Back to Blog
Why Your App Needs a Data Deletion Policy (And How to Write One)

Why Your App Needs a Data Deletion Policy (And How to Write One)

Apple and Google now require apps that collect user data to provide a way for users to delete their accounts and data. Here's what you need to include.

Starting in 2023, Apple began requiring all apps that support account creation to also support account deletion. This requirement, outlined in App Store Review Guideline 5.1.1(v), has caught many developers off guard — resulting in app rejections and removals.

What Apple Requires

Apple's guidelines state that apps must:

  1. Allow users to initiate account deletion from within the app
  2. Clearly explain what data is deleted and what is retained
  3. Provide a timeline for when deletion will be completed
  4. Offer a way to request deletion if the in-app mechanism is unavailable

This applies to any app that requires users to create an account — including apps that use Sign in with Apple, Google Sign-In, or email/password authentication.

What Google Play Requires

Google Play has similar requirements. Apps must:

  • Provide an in-app mechanism to request data deletion
  • Link to a web-based data deletion form in the app's Data Safety section
  • Clearly describe what data is deleted and what is retained

What Your Data Deletion Policy Must Cover

1. What Gets Deleted

Be specific about what data is removed when a user deletes their account:

  • Profile information (name, email, avatar)
  • User-generated content
  • Purchase history
  • Analytics and behavioral data
  • Device tokens and push notification subscriptions

2. What Gets Retained

Some data may be legally required to be retained even after account deletion:

  • Transaction records (for tax and legal compliance)
  • Fraud prevention data
  • Data required by law enforcement

Be transparent about what you keep and why.

3. Retention Timeline

Specify how long it takes to complete deletion. Typical timelines range from 30 to 90 days. Explain why (e.g., backup retention cycles, fraud prevention windows).

4. How to Request Deletion

Provide multiple ways for users to request deletion:

  • In-app account deletion flow
  • Email address for deletion requests
  • Web form (required for Google Play)

5. Third-Party Data

If you share data with third parties (analytics providers, advertising networks), explain whether deletion requests are forwarded to them.

How to Add Account Deletion to Your App

For iOS apps, the simplest implementation is:

  1. Add a "Delete Account" option in Settings
  2. Show a confirmation dialog explaining what will be deleted
  3. Send a deletion request to your backend
  4. Process the deletion within your stated timeframe
  5. Send a confirmation email to the user

Generate Your Data Deletion Policy

PrivacyPolicyGen.io can generate a complete Data Deletion Policy for your app in seconds, covering all App Store and Google Play requirements.

Ready to generate your legal pages?

Start free with $1 in Claude AI credits. No credit card required.

Generate Free →