Allow me to draw your attention to this Windows Phone application Certification Requirement:
Requirement 2.7.2 The privacy policy of your application must inform users about how location data from the Location Service API is used and disclosed and the controls that users have over the use and sharing of location data. This can be hosted within or directly linked from the application.
Should you submit an application that uses Location Service API and do not provide a privacy policy you will get a friendly response from the certification something like this:
Fail: It appears the application uses location services but does not include a privacy policy describing how the application uses the Location Service API and what control users have over the usage and sharing of information obtained through that usage.
Did you know Microsoft employs more Attorneys than Developers? That’s totally not true! We have a platoon of attorneys and a battalion of developers. We’re a software company. But don’t screw with us! Just kidding – sort of.
Why do you need a Privacy Policy?
A Privacy Policy is necessary when you deal with personal information. A person’s current location (from the Location Services API) is considered personal information. And, of course, because the marketplace certification requirements say so.
Consider: Yes this may seem like a pain! But consider the user. They don’t know what mysteries you are tinkering with behind the scenes. You are their friend. You are their advocate. And, frankly, if you aren’t – who is? The user isn’t bashful to click that UNINSTALL button on apps they don’t trust. At the same time a policy is also for you, the developer. You need to help the user – but you also need to establish the rules you are playing by. This makes the user happy and far less shocked or angry when they realize you are doing something (anything!) with their personal data. The certification requirement is for the user; hopefully, you can see why it is also for you.
What is a Privacy Policy?
Thank you wikipedia:
Privacy policy is a statement or a legal document (privacy law) that discloses some or all of the ways a party gathers, uses, discloses and manages a customer or client's data. Personal information can be anything that can be used to identify an individual, not limited to but including; name, address, date of birth, marital status, contact information, ID issue and expiry date, financial records, credit information, medical history, where you travel, and intentions to acquire goods and services. In the case of a business it is often a statement that declares a party’s policy on how it collects, stores, and releases personal information it collects. It informs the client what specific information is collected, and whether it is kept confidential, shared with partners, or sold to other firms or enterprises.
May I summarize? A privacy policy promises users how you will use their information.
Could I get sued?
Are you kidding? We could all get sued – by anyone, for any thing, at any time. The better question is: “If I get sued am I in deep snow?” Well… every situation is different; should the plaintiff resurrect Jonny Cochran you might be up Snow Creek regardless of the details. But the purpose of a policy is to give your users options and give you guidelines. Just remember this: you need to obey your own privacy policy.
How do you write a Policy?
I use Microsoft Word. But that’s not useful, is it? The reality is you just do it (see the warning at bottom). The most important thing for you to know is that I am not going to write your privacy policy. A privacy policy should be tailored to suit your unique situation. Even if your situation is identical to mine, it is important that you take care to ensure your privacy policy meets your needs.
Note: you don’t need an airtight, attorney-written policy to be marketplace certified. You just need a policy. They don’t judge the merit of your policy (they are not your adjunct legal staff). They just ensure you have a policy – end of story. However, that doesn’t mean you don’t need an airtight, attorney-written policy. See the difference?
Here’s my Policy
I have an application in the Marketplace that uses the Location Services API. I needed a privacy policy. Here’s how I wrote it:
Imitation is the best compliment, right? So, let’s look at important parts of Microsoft’s Privacy Policy:
In order to access some Microsoft services, you will be asked to sign in.
Microsoft collects and uses your personal information to operate and improve its sites and services.
Personal information collected on Microsoft sites and services may be stored.
Except as described in this statement, we will not disclose your personal information outside of Microsoft.
We may also disclose personal information as part of a corporate transaction.
Microsoft is committed to protecting the security of your personal information.
You have the ability to accept or decline cookies.
If you have questions regarding this statement, you should first contact us
Let me rewrite those for my app:
This application uses your current location.
This is used to improve the mapping experience.
This may be stored.
This may be shared.
Your privacy is important to us.
At any time, you can disable this function.
If you have questions, contact email@email.com
Now let’s turn it into my policy statement:
Your privacy is important to us. This application uses your current location to improve your mapping experience. This may be stored and shared. You may disable Location Services. If you have questions, contact email@email.com.
How to use it?
Implementing a settings page that incorporates your privacy policy and user consent is the best thing.
Something like this:
With this XAML:
In the code above, the only tricky thing to notice is that   is equivalent to an HTML character (which is a space). Using <Underline> in a TextBlock strips adjacent spaces.
With this code behind:
In the code above, we do a few things. First we assume the setting is true if never set. This means the user is opting out. Your code might want to do the reverse. Then, see the EmailComposeTask? This helps the user by pre-composing the email message (if they want to ask a question) and calling Show() lets the Windows Phone OS do the rest – they will get the typical email dialog and are required to push Send.
Conclusion
Nobody installs an application that isn’t in the marketplace. And no application that uses Location Services gets into the marketplace without a privacy policy.
Hopefully this will give you a little guidance on meeting Requirement 2.7.2 for certification.
Major Warning
This blog article is not legal advice. I do not represent you. In fact, I don’t even know you. When you create a privacy policy, you could be doing it wrong. Perhaps you have an attorney friend you could ask. Perhaps you just want to risk it. Or, perhaps you want to reach out to an attorney professionally. Please don’t let this blog be your legal guide.
Now, start developing!
Best of luck!