Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This is Apple's global privacy policy explaining what personal information Apple collects when you use iPhones, Macs, the App Store, Apple Pay, iCloud, Siri, and other Apple products and services. The most important thing to know is that Apple collects a wide range of data including your location, health and fitness information, financial details, device usage patterns, and Siri voice interactions, and may share this data with third-party developers, business partners, and advertising networks, though the policy states Apple does not sell your personal data in the traditional sense. If you are in the EU, California, or certain other regions, you have specific legal rights to access, correct, or delete your data, which you can exercise through Apple's privacy portal at privacy.apple.com.
This document is Apple's global Privacy Policy, governing how Apple collects, uses, shares, and protects personal data across its products, services, and websites, with stated legal bases varying by jurisdiction including consent, legitimate interest, and contractual necessity. The policy states that Apple collects personal data including contact information, device identifiers, purchase history, location data, financial information, health and fitness data, and usage analytics, and the terms authorize use of this data for product improvement, personalized advertising, fraud prevention, and sharing with service providers, business partners, and affiliates under confidentiality obligations. The policy asserts a privacy-by-design framework and positions Apple as minimizing data collection relative to peers, though the breadth of data types covered, including precise location, health data, and financial information, across a unified ecosystem of hardware, software, and services, creates substantial data aggregation potential that the document does not fully quantify. The policy engages GDPR for EU/EEA users, CCPA/CPRA for California residents, and various Asia-Pacific data protection frameworks given its global scope, with Apple designating regional subsidiaries as data controllers for different geographies, creating jurisdiction-specific rights and enforcement pathways. Compliance teams should note that the policy's assertion of legitimate interest as a processing basis in some contexts may require evaluation under GDPR Article 6, and that cross-border data transfer mechanisms including Standard Contractual Clauses are referenced but not fully detailed in the policy text.
Institutional analysis available with Professional
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.
Start Professional free trialMonitoring
Apple App Store has updated this document before.
Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
Professional Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Professional free trialCross-platform context
See how other platforms handle Collection of Health and Fitness Data and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.