How to Host a Privacy Policy for Your App (iOS App Website + Support URL Setup)

In App Store Connect, you’ll typically provide at least a Privacy Policy URL and a Support URL. Many developers also publish a basic app website (even a single-page site) because it helps users and reviewers quickly understand the app, and it gives you a stable place to link to legal and support resources.

The most important requirement is that your privacy policy is publicly accessible, readable on mobile, and stays online. Avoid links that require a login, expire, or are only visible inside the app. If you change the URL later, update it in App Store Connect so users always find the current policy.

A good baseline setup is: (1) App website homepage, (2) /privacy page, (3) /support page, and optionally (4) /terms. Keep the URLs consistent and simple.

You can host your privacy policy almost anywhere as long as it’s a public, stable URL over HTTPS. Common options include:

Option 1: Your own domain + simple static hosting. Buy a domain (example.com) and host a small site with privacy and support pages. This looks professional and gives you full control over URLs.

Option 2: A hosted landing-page builder. If you want to move fast, tools that generate simple pages can work well as long as the URLs are public and persistent. If you’re using a tool like MyAppDeck to publish an app landing page, you can include a dedicated privacy policy page and link it from the footer and App Store Connect.

Option 3: GitHub Pages or similar static site hosting. Great for developers who are comfortable committing a privacy policy HTML file or using a static site generator. Make sure your policy is easy to read and not hidden behind repository navigation; link directly to the rendered page URL.

Keep it predictable. Here are examples that work well for iOS apps:

App website: https://example.com/appname

Privacy Policy: https://example.com/appname/privacy

Support: https://example.com/appname/support (or https://support.example.com/appname)

Your privacy policy should match what your app actually does. Don’t promise things you can’t guarantee, and don’t claim you collect nothing if you use analytics, crash reporting, or third-party SDKs that process data.

At minimum, include:

1) App name and developer/company name

2) Effective date and how you’ll notify users of changes (for example: update date on the page)"3) What data you collect (or state that you do not collect personal data, if true)"4) How data is used (account creation, syncing, analytics, support, etc.)"5) Third-party services used (for example: Apple services, crash reporting, analytics, payment processors)"6) Data retention and deletion (how users can request deletion or remove data)"7) Contact method (support email or form)"8) Children’s privacy statement if the app is used by children or if you market to kids (be careful here; requirements can be stricter)

Below is a simple example you can adapt. Replace bracketed sections to match your app’s behavior.

Title: Privacy Policy

Effective date: [Month Day, Year]

[Your App Name] is operated by [Developer/Company Name] (“we”, “us”, “our”). This Privacy Policy explains how information is handled when you use our iOS application and related services (the “App”). Information we collect - Account information: [If you have accounts, list what you collect, e.g., email address, name]. - App usage data: [e.g., basic diagnostics, feature usage, device information]. - Crash and performance data: [e.g., crash logs, performance metrics]. - User content: [e.g., notes, photos, files] stored [on device / in your servers / in third-party storage]. How we use information We use information to: - Provide and improve the App - Sync content across devices (if applicable) - Troubleshoot issues and respond to support requests - Monitor performance and prevent abuse Third-party services We may use third-party services that process data to provide analytics, crash reporting, payments, or hosting. These services may collect information as governed by their own policies. Examples (only include what you actually use): - Apple (App Store, iCloud) - [Analytics provider] - [Crash reporting provider] - [Payment processor] Data retention We retain information only as long as necessary for the purposes described above. You may request deletion by contacting us at [support email]. Your choices - You can delete the App to stop further data collection. - If the App includes an account, you can request access or deletion at: [support email or form]. Contact If you have questions about this Privacy Policy, contact: [support email] Changes We may update this policy from time to time. We will update the effective date at the top of this page.

Your Support URL should help users contact you and find basic troubleshooting steps. A minimal support page usually includes:

- A support email address (mailto link is fine, but also write the address in plain text) - A short FAQ: billing, restore purchases, login problems, data sync, and how to request deletion - App version info: ask users to include iOS version and app version - Response expectations (for example: “We reply within 2 business days”)

Example support page text you can copy:

Support For help with [Your App Name], email us at support@example.com. When contacting support, please include: - Your device model - iOS version - App version - A brief description of the issue Frequently asked questions - How do I restore purchases? [Your steps] - How do I delete my data/account? Email support@example.com with the subject “Data Deletion Request”. - How do I report a bug? Include screenshots and steps to reproduce.