Skip to main content

Bundles/mobile-permissions-privacy

Mobile Permissions & Privacy Audit

mobile-permissions-privacy · v1.1.0 · paid

Evaluates runtime permission requests, privacy manifest compliance, data handling disclosures, and permission graceful degradation.

Permission Requests

permission-requests · weight 0.3

App requests only necessary permissions
ab-001892
critical
Privacy manifest file exists and is complete for iOS
ab-001893
critical
Permission rationale provided before request prompts
ab-001894
high
Permissions requested at point-of-use, not on app launch
ab-001895
high
Sensitive permissions use proper permission API
ab-001896
high
Location permission distinguishes between always/when-in-use/never
ab-001897
high

Privacy Compliance

privacy-compliance · weight 0.3

No sensitive data stored in device shared preferences or NSUserDefaults
ab-001898
critical
Keychain/Keystore used for sensitive data storage
ab-001899
critical
GDPR/CCPA consent UI displayed where required
ab-001900
high
User data deletion mechanism implemented
ab-001901
high
Privacy policy linked in app metadata or UI
ab-001902
high
Crash logs exclude sensitive user data
ab-001903
medium
Third-party SDKs comply with privacy requirements
ab-001904
medium

Data Handling

data-handling · weight 0.25

Data collection purposes disclosed to users
ab-001905
medium
Photo library permission limited to selected photos on iOS 14+
ab-001906
low
Analytics tracking can be disabled by user
ab-001907
low
Biometric authentication uses LocalAuthentication API
ab-001908
medium
Advertising ID reset capability provided
ab-001909
low

Graceful Degradation

graceful-degradation · weight 0.15

App gracefully handles permission denials
ab-001910
medium
Denied permissions do not crash the app
ab-001911
medium
Permission status checking implemented before API calls
ab-001912
low
App privacy label/permissions summary visible on app store
ab-001913
low