Privacy Considerations For Apps That Monitor User Location

Summarise with: ChatGPT Perplexity Microsoft Copilot

---

Table of Contents

• What Type of Apps Monitor User Location?
• What Are My Legal Requirements For Monitoring Location Data?
• What Are My Commercial Requirements For Monitoring Data?
• Best Practice Checklist
• Key Takeaways

Most mobile apps have capabilities to monitor users’ location and collect their data. Your app may want to monitor or collect location data for many reasons, such as delivering a personalised experience. However, there is increasing user concern about how businesses collect and use their location data.

If you are an app developer or an owner of an app business, you must ensure your mobile app complies with privacy requirements. This article explains the main privacy considerations for apps that monitor user location. 

What Type of Apps Monitor User Location?

Every app may have a reason to monitor and collect location data. However, the most popular types of apps that rely on user location data include:

• map-based apps. For example, Google Maps monitors location data to help you choose a local restaurant nearby;
• transport apps. For example, Uber requests your location so that their drivers know where to find and pick you up.  
• social networking apps. For example, Facebook monitor location data so they tailor advertising based on your location;
• dating apps. For example, Tinder relies on your location data to match you with other users who are within the same geographical area; and
• fitness apps. For example, the Nike+ Run Club app monitors your location so it can measure how you are meeting your fitness goals.

The list is not exhaustive. However, if location data is at the centre of your app’s operation, you should be particularly mindful of your legal and commercial requirements.  

What Are My Legal Requirements For Monitoring Location Data?

As a mobile app that monitors user location, you may have to comply with the federal Privacy Act. The law regulates how businesses handle personal information, which is defined as information about an identified individual or information that could identify someone. That may include the monitoring of user location and user activity patterns. In addition, the law outlines the need for businesses to have a privacy policy.

However, the law only applies to businesses with an annual turnover of at least $3 million. Some exceptions exist, including if your business is:

• a health service provider;
• trading in personal information (such as buying or selling email lists to other businesses); or
• a contractor providing services under a Commonwealth contract.

If you are just starting up, it is unlikely you have to comply with the legal requirement. However, many small businesses adopt the legal requirements as it provides a useful framework on how to best protect the personal information of their customers. Showing your customers that you care about their privacy can also help create trust within your brand.

What Are My Commercial Requirements For Monitoring Data?

However, as a mobile app, you will most likely to be selling your app on an app marketplace such as the Apple App Store or Google Play. Both marketplaces insist that developers, regardless of business size, must have a privacy policy with their app. Furthermore, both marketplaces have guidelines on how to manage the use of location data.

For example, under Apple Store’s guidelines, apps should only use location services when they are “directly relevant to the features and services provided by the app”.

Therefore, even if you are not legally required, you will have to comply with your requirements.

Best Practice Checklist

1. Create a Privacy Policy

Your privacy policy should include the following key terms:

• what kind of personal information you collect, including location data;
• the purposes for which you collect information;
• when you disclose information to third parties;
• how app users can control their information, such as corrections, consent, and unsubscribing;
• how you store information; and
• cookies.

2. Collect Location Data Only When Required

The Privacy Act says that you should only collect information when it is required or relevant to deliver your app.

Other apps may only use location services to enter users’ location during the registration process, so they can tailor their services to your location. At all times, you should turn off location monitoring unless the user consents. The App Store also requires that you list reasons why you collect your location data in your app.

Most devices allow you to turn your location services on and off. You may also wish to add a privacy dashboard within your app for users to select when they consent to the collection of certain data, including location data.

3. Obtain Consent From Your App Users

It is best practice to notify app users that you are collecting certain information, including location data, and to receive consent to collect it. Users usually access apps intermittently so you should try to remind them when you will be collecting location data.

The Apple Store also provides human userface guidelines on how to obtain consent from your users that complies with privacy but does not intrude on their experience of the app.

Key Takeaways

If you have less than $3 million in turnover, you are not legally required to have a privacy policy for an app that monitors user’ location. However, if you want your app to be a commercial success, you will need to comply with privacy requirements on the App Store or Google Play. You should:

• always include a privacy policy that explains why and how you monitor location data;
• ensure you collect location data that is necessary for the function of the app; and
• request consent from your users before monitoring their location.

If you have any questions or need help with your app’s privacy policy, get in touch with LegalVision’s IT lawyers on 1300 544 755 or fill out the form on this page.