Summary
Apple found that embedded SDKs or their data practices are not disclosed clearly enough in store-facing privacy materials.
App Store App Review issue
App Store SDK disclosure rejected
Apple found that embedded SDKs or their data practices are not disclosed clearly enough in store-facing privacy materials.
app store sdk disclosure rejectedapple sdk disclosure rejectionthird party sdk app store rejection
Fix App Store review issues before the next submission
Use LogicSpring to run a free precheck, regenerate the right policy or disclosure pack, and shorten the loop from rejection notice to resubmission.
What this means
The app binary contains third-party SDKs whose collection or sharing behavior is not reflected in the policy, App Privacy answers, or review notes.
This is especially common for analytics, ads, social sign-in, support chat, and attribution SDKs.
Apple increasingly checks SDK-related disclosures more closely with privacy manifests and runtime behavior.
Common causes
- The SDK inventory is incomplete or outdated.
- Identifiers, diagnostics, or tracking-related categories driven by SDKs are missing from App Privacy answers.
- Review notes do not explain test environment differences or disabled SDK modes clearly.
Step-by-step fix
- Step 1
Generate a fresh SDK inventory from the release branch and verify what actually ships in the binary.
- Step 2
Update App Privacy answers and policy vendor disclosures from that inventory.
- Step 3
Strip nonessential SDKs from the build if the disclosure risk is too high for the current release timeline.
What to update
- SDK inventory
- App Privacy answers
- Privacy Policy vendor sections
- Review Notes
How LogicSpring helps
- LogicSpring stores SDK inventory with the project so policy and submission fields stay in sync.
- Precheck surfaces likely disclosure debt caused by late SDK additions.
- You can export a cleaner reviewer package instead of stitching together notes manually.
FAQ
Can I resubmit to App Store without changing the binary?
Only if the issue is purely metadata or disclosure copy. If the current build behavior still conflicts with the policy, permissions, or SDK inventory, you usually need a new build.
What evidence should I prepare before resubmitting?
Prepare the updated public policy URL, the exact store fields you changed, screenshots for permission or disclosure flows where relevant, and a short reviewer note explaining what changed and why it now matches the app.
Should the privacy policy, store form, and in-app disclosure all match?
Yes. Review teams compare these surfaces together. If one says you collect or disclose something and another says you do not, the mismatch itself often becomes the next rejection.