Download our sample PrivacyInfo.xcprivacy file.

In the world of app development, privacy is paramount. Apple's guidelines for developers include a crucial step: detailing the use of required reason APIs in privacy manifest files. This documentation process is not just about compliance; it's a commitment to transparency and user trust. Learn more here.

See All Source Codes

For 10% OFF - use coupon code ZWV-YJN-TVZ

1) Create a privacy manifest

To add the privacy manifest to your app or third-party SDK in Xcode, follow these steps:

  • Choose File > New File.
  • Scroll down to the Resource section, and select App Privacy File type.
  • Click Next.
  • Check your app or third-party SDK’s target in the Targets list.
  • Click Create.

By default, the file is named PrivacyInfo.xcprivacy this is the required file name for bundled privacy manifests. You need to add the privacy manifest file to your target’s resources for Xcode to use it when you generate a privacy report.

2) Required reason APIs

Some APIs that your app uses to deliver its core functionality — in code you write or included in a third-party SDK — have the potential of being misused to access device signals to try to identify the device or user, also known as fingerprinting.

If you upload an app to App Store Connect that uses required reason API without describing the reason in its privacy manifest file, Apple sends you an email reminding you to add the reason to the app’s privacy manifest.

In this case, select the PrivacyInfo.xcprivacy in Xcode, and click the "+" button next to the App Privacy Configuration. Then select the API reason that Apple provided. In this example we have NSPrivacyAccessedAPITypes.
The next step is to click the "+" button next to the Item 0 in order to add API Type and API Reasons.
Now it's time to add a description for the API Reasons. You can find all the API reasons here.

NSPrivacyAccessedAPITypeReasons (Privacy Accessed API Reasons)
For this example, we will use this description for the API reasons:
CA92.1: Access info from same app, per documentation

NOTE: You only need to paste CA92.1, then hit Enter. It should get populated with the right text automatically.

NSPrivacyAccessedAPIType (Privacy Accessed API Type)
This will be the API type that Apple provided in the email. For this example we use: NSPrivacyAccessedAPICategoryUserDefaults

3) Generate Privacy Report

This step is optional. In Xcode 15, when submitting your app to the App Store, you can generate a privacy report that consolidates all privacy manifests from your project. This is done by selecting "Generate Privacy Report" from the context menu in Xcode Organizer for an app archive. This feature helps ensure your app meets App Store privacy requirements.

Other Examples

App Store Connect may require you to disclose additional API use cases via email. For various API categories, there are example descriptions provided that you should use if they accurately reflect your app's functionality.

Feel free to download our sample PrivacyInfo.xcprivacy file.

If you have any questions or suggestions, please feel free to send an email to
Thanks for reading!