Cerrar
View Categories

How to publish your apps

Privacy Policy #

Both Google Play and Apple Store will require that your app has a Privacy Policy. Here is some basic data about Situm to help you include a reference in case you integrate Situm SDK in your app. Please note that this is just a guideline, this does not constitute legal advice: you should always do the appropriate due diligence:

  • Privacy Policy: https://situm.com/en/privacy
  • Master Subscription Agreement: https://situm.com/assets/docs/situm-masteragreement.pdf
  • Security Info: https://situm.com/docs/hosting-data/
  • Data Processed. Typically, it will be (more info here):
    • Unique device identifier (pseudoanonimized)
    • Device brand, model, and hardware/firmware version
    • Operating system and version
    • Sensor data (e.g., accelerometer, gyroscope)
    • Nearby wireless elements (e.g., Wi-Fi access points, Bluetooth beacons)
    • Device geolocation
    • Building maps, points of interest, and navigation routes
    • Network interaction data (e.g., IP address, crash logs, activity logs)
  • Purpose of Processing. You should state the purpose of this data collection / processing.
    • Typically, this data will be used exclusively to enable indoor positioning, navigation, and wayfinding features in the app. Sometimes, you may also use it to retrieve indoor analytics (e.g. knowing the most visited areas of a venue) or to track specific persons (e.g. for employee tracking apps).
    • Example: “We use indoor positioning services powered by Situm to provide turn-by-turn navigation and contextual information based on your location within a building.”
  • Hosting. Situm hosts data within the European Union. More info here.
  • Use of subprocessors. Situm uses the subprocessors described in our Master Subscription Agreement, Annex II.

Google Play – Things to consider #

When uploading your app to Google Play, there are four areas within the App Content section of the Play Console that are directly related to Situm and will require your attention:

  1. Privacy Policy – Your app must include a privacy policy that reflects Situm’s data usage and complies with Google Play’s requirements.
  2. Foreground Permissions – You must explain why your app uses location data, including Foreground Service Permissions usage
  3. Data Safety – You’ll need to disclose what user data is collected and how it’s used. Situm may process location data and device identifiers, so you must declare this transparently.
  4. Data Security – You will need to answer questions related to data encryption.

Foreground Service Permissions #

The Situm SDK includes a declaration for a foreground service in its Android manifest. As a result, any app integrating the SDK will be required to justify the use of this service when publishing to Google Play.

Specifically, Google Play mandates that developers:

  1. Declare the reason for using a foreground service. For Situm SDK, the appropriate reason is:
    “Navigation”.
  2. Provide a URL to a video demonstration showing the foreground service in use during actual navigation within your app.
    • This video must clearly show that the service is being used to provide turn-by-turn or continuous navigation to the user, justifying the background location and foreground service usage.
    • To this extent, you should compute a navigation and clearly show that the “Foreground Service Notification” is being shown to the user even when the app goes to background.
      • Note: In some modern Android versions, this notification might not be 100% clear / visible if the user didn’t grant POST_NOTIFICATIONS permission. You might need to grant it to record the video.
    • Here’s an example on how we did it in our of our apps, you may use it as inspiration when recording your video: Sample Video.

Data Safety #

The Situm SDK requires access to certain types of data in order to function properly.

Therefore, when publishing an app that integrates Situm, developers are required to complete the “Data Safety” section in the Google Play Console and declare all relevant data collection, sharing, and usage practices, as outlined by Google:

Data Types Collected #

  • Location data: Situm collects precise location data to provide indoor positioning and navigation services.
    • Collected: Yes
    • Shared: No
    • Purpose: App functionality
    • User control: Users cannot disable this data collection, as it’s essential for the service to work.
  • Device or other identifiers (e.g., a unique device pseudo ID): Situm processes a device pseudo identifier.
    • Collected: Yes
    • Shared: No
    • Purpose: App functionality
    • User control: Not user-configurable.

Data Security #

All data handled by the Situm SDK is encrypted in transit and at rest, which allows integrators to confidently answer “Yes” to the relevant data security questions in the Play Console.

Apple Store – Things to consider #

When submitting your app to the Apple App Store, there are several areas where Situm SDK’s use of location and device data must be declared. Below are the required steps to ensure compliance with Apple’s guidelines:

Info.plist #

You must add the appropriate permission keys in your Info.plist file to request user consent for location usage. Specifically, include:

  • NSLocationWhenInUseUsageDescription
  • NSLocationAlwaysAndWhenInUseUsageDescription
  • (Optional) NSMotionUsageDescription – Only if you will use the barometer sensor (only for indoor venues with multiple floors).

Reference: Situm Docs – Grant App Permissions (iOS)

App Privacy Questionaire #

When uploading your app, Apple will ask some questions about the data processed.

  1. Click on Begin button to start the questionnaire.
  2. Select the “Yes, we collect data from this app.“ option. Click Next.
  3. Select “Exact location“ and “Coarse location“.
  4. Then, for each one of the options selected before:
    1. Check both “Analytics“ and “App Functionality” and click on Next.
    2. Select “No, precise location data collected from this app is not linked to the user’s identity”.
    3. Select “No, we do not use precise location data for tracking purposes“.

Privacy Report #

You are required to provide information about your app’s data usage via a Privacy Report, which includes any data access declared by Situm SDK.

To generate it:

  1. Open Xcode and archive your app.
  2. Select the archive → Right-click → Choose “Generate Privacy Report”.

This will export a PDF file showing your apps data accesses included those used by your depencencies. You may need to manually review the report and ensure the information related to Situm SDK is complete and accurate.

If you’re unsure about what Situm declares in its Privacy Manifest, here’s our Privacy Manifest:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>NSPrivacyCollectedDataTypes</key>
    <array>
        <dict>
            <key>NSPrivacyCollectedDataType</key>
            <string>NSPrivacyCollectedDataTypePreciseLocation</string>
            <key>NSPrivacyCollectedDataTypeLinked</key>
            <false/>
            <key>NSPrivacyCollectedDataTypeTracking</key>
            <false/>
            <key>NSPrivacyCollectedDataTypePurposes</key>
            <array>
                <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
            </array>
        </dict>
        <dict>
            <key>NSPrivacyCollectedDataType</key>
            <string>NSPrivacyCollectedDataTypeDeviceID</string>
            <key>NSPrivacyCollectedDataTypeLinked</key>
            <false/>
            <key>NSPrivacyCollectedDataTypeTracking</key>
            <false/>
            <key>NSPrivacyCollectedDataTypePurposes</key>
            <array>
                <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
            </array>
        </dict>
        <dict>
            <key>NSPrivacyCollectedDataType</key>
            <string>NSPrivacyCollectedDataTypeProductInteraction</string>
            <key>NSPrivacyCollectedDataTypeLinked</key>
            <false/>
            <key>NSPrivacyCollectedDataTypeTracking</key>
            <false/>
            <key>NSPrivacyCollectedDataTypePurposes</key>
            <array>
                <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
            </array>
        </dict>
        <dict>
            <key>NSPrivacyCollectedDataType</key>
            <string>NSPrivacyCollectedDataTypeSearchHistory</string>
            <key>NSPrivacyCollectedDataTypeLinked</key>
            <false/>
            <key>NSPrivacyCollectedDataTypeTracking</key>
            <false/>
            <key>NSPrivacyCollectedDataTypePurposes</key>
            <array>
                <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
            </array>
        </dict>
        <dict>
            <key>NSPrivacyCollectedDataType</key>
            <string>NSPrivacyCollectedDataTypePerformanceData</string>
            <key>NSPrivacyCollectedDataTypeLinked</key>
            <false/>
            <key>NSPrivacyCollectedDataTypeTracking</key>
            <false/>
            <key>NSPrivacyCollectedDataTypePurposes</key>
            <array>
                <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
            </array>
        </dict>
        <dict>
            <key>NSPrivacyCollectedDataType</key>
            <string>Other diagnostic data</string>
            <key>NSPrivacyCollectedDataTypeLinked</key>
            <false/>
            <key>NSPrivacyCollectedDataTypeTracking</key>
            <false/>
            <key>NSPrivacyCollectedDataTypePurposes</key>
            <array>
                <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
            </array>
        </dict>
    </array>
    <key>NSPrivacyAccessedAPITypes</key>
    <array>
        <dict>
            <key>NSPrivacyAccessedAPIType</key>
            <string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
            <key>NSPrivacyAccessedAPITypeReasons</key>
            <array>
                <string>C617.1</string>
            </array>
        </dict>
        <dict>
            <key>NSPrivacyAccessedAPIType</key>
            <string>NSPrivacyAccessedAPICategorySystemBootTime</string>
            <key>NSPrivacyAccessedAPITypeReasons</key>
            <array>
                <string>35F9.1</string>
            </array>
        </dict>
        <dict>
            <key>NSPrivacyAccessedAPIType</key>
            <string>NSPrivacyAccessedAPICategoryUserDefaults</string>
            <key>NSPrivacyAccessedAPITypeReasons</key>
            <array>
                <string>CA92.1</string>
            </array>
        </dict>
    </array>
</dict>
</plist>

Updated on 30/05/2025

Subscribe to our newsletter

BASIC INFORMATION ON DATA PROTECTION

Data controller: SITUM TECHNOLOGIES, S.L.
Contact: Data controller: situm@situm.es
Responsible for protection: dpo@situm.es
Purpose and legal basis: To manage the sending of SITUM newsletters only with consent.
Legitimation: Express consent of the interested party.
Recipients: The data will not be passed on to third parties with the exception of legal obligations.
Retention period: As long as the interested party remains subscribed to the newsletter (a link to unsubscribe will be available in each newsletter sent by Situm).
Rights: The interested party may at any time revoke their consent, as well as exercise their rights of opposition, access, conservation, rectification, limitation, deletion of data and not be subject to a decision based only on automated data processing, by writing to SITUM at the addresses indicated.
Additional Information: You can consult additional and detailed information on Data Protection in our privacy policy.

Please, download your copy here

Thank you for downloading our whitepaper. Please do not hesitate to contact us if you would like to know more about how our solutions can help your business. Download whitepaper


Close window