=\"@usercentrics\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/\",\"url\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/\",\"name\":\"GDPR Checklist for Apps: Improve Data Privacy Compliance\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/wp-content\\\/uploads\\\/sites\\\/7\\\/2022\\\/03\\\/Checklist-apps.svg?v=e93680361f1a046c\",\"datePublished\":\"2022-03-14T13:20:29+00:00\",\"dateModified\":\"2024-12-10T08:51:21+00:00\",\"description\":\"Follow our GDPR checklist for apps to address compliance and build user trust. Enhance app security while expanding your audience with confidence.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/\"}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/#primaryimage\",\"url\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/wp-content\\\/uploads\\\/sites\\\/7\\\/2022\\\/03\\\/Checklist-apps.svg?v=e93680361f1a046c\",\"contentUrl\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/wp-content\\\/uploads\\\/sites\\\/7\\\/2022\\\/03\\\/Checklist-apps.svg?v=e93680361f1a046c\",\"width\":230,\"height\":244,\"caption\":\"Checklist app\",\"copyrightNotice\":\"\u00a9 Copyright 2026 Usercentrics GmbH\",\"creator\":{\"@type\":\"Organization\",\"name\":\"Usercentrics GmbH\"},\"creditText\":\"Image: Usercentrics GmbH\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Resources\",\"item\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Checklists\",\"item\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/checklists\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"GDPR Checklist for Apps\",\"item\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/resources\\\/gdpr-checklist-for-apps\\\/\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/#website\",\"url\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/\",\"name\":\"Usercentrics - US\",\"description\":\"Consent Management Platform (CMP) Usercentrics\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/usercentrics.com\\\/us\\\/?s={search_term_string}\"}}],\"inLanguage\":\"en-US\"}]}<\/script>","yoast_head_json":{"title":"GDPR Checklist for Apps: Improve Data Privacy Compliance","description":"Follow our GDPR checklist for apps to address compliance and build user trust. Enhance app security while expanding your audience with confidence.","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"GDPR Checklist for Apps: Improve Data Privacy Compliance","og_description":"Follow our GDPR checklist for apps to address compliance and build user trust. Enhance app security while expanding your audience with confidence","og_url":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/","og_site_name":"Usercentrics - US","article_publisher":"https:\/\/www.facebook.com\/usercentrics","article_modified_time":"2024-12-10T08:51:21+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2022\/03\/55.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_title":"GDPR Checklist for Apps | Mobile App Privacy Compliance","twitter_description":"Download our GDPR checklist for mobile apps to ensure data privacy compliance easily and efficiently. Usercentrics specializes in consent management APKs.","twitter_image":"https:\/\/usercentrics.com\/wp-content\/uploads\/2022\/03\/Checklist.jpg","twitter_site":"@usercentrics","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/","url":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/","name":"GDPR Checklist for Apps: Improve Data Privacy Compliance","isPartOf":{"@id":"https:\/\/usercentrics.com\/us\/#website"},"primaryImageOfPage":{"@id":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/#primaryimage"},"image":{"@id":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/#primaryimage"},"thumbnailUrl":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2022\/03\/Checklist-apps.svg?v=e93680361f1a046c","datePublished":"2022-03-14T13:20:29+00:00","dateModified":"2024-12-10T08:51:21+00:00","description":"Follow our GDPR checklist for apps to address compliance and build user trust. Enhance app security while expanding your audience with confidence.","breadcrumb":{"@id":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/"}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/#primaryimage","url":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2022\/03\/Checklist-apps.svg?v=e93680361f1a046c","contentUrl":"https:\/\/usercentrics.com\/us\/wp-content\/uploads\/sites\/7\/2022\/03\/Checklist-apps.svg?v=e93680361f1a046c","width":230,"height":244,"caption":"Checklist app","copyrightNotice":"\u00a9 Copyright 2026 Usercentrics GmbH","creator":{"@type":"Organization","name":"Usercentrics GmbH"},"creditText":"Image: Usercentrics GmbH"},{"@type":"BreadcrumbList","@id":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Resources","item":"https:\/\/usercentrics.com\/us\/resources\/"},{"@type":"ListItem","position":2,"name":"Checklists","item":"https:\/\/usercentrics.com\/us\/checklists\/"},{"@type":"ListItem","position":3,"name":"GDPR Checklist for Apps","item":"https:\/\/usercentrics.com\/us\/resources\/gdpr-checklist-for-apps\/"}]},{"@type":"WebSite","@id":"https:\/\/usercentrics.com\/us\/#website","url":"https:\/\/usercentrics.com\/us\/","name":"Usercentrics - US","description":"Consent Management Platform (CMP) Usercentrics","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/usercentrics.com\/us\/?s={search_term_string}"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/resource\/1118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/resource"}],"about":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/types\/resource"}],"version-history":[{"count":0,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/resource\/1118\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/media\/7181"}],"wp:attachment":[{"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/media?parent=1118"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/tags?post=1118"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/industry?post=1118"},{"taxonomy":"magazine_issue","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/magazine_issue?post=1118"},{"taxonomy":"magazine_tag","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/magazine_tag?post=1118"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/product?post=1118"},{"taxonomy":"resource_tag","embeddable":true,"href":"https:\/\/usercentrics.com\/us\/wp-json\/wp\/v2\/resource_tag?post=1118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}