Privacy Compliance Guidelines for App Launches in China

As regulations regarding user privacy protection in China become increasingly stringent, App developers must navigate the essential “course” of privacy compliance before submitting their products to various Android app stores (such as Huawei, Xiaomi, OPPO, vivo, Tencent, Baidu, etc.).

Why is Privacy Compliance So Important?

In simple terms, if your App lacks a privacy policy, has improper permission requests, or uses non-compliant third-party SDKs, you can forget about a smooth app launch.

Since the implementation of the Personal Information Protection Law in China in 2021, there have been clear legal constraints on how Apps collect personal information. Major app stores have also strengthened their review mechanisms, leading to many Apps being rejected or even removed due to non-compliance with privacy regulations.

Core Regulations You Must Understand

When launching an App in China, you must comply with at least the following laws and regulations:

• The Personal Information Protection Law of the People’s Republic of China
• The Cybersecurity Law of the People’s Republic of China
• The Data Security Law
• The Method for Identifying Illegal Collection and Use of Personal Information by Apps
• The Regulations on the Management of Information Services for Mobile Applications

The core spirit of these regulations can be summarized in one sentence: “Collection must be lawful, use must be transparent, processing must be secure, and users have rights.”

Privacy Compliance Content You Must Prepare Before Launching

1. Draft a Compliant Privacy Policy

This is the most basic requirement, and all app stores will check for it.

Your privacy policy should clearly state:

• What personal information the App collects (e.g., phone number, location data, device information, etc.)
• The purpose and use of the collected information
• Whether the information will be shared with third parties (e.g., if third-party SDKs are used)
• What rights users have (e.g., the right to withdraw consent, delete data, deactivate accounts, etc.)
• Contact information and complaint channels

It is recommended to use official templates, as developer platforms like Huawei, Xiaomi, and OPPO provide guidelines and examples for writing privacy policies.

2. Permission Requests Should Be “Necessary, Explicit, and Dynamic”

Permission requests are a common pitfall during the review process.

• Avoid requesting all permissions at once; request them as needed and use dynamic pop-ups. For example, request location permission when the user accesses the map or location feature, rather than asking for it as soon as the App opens.
• The pop-up should explain the purpose of the permission, such as: “To provide you with recommendations for nearby businesses, we need to access your location data.”

3. Ensure Third-Party SDKs Are Compliant

Many developers overlook this aspect. The ad, analytics, and push notification SDKs you integrate may also collect user information in the background.

You need to:

• List all the SDKs you are using
• Specify what data they collect and for what purposes
• Disclose this information in your privacy policy

4. Provide Features Related to User Privacy Rights

Users should have the right to:

• View and modify their personal information
• Withdraw consent
• Deactivate their accounts
• Delete personal data

If you currently do not offer these features, at the very least, provide an effective contact method or customer service channel for users to submit requests.

Practical Recommendations

1. Use official privacy policy templates; don’t write your own from scratch.
2. Request permissions dynamically; avoid requesting all at once.
3. Carefully fill out permission descriptions, SDK information, and privacy policy links in the app store backend.

In Conclusion

Privacy protection is not just a formality; it is a responsibility that every developer must take seriously. Compliance not only helps you achieve a smooth app launch but also demonstrates respect for your users.

If you have already developed your App, it’s advisable to start by conducting a self-check on privacy compliance instead of waiting until your app is rejected by the store.

If you want to introduce your APP to the Chinese market or have questions about how to comply with privacy regulations, please contact us. We can discuss how App2China can assist you in completing this process smoothly.