App Store Guideline 5.1.2 for crypto exchanges: privacy labels must match the real data flow
Apple Guideline 5.1.2 rejects crypto exchange apps when the declared privacy label, tracking prompt, SDK list or third-party data sharing does not match what the app actually collects. For exchanges, the risk centers on KYC documents, identity data, device identifiers, analytics SDKs, fraud tools, webviews and push/attribution SDKs. The fix is not legal language alone. It is a privacy evidence pack: data-flow map → SDK inventory → privacy label rewrite → ATT/tracking check → Review Notes explanation.
Why 5.1.2 is different from 3.1.5
Guideline 3.1.5 is about whether the exchange may offer services in the regions where the app is available. Guideline 5.1.2 is about whether the app tells users and Apple the truth about data collection, tracking and sharing. A perfect legal opinion cannot fix a privacy label that says "data not collected" while the app uploads ID documents, device identifiers and analytics events.
Crypto exchange apps are high-risk because onboarding naturally touches sensitive categories: identity verification, address, phone, email, payment method, transaction activity, device risk signals and support transcripts. If those flows are handled by SDKs or webviews, the review team can still treat them as part of the app's data practice.
What Apple is trying to reconcile
| Review surface | What Apple checks | Evidence to prepare |
|---|---|---|
| Privacy label | Whether App Store Connect disclosures match the data collected in onboarding, trading, wallet, support and analytics flows. | Privacy label worksheet mapped to each app screen and backend/SDK recipient. |
| KYC / identity flow | Whether identity, documents, selfies, address and verification results are disclosed accurately. | KYC data-flow map, vendor list and user consent copy. |
| SDK behavior | Whether analytics, attribution, fraud, crash and support SDKs collect identifiers or share data externally. | SDK inventory with data types, purposes, tracking status and opt-out behavior. |
| ATT / tracking | Whether tracking claims match use of device identifiers, advertising attribution or cross-app data linking. | ATT decision note and screenshots of prompts or absence of tracking. |
| Review Notes | Whether the reviewer can see what changed since the last 5.1.2 rejection. | Short privacy response tying label updates to SDK and screen-level evidence. |
Typical 5.1.2 rejection wording
Your app's privacy information in App Store Connect does not appear to accurately reflect the data collected by your app. Please update your app privacy details to reflect all data collected from users, including data collected by third-party SDKs or services.
How to read it: the reviewer is not asking for a longer privacy policy. Apple is asking for consistency between the app, the SDKs, App Store Connect privacy answers and the Review Notes. If one SDK or KYC webview collects more than the label says, the label is treated as inaccurate.
The crypto exchange privacy map
Template excerpt: privacy evidence worksheet
Screen / flow. KYC onboarding — document upload and liveness check.
Data collected. Name, date of birth, document image, selfie/liveness result, address, verification status, device/IP risk signals.
Recipient. ████████ KYC vendor, exchange backend, risk monitoring service.
Purpose. Account verification, fraud prevention, regulatory compliance, account security.
App Store Connect mapping. Contact info, identifiers, sensitive info, user content and diagnostics updated in App Privacy details; tracking marked according to SDK inventory.
Common fixes that are not enough
- Updating only the privacy policy. App Review checks App Store Connect privacy details and app behavior, not just the website policy.
- Removing one SDK without checking the rest. Attribution, support, fraud, analytics and crash SDKs can each collect identifiers or diagnostics.
- Ignoring webviews. If a KYC or fiat on-ramp webview collects user data inside the app journey, the reviewer can still ask why the label does not disclose it.
- Answering with legal boilerplate. 5.1.2 is a factual consistency problem: what data, who receives it, for what purpose, and whether tracking occurs.
- Fixing 5.1.2 separately from 3.1.5. For exchanges, privacy, KYC, entity and regional availability often appear in the same review round. The notes should not contradict each other.
Got a 5.1.2 privacy rejection? Send the rejection email, your current privacy label answers and SDK list. We will tell you whether the gap is label wording, SDK behavior, ATT, KYC disclosure or Review Notes.
Audit the privacy gap →The resubmission pack for 5.1.2
- Data-flow map: every onboarding, KYC, trading, wallet, support and analytics flow.
- SDK inventory: vendor, purpose, data types, identifiers, tracking status and opt-out behavior.
- Privacy label rewrite: App Store Connect answers aligned with real collection and sharing.
- ATT/tracking note: why the app does or does not require a tracking prompt.
- Review Notes response: concise explanation of what changed since the rejection.
When 5.1.2 travels with 3.1.5 or 4.3
A crypto exchange can clear the licensing question and still fail privacy review. It can also fix a duplicate-app concern and then get stopped by an SDK mismatch. The safest resubmission treats privacy as part of the same evidence package: the app's entity, regions, KYC flow, SDKs and Review Notes should tell one consistent story.
Frequently asked questions
Does a crypto exchange app need to disclose KYC data in App Store privacy details?
Yes. If the app collects identity documents, selfies, address, date of birth, verification results or related risk signals during onboarding, those flows need to be reflected in App Store Connect privacy answers and supported by consistent Review Notes.
Do third-party SDKs count for 5.1.2 review?
Yes. Apple expects app privacy details to reflect data collected by third-party SDKs and services used in the app. For exchange apps, that commonly includes KYC vendors, analytics, crash reporting, fraud tools, customer support and attribution SDKs.
Can I fix a 5.1.2 rejection by updating the privacy policy only?
No. The privacy policy is only one part of the record. The App Store privacy label, SDK behavior, ATT/tracking status, app screens and Review Notes all need to match the actual data flow.
Should I resubmit immediately after changing the privacy label?
Not until the label has been checked against the app and SDK inventory. If the reviewer opens the same flows and finds another mismatch, the second rejection is harder to explain than the first.
Related guides
- Apple App Review Guidelines — 5.1.2 Data Use and Sharing
- Apple — App privacy details on the App Store
- Apple App Review Guidelines — 3.1.5 Cryptocurrencies