This is how we protect your privacy.

We’re committed to keeping your personal information safe. That’s why we innovate ways to safeguard your privacy on your device, why we’re up front about how we personalize your experience, and why we equip developers with the best tools to protect your data.

We build safeguards into our products to protect your privacy.

Your personal data should always be protected on your device and never shared without your permission. So we build encryption, on-device intelligence, and other tools into our products to let you share what you want on your terms. We also use techniques like Differential Privacy to improve user experiences while protecting the information you share with Apple. Differential Privacy adds random information to your data before it’s analyzed by Apple, so we can’t link that data to your device. Instead, patterns appear only when the data is combined with the data from many other users, because the random additions average out. These patterns help Apple gain insight into how people are using their devices without collecting information about an individual.

Learn more about differential privacy (PDF)

Encryption

Encryption protects trillions of online transactions every day. When you’re shopping, paying a bill, or using iMessage or FaceTime, you’re using encryption. It turns your data into indecipherable text that can be read only by those with the right key. We were one of the first companies to automatically include native operating system‑supported disk encryption with FileVault in macOS and data protection in iOS. We also refuse to add a backdoor into any of our products.

iMessage and FaceTime

We use end-to-end encryption to protect your iMessage and FaceTime conversations across all your devices. With watchOS and iOS, your messages are encrypted on your device so that they can’t be accessed without your passcode. We designed iMessage and FaceTime so that there’s no way for us to decrypt your data when it’s in transit between devices. You can choose to automatically delete your messages from your device after 30 days or a year or to keep them on your device forever.

Third-party apps that use iMessage do not have access to participants’ actual contact information or conversations. iOS provides each app with a random identifier for each participant, which is reset when the app is uninstalled. iMessage and SMS messages are backed up on iCloud for your convenience, but you can turn iCloud Backup off whenever you want. And we never store the content of FaceTime calls on any servers.

Health and Fitness

The information you add about yourself in the Health app is yours to use and share. You decide what information is placed in the Health app as well as who can access your data. When your phone is locked with a passcode, Touch ID, or Face ID, all your health and fitness data in the Health app is encrypted. And any Health data backed up to iCloud is encrypted both in transit and on our servers.

We also require apps that work with HealthKit to provide a privacy policy for you to review. Your data in the Health app and your activity data on Apple Watch are encrypted with keys protected by your passcode.

If you decide to stop sharing your activity data with another user, then the other user’s device is instructed to delete any historical activity stored. You also have the ability to hide your activity, for instance, when you’re on vacation.

Analytics

Your iOS device can collect analytics about your iOS device and any paired Apple Watch and send it to Apple for analysis. The collected information does not identify you personally and can be sent to Apple only with your explicit consent. Analytics may include details about hardware and operating system specifications, performance statistics, and data about how you use your devices and applications. When it’s collected, personal data is either not logged at all, removed from reports before they’re sent to Apple, or protected by techniques such as Differential Privacy.

The information we gather from Differential Privacy helps us improve our services without compromising individual privacy. For example, in iOS 10, this technology helped improve QuickType and emoji suggestions, as well as Lookup Hints in Notes.

We now identify commonly used data types in the Health app and web domains in Safari that cause performance issues. This information will allow us to work with developers to improve your experience without revealing anything about your individual behavior.

If you give your explicit consent, Apple can improve intelligent features by analyzing how you use iCloud and the data from your account. Analysis happens only after the data has gone through privacy‑enhancing techniques so that it cannot be associated with you or your account.

Safari

Safari was the first browser to block third-party cookies by default and offer Private Browsing. We automatically work to prevent suspicious sites from loading. We also use sandboxing to keep harmful code confined to a single browser tab so that it can’t reach the rest of your data.

We have enabled app developers to use Safari content blockers in iOS and make them more effective on macOS. You can control what content is loaded onto your browser and block content from anyone attempting to track your activity on a website or across websites. We also designed Safari content blocker support so that it can’t send information to developers about the sites you visit.

With iOS 11 and macOS High Sierra, we’ve introduced Intelligent Tracking Prevention. You may have noticed that when you look at something to buy online, you suddenly start seeing it everywhere else you go on the web. This happens when a third party tracks cookies and other website data to feed you ads across various websites. Intelligent Tracking Prevention uses the latest in machine learning and on-device intelligence to reduce this cross-site tracking. It works by separating the third‑party content used to track you from other browsing data, so what you look at on the web remains your business — not an advertiser’s.

iCloud

All your iCloud content — like photos, contacts, and reminders — is encrypted when it’s transferred and, in most cases, when stored on our servers. We also encrypt the information that is transferred between any email app you use and our iCloud mail servers.

Encrypted iCloud Data

  • Photos
  • Documents
  • Calendars
  • Contacts
  • iCloud Keychain
  • Backup
  • Bookmarks
  • Reminders
  • Find My iPhone
  • Find My Friends
  • Mail (encrypted in transit)
  • Notes

With iCloud sharing, the identities of participants are never made available to anyone who has not been invited to and accepted a private share. The names of your shared files and the first and last name associated with your iCloud account are available to anyone who has access to the sharing link, including Apple.

If we use third-party vendors to store your information, we encrypt it and never give them the keys. Apple retains the encryption keys in our own data centers, so you can back up, sync, and share your iCloud data. iCloud Keychain stores your passwords and credit card information in such a way that Apple cannot read or access them.

With iOS 11 and macOS High Sierra, end-to-end encryption in iCloud syncs certain types of personal data across all your devices in such a way that Apple cannot read or access them.

Learn more about iCloud Security

Education Privacy

We created privacy features and services that are designed specifically for education, like iTunes U. We don’t sell student information and we never share it with third parties to use for marketing or advertising. We don’t collect, use, or disclose student information other than to provide relevant educational services. And we never track students or build profiles based on their email or web browsing.

In addition, Apple has signed the Student Privacy Pledge, further underscoring our commitment to protecting the information students, parents, and teachers share in our schools.

Read the Student Privacy Pledge

Learn more about iTunes U and Privacy

Get a personalized experience and maintain control of your privacy.

Sometimes we use your data to provide you with a more personalized experience. We’re always up front about what we collect from you, and we give you the controls to adjust these settings.

Photos

The Memories feature in the Photos app uses on‑device intelligence to scan your photos and organize them by faces and places. This photo data is shared between your devices with iCloud Photo Library enabled.

With iOS 11, apps can ask for access to a single photo instead of all your photos. In addition, apps that simply need to place a photo in your Photos library can ask only for that access. Apps can still ask for general access to your photos if needed.

Health and Fitness on HealthKit

Improve Health & Activity and Improve Wheelchair Mode send data from iPhone and Apple Watch to Apple so we can increase the effectiveness of health and fitness features. This includes data that is shown in the Health and Activity apps, movement measurements, which other fitness apps you have installed, your approximate location, and how long you have been using Apple Watch. The data is not used for any other purpose and does not include personally identifiable information.

Apple Music

To help Apple Music features like Radio, For You, and Connect reflect your musical tastes, we collect some information about your activity in the app. This is detailed during setup in “About Apple Music & Privacy.” The songs you stream aren’t used by any other service to advertise to you. And if you don’t want to keep your music collection on our servers, you can opt out of iCloud Music Library. iOS puts you in control of which apps can access your Music account and associated details.

The Apple Music Friends feature lets you share your favorite music — and decide which friends can see the music in your profile.

Maps

You don’t have to sign in to use Maps. Personalized features are created using the data on your device. The data Maps collects while you use the app is associated with random identifiers so it can’t be tied to your Apple ID. These identifiers reset themselves as you use the app to ensure the best possible experience and to improve Maps.

Maps extensions that are used in ride-booking and reservation apps run in their own sandboxes and share permissions with their own parent apps. For ride-booking apps, Maps shares only your starting point and destination with the extension. And when you reserve a table at a restaurant, the extension knows only the point of interest you tapped.

Advertising

Ads that are delivered by Apple’s advertising platform may appear in the App Store. Ads in the App Store are marked so you can tap to see why you were served a particular ad. You can also go into Settings to view what data may be used to determine which ads we deliver to you.

Ads in the App Store do not access user data from other Apple services like Maps, iMessage, and iCloud. They also don’t use data from user devices through services and functions such as Health, HomeKit, email, contacts, and call history. In the App Store, your search and download history may be used to serve you relevant search ads.

We give developers powerful tools to protect your data.

Developers can use our Touch ID and Face ID APIs, 256-bit encryption, and app transport security to build apps that keep your data secure. We also require developers to ask for permission and provide an explanation when requesting access to personal information on your device, like your photos and contacts. All apps are sandboxed to better protect your personal information.

Apps

On the App Store, we require app developers to agree to specific guidelines that are designed to protect user privacy and security. When we become aware of an app that violates our guidelines, the developer must address the issue or the app will be removed from the App Store. Apps go through a review process before becoming available on the App Store to make sure that they function the way they are described by the developer. Once an app is installed on your device, you are prompted for permission the first time it tries to access information such as your location or photos. You always have the power to make changes to the permissions you’ve granted. And iOS 11 gives you the control to provide your location to any app only while you’re using it.

We also make sure that there are certain types of data on your device that apps simply can’t access, and that there is no way for an app to ask for complete access to all of your data. We were the first to provide this level of security, and we will continue to build strong safeguards into our platforms.

DeviceCheck

With every iOS release, we reduce the amount of information that apps can attempt to silently access in an effort to track your activity. However, apps sometimes require information — for example, if your device has previously used their services or completed free trials. To continue to protect your privacy while also giving developers the information they need in a privacy-friendly manner, we introduced DeviceCheck in iOS 11. DeviceCheck allows each app to store two true/false flags about a device. The intent of the flags is defined by the developer and is unknown to Apple.

HomeKit

Apps supported by HomeKit are restricted by our developer guidelines to using data solely for home configuration or automation services. Apple does not know what devices you’re controlling or how and when you’re using them. Data related to your home is encrypted and stored in the keychain of your device. It’s also encrypted in transit between your Apple device and the devices you’re controlling in your home. And when you control your accessories from a remote location, that data is encrypted when it’s sent. So Apple doesn’t know which devices you’re controlling or how you’re using them.

When apps perform automatic actions based on your location, such as turning on house lights, these actions are initiated by HomeKit, which makes your location invisible to the app. You can also disable use of your location at any time.

Machine Learning

Apple harnesses machine learning to enhance your experience — and your privacy. We’ve used it to enable image and scene recognition in Photos, and more. Now we’re allowing developers to use our frameworks to create powerful new app experiences that don’t require your data to leave your device. That means apps can analyze user sentiment, classify scenes, translate text, recognize handwriting, tag music, and more without putting your privacy at risk.

ResearchKit and CareKit

ResearchKit and CareKit are open source software frameworks that take advantage of the capabilities of iPhone. ResearchKit enables developers to create apps that let medical researchers gather robust and meaningful data for studies. And CareKit is a platform for developers to create apps that help individuals take a more active role in their own well‑being.

With ResearchKit, you choose which studies you want to join and share with researchers or doctors, and you control the information you provide to individual apps. Apps using ResearchKit or CareKit can pull data from the Health app only with your consent. Any apps built using ResearchKit for health-related human subject research must obtain consent from the participants and must provide information about confidentiality rights and the sharing and handling of data. These apps must also be approved by an independent ethics review board before the study can begin.

For certain ResearchKit studies, Apple will be listed as a researcher, receiving data from participants who consent to share their data with researchers, so we can participate with the larger research community in exploring how our technology could improve the way people manage their health.

Learn more about ResearchKit and CareKit

HealthKit

HealthKit allows developers to create health and fitness apps to share their data with the Health app and with each other. As a user, you have control over which elements of your HealthKit information are shared with which apps. Apps that work with HealthKit are prohibited by our developer guidelines from using or disclosing HealthKit data to third parties for advertising or other data mining purposes. Apps can share data for the purpose of improving your health or health research, but only with your permission. We also require apps that work with HealthKit to provide a privacy policy for you to review.

CloudKit

CloudKit helps keep your preferences, settings, and app data up to date across your devices. Developers use CloudKit to make it easier for you to use their apps because you don’t have to sign in separately. By default, developers don’t have access to your Apple ID, just a unique identifier. If you give your permission, developers can use your email to let others find you in their app. You’re always in control of these permissions and can turn them on or off at any time. Your data isn’t shared with developers unless you choose to share or post publicly.