II.
Workflow overview
Reference · liveworkflow:mobile-app-privacy-review
Mobile App Privacy Review overview
Reviews mobile application privacy practices before release -- auditing runtime permission requests against actual feature usage to eliminate over-permissioning, analyzing network traffic for undisclosed data collection by third-party SDKs, validating app-store privacy-nutrition-label accuracy against actual data-handling practices, reviewing App Tracking Transparency and GDPR consent-flow implementations, assessing data-retention policies for locally stored user data, verifying data-deletion API compliance with right-to-erasure requirements, and testing privacy controls across device types and OS versions. Produces privacy review report and app-store privacy-label update. Excludes general functional QA.
Attributes
displayName
Mobile App Privacy Review
workflowKind
governance
triggerType
event-driven
typicalCadence
per-release
complexity
cross-team
description
Reviews mobile application privacy practices before release -- auditing
runtime permission requests against actual feature usage to eliminate
over-permissioning, analyzing network traffic for undisclosed data
collection by third-party SDKs, validating app-store
privacy-nutrition-label accuracy against actual data-handling practices,
reviewing App Tracking Transparency and GDPR consent-flow
implementations, assessing data-retention policies for locally stored
user data, verifying data-deletion API compliance with right-to-erasure
requirements, and testing privacy controls across device types and OS
versions. Produces privacy review report and app-store privacy-label
update. Excludes general functional QA.
Outgoing edges
applies_to_domain3
- domain:mobile·DomainMobile
- domain:security·DomainSecurity
- domain:legal·DomainLegal
involves_role3
- role:security-reviewer·RoleSecurity Reviewer
- role:staff-engineer·RoleStaff Engineer
- role:product-designer·RoleProduct Designer
performed_by_org_unit3
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:frontend-team·OrgUnitFrontend Team
- org-unit:legal-team·OrgUnitLegal Team
requires_skill_area2
- skill-area:ios-native·SkillAreaiOS Native Development
- skill-area:android-native·SkillAreaAndroid Native Development
triggers_responsibility2
- responsibility:security-review·ResponsibilitySecurity review
- responsibility:threat-modeling·ResponsibilityThreat modeling
Incoming edges
None.