Privacy Obligations When Developing Apps in England and Wales

It has become increasingly common for services and businesses to create an app in recent years. Although having a website was previously the best way to engage with audiences, this is no longer the case. Nowadays, the most up-to-date companies try to launch smartphone apps to connect with a broader range of audiences. However, it is crucial to understand your privacy obligations whether your organisation has an app or is looking to develop one. Accidentally breaching these obligations could result in legal consequences for your business. 

This article will explain the legal steps your business will need to take before launching a smartphone app and your privacy obligations.  

What Counts as an App?

Firstly, the term ‘app’ is short for ‘application. Generally speaking, it refers to a program accessible on a phone or tablet (which is not a website). Furthermore, you will need to download an app through an app store which places the program on a mobile device.

Once the user downloads the app, they simply click on the application button to start the software. Additionally, most apps automatically remember the user, so there is often no need to log in repeatedly.

What is the Main Purpose of Having a Mobile App?

Your business should consider launching its app as it can be incredibly convenient for your business and your customers. As a business owner, an app can effectively obtain customer information and is a valuable way of advertising special offers. Additionally, depending on your business’s products or services, an app can be an excellent way for customers to place orders. 

Furthermore, your customers will likely enjoy the convenience of a well-designed app. Ultimately, it saves them from having to type in a website and manually log in. In addition, customers can use apps in almost any location they like as long as they have their phones on them. Further, a mobile app can benefit consumers without a computer or laptop. Moreover, most mobile users prefer apps to websites because they run quickly. Often, apps are also more straightforward than trying to navigate a website on a smaller screen.

What Privacy Obligations Does My Company’s App Have to Meet?

Your main requirement will be to fully state the terms and conditions of using the app before a user downloads it. You will usually do so within a Privacy Policy.

Privacy policies can take various forms depending on the type of app. However, at a minimum, your Privacy Policy should detail:

• the primary use and purpose of your app;
• how your company will store, handle and use each user’s information;
• confirmation that use of the app counts as acceptance of its terms and conditions;
• the security arrangements in place by your business to protect unauthorised access to their data;
• the circumstances in which your company will ban a user from using the app; and
• that they should immediately stop using the app if they disagree with the policy.

Which Users Should We Ban From Using the App?

Unfortunately, your company may need to ban users from using your app for several reasons. Although, your company should target users that try to gain unauthorised access to parts of the app or engage in ‘hacking’. Additionally, you might consider banning users who post offensive comments within the app. For example, this might occur within a product review section.

Apps that sell products with a limited supply also tend to ban users who use computer programs (or ‘bots’) to queue jump or purchase the same items numerous times (‘scalping’).

From a data protection standpoint, your organisation should be most concerned with individuals who appear to be trying to access the personal information of others unlawfully. For example, some companies keep a particular eye on users who hide their IP addresses.

How Will Privacy Policies Help My Company?

Courts and the Information Commissioner’s Office (ICO) often treat these policies as legal contracts. This means that their wording will be helpful in any future dispute over potential breaches of UK data protection law.

Privacy policies are of best assistance to your company when:

• their wording is reasonable and balanced;
• you record the agreement of each app user to its terms;
• its terms are understandable and transparent (i.e. not using complicated legal language).  

Most successful mobile apps ask the user to agree to the Privacy Policy document upon first use of the app (rather than every time). Therefore, your company would be wise to record each user’s agreement. Additionally, it would help to ask them to agree again every time your business updates the app’s Privacy Policy. 

Key Takeaways

In short, creating an app for your business can be highly beneficial. However, as a business owner, you must be aware of the privacy obligations that come with developing an app. The best way to ensure your customers understand the terms and conditions of using your app is through a Privacy Policy. If your company stores and handles a large amount of data through its app or plans to do so in the future, you should consider having a lawyer draft a Privacy Policy for you.

If you need help with a Privacy Policy document or compliance with data protection law, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.

Frequently Asked Questions