Compliance with Mobile Location Services
Tips to get safer and more transparent access to user location
In the last couple of years, both Apple and Google have been progressively changing how apps can access the user's location. Either by providing users with more options on how to control an app's access to their location, or by forcing companies to provide more transparency about the data that is collected and what it's used for. In 2021, any brand that wants to use location data will need to seriously consider how this kind of functionality is implemented in a mobile app.
Do you really need it?
This is the first question a product team needs to ask. If you intend to use mobile location services without a valid reason behind it, you will probably fail. Suppose you are simply planning to request permission to collect a customer's location without a clear explanation, a well-designed user interface and a set of compliant privacy controls. If that is the case, you should definitely reconsider your approach.
On both platforms, you have two different types of access to location data at your disposal. There are a few differences in how both platforms handle this feature, but in general, they share some concepts that allow apps to access some form of location data.
Foreground Access
This form of access to location data is the most common in applications. Most apps will only need access to the users' location when the app is being used. In most cases, this access is needed to show the user's location in a map, show nearby points of interest or display any other type of content based on a user's location.
In Notificare, this kind of access will allow you to create geo-targeted content. In most cases, this takes the form of geo-targeted messages sent to all users in a certain location at a certain time or in-app content displayed based on the current user location.
Background Access
There are also some use cases where apps want to provide functionality that require a more intrusive form of location updates. In most apps, the reason behind this kind of access is to provide geo-fencing. This functionality is available in Notificare in order to provide your app with the ability to send highly contextual and personalized notifications when users enter or leave a particular area. For this kind of access, apps will need to demonstrate that this is critical to their app's core functionality, that it provides clear benefits to users and that it's done in a clear way.
A successful app wants to go the extra mile to correctly implement these features in both cases. Besides the technical implementation, which is something Notificare makes extremely easy, brands will also need to consider how this translates to a clear and attractive user interface, a convenient way of display information on how data is processed, stored, retained and cleared and how users can opt-out at any time.
Requesting Access
A successful strategy starts here. In most cases, access to users' location is only needed after they had some time to play around with your app or interact with a certain feature that requires their location. Although this sounds sensible, many apps simply ignore this and prompt users with a permission request the first time they open the app. Unless your app has a reason to do this (e.g., your app needs the user location to actually work) this is something you should avoid. Of course, if you take the time to properly onboard users and include access to location services as an integral part of your app, this is something most users will understand and happily opt-in.
If the user's location is not needed for your app to work, best practices dictate that apps should only request access to location when it is really needed. For example, suppose your app wants to show users all the nearby stores on a map. In that case, this access should only be requested at that time, upon user interaction, and only after demonstrating clear benefits and responsible handling of their data.
For features like geo-fencing, where location data is needed even when users are not using the app, if your app does not depend on those features to provide its core functionality, it is also imperative that you only request this access after you've previously requested access to foreground location. For example, after requesting access to a user's location to display nearby stores on a map, and only after that permission has been given you want to show an option to request permission to access their location in the background. In most cases, this will translate to offering users the possibility to receive suggestions about products or offer discounts when they are in proximity.
Once again, demonstrating all the benefits and how you handle this data is mandatory in order to create trust and be compliant with both Apple's and Google's guidelines as well as government regulations in general.
Data Retention
In Notificare, privacy is at the core of our platform. We help brands to become compliant with government rules by providing all the necessary mechanisms to handle user data. This also includes managing users' locations, including how we treat both geo-position and historical location data. In most cases, this means that security officers, developers, or any other staff member have all the features they need to define how Notificare stores and retains this data.
We've made it extremely easy to define how location data is available and discarded when not needed by providing data controls for both user-specific location and historical location sessions.
User Control
It is also important to mention that users are always in control. Both iOS and Android made it really easy for users to grant or revoke an app's access to users' location. Best practices also dictate that you should offer users a way to opt-out from within the app. When using Notificare, this is also pretty simple and our libraries provide all you need to stop tracking users and removing all their location data on-demand.
We've also made it easy for apps to request only the permissions they need, to start and stop collecting data, to get information about the authorization level users allowed, and ultimately how this sensitive data is discarded.
App Approval Process
Lastly, both the Apple Store and Google Play have recently improved their app submission process and how apps are screened for this kind of functionality before allowing you to be visible in their stores. Their processes are very similar. Before an app is available for download, it must go through an approval process where the app must meet a predefined set of guidelines, including clear rules in how you use location data.
This ultimately translates into a review process on how you implement these features, how you explain this functionality works, what kind of data is collected, and how you treat it. You will be requested to fill in privacy control forms with all this information and even provide videos of how some functionality works.
In Notificare, a pre-defined set of location data is stored. By default, we will automatically collect the following location data for you when a user allows this functionality:
- Latitude
- Longitude
- Altitude
- Bearing
- Speed
- Accuracy
- Date
Additionally, when users allow you to collect data in the background, we will also collect an historical record of visits when they enter or leave any of your geo-zones:
- Enter Date
- Latitude
- Longitude
- Longitude
- Altitude
- Bearing
- Speed
- Accuracy
- Exit Date
All this data is linked to specific users or devices and will remain available for as long as you want, respecting the data retention policy you specify in our dashboard. It is imperative that you describe these whenever you draft a privacy policy for your apps.
Are You Ready?
A successful engagement strategy heavily depends on how you handle location services and location data. More than ever, access to a user's most personal data needs to be handled responsibly. As always, our team remains available for any question you might have. Simply drop a message in our Support Channel if you have any doubts.