At Apple, we design our products and services according to the principle of privacy by default and collect only the minimum amount of data necessary to provide our users with a product or service. We provide one version of our software to our users. When we do collect that data, we retain it for only so long as necessary to fulfill the purposes for which it was collected, including as described in our Privacy Policy or in our service-specific privacy notices, or as required by law.

We also deploy industry-leading consent mechanisms to allow our customers to choose whether to share data such as their Location, Contacts, Reminders, Photos, Bluetooth Sharing, Microphone, Speech Recognition, Camera, Health, HomeKit, Media & Apple Music, and Motion & Fitness Data, and more with apps.

Apple has a cross-functional approach to privacy governance. Privacy governance covers all areas of the company and includes both customer and employee data. The Legal Team has a Vice President in charge of Privacy and Law Enforcement Compliance who reports directly to Apple's General Counsel. Apple also has a Privacy Engineering team that partners with the Privacy Legal team and dedicated Product Counsel to design products from the ground up to protect customer privacy and to ensure that we protect that data as long as it remains under the control of Apple. This includes strong processes around ensuring that data collected is used only for the intended lawful purposes.

Apple also has a Privacy Steering Committee chaired by Apple's General Counsel, with members including Apple's Senior Vice President of Machine Learning and AI Strategy and a cross-functional group of senior representatives from Internet Software and Services, Software Engineering, Product Marketing, Corporate Communications, Information Services & Technology, Information Security, Privacy Legal, and the Head of Business Assurance. The Privacy Steering Committee sets privacy standards for teams across Apple and acts as an escalation point for addressing privacy compliance issues for decision or further escalation.

The Privacy Steering Committee also oversees instances where data for which Apple is responsible is managed or hosted by a third party on Apple's behalf. We review those third parties prior to engagement and subsequently through audits and documentation reviews to ensure that they can meet the same standards of security as Apple.

Further, the Audit and Finance Committee of the Board of Directors assists the Board of Directors with the oversight and monitoring of privacy and data security.

All Apple employees are required to take annual training on Business Conduct, which reflects our commitment to respect human rights and to conduct business ethically, honestly, and in compliance with applicable laws and regulations. Privacy training is an essential part of Business Conduct Training. Apple requires its employees who have access to Apple customer data and personal information to undergo an additional Privacy and Security Training course on a bi-annual basis or in response to updated laws such as the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). There is additional tailored privacy and security training provided on a per-team basis to employees who handle or have access to high volumes of data, sensitive personal data, or as additionally required by local law. Adherence to Apple's privacy and security standards including those related to de-identification is subject to audit by the Apple Privacy Compliance Audit & Verification team.

We also have a clear process through our dpo@apple.com email address for employees to raise any privacy queries or questions that they have. A dedicated team manages all queries received to resolution.

As part of our GDPR and human rights work, we undertake Privacy Impact Assessments (PIAs) for our major products and services and integrate PIAs as we develop new products and services. Reviews include assessments of whether there is decision making relying upon algorithmic systems and the impact that such decision making has on individuals and their rights. Risk levels are assigned to all data uses with re-review periods ranging from one to two years depending on the identified risk. If personal data is used for the development of algorithmic systems, in keeping with Apple's industry leading control for users, we provide our users with a means to consent and control such data use. We also fully assess the privacy practices of all acquisitions as part of the PIA process. The PIAs take into consideration how laws affect privacy and assess any associated privacy risks in the relevant jurisdictions in which we operate. PIA reviewers are also trained to identify and highlight potential impacts to freedom of expression. Apple also regularly engages with a wide range of civil society representatives globally on various privacy and freedom of expression issues, including privacy by design and encryption.

Apple maintains current ISO 27001 and 27018 certifications. Apple undergoes yearly re-audits in order to receive these certifications.

Data Security and Incident Response

To make sure your personal data is secure, we strictly enforce privacy safeguards within the company. This means that we use access management and access controls commensurate with the risk to data to ensure access to data is associated with a business need, such as providing you with support. The Apple Platform Security guide provides in-depth technical details on how we have designed our operating systems, including iOS, iPadOS, macOS, and watchOS, as well as our products and services to protect your security, including iMessage, FaceTime, Apple Pay, and iCloud. Apple also makes information available to the public about the Apple Security Bounty program.

When Apple becomes aware that it may have experienced a data security incident that might affect our users' personal data, we have dedicated teams in place to investigate and learn what happened and determine what steps to take in response. If we find any such impact, we work immediately to close it and identify remediation steps including by way of software updates if applicable.

We analyze these facts — in the context of applicable laws, regulations, industry norms, and most of all Apple's established commitment to privacy — to determine whether we should notify affected individuals, or other relevant parties like regulators. Apple ensures that it complies with all applicable laws that require notification about data security incidents without undue delay. We may make such notifications by way of a phone call or email.

That means we conduct prompt investigations and analysis, so that we can provide notification in a timely manner when necessary. We are also committed to providing users that have been affected by an incident with appropriate assistance, which may include information on steps they can take to reduce the risk of harm or support from AppleCare.

Privacy Complaints

If a user makes a privacy complaint that indicates a material privacy issue, we will take steps to remediate that issue at the next reasonable opportunity. In the event that a privacy issue has resulted in a material negative impact on a user or related third party, we will take steps to address that with that user or that other person.

Privacy Policy Updates

When there is a material change to our Privacy Policy, we'll post a notice on the webpage on which our Privacy Policy is posted at least a week in advance of doing so and contact users directly about the change if we have their data on file to do so.

Private Requests for User Information

Apple does not provide user information to any third parties where such information is requested without a clear legal basis that allows Apple to do so. Even in such circumstances, Apple undertakes a thorough review of the legal basis cited, and in the absence of such a legal basis will respond only where compelled to do so via a court order or other equivalent process. Apple is committed to transparency about all such requests and publishes a detailed report that is updated periodically.

De-Identification of Personal Data

De-Identification is the process of removing the association between a set of identifying personal data and an individual such that the data can no longer be used to identify that individual. Within Apple, for data to be considered de-identified, all personal data elements must be removed, including full IP address and any identifiers linked to personal data.

Accountable Data Transfer

Accountability requires organizations to take responsibility for data handling and demonstrate that their practices, systems, policies, and training are achieving Apple’s compliance objectives. With ongoing oversight and assurance reviews, Apple has received privacy accountability certifications for its global privacy program since 2014 that adhere to the Asia-Pacific Economic Cooperation (APEC) Privacy Framework. In APEC countries where Apple operates, the international transfer of personal data collected abides by the APEC Cross-Border Privacy Rules (CBPR) System and the Privacy Recognition for Processors (PRP) System. Apple’s global privacy policy and practices are reviewed by an approved independent third-party Accountability Agent who monitors and enforces compliance with APEC CBPR and PRP program requirements. For remediation and external enforcement, individuals can contact our third-party dispute resolution provider.