Back to Insights Back to Insights

Complying with the UK General Data Protection Regulations (UK GDPR) is something that all businesses developing and distributing mobile applications should be aware of. 

The UK GDPR provides that data controllers and processors must show accountability in relation to complying with UK GDPR principles. This means having written policies and procedures in place and recording any compliance and risk assessment steps your business takes regarding protecting personal data.

App GDPR compliance

Many mobile apps process vast amounts of personal data, including personal photos and documents, credit card details, names and addresses, and user locations.

You must be able to show a lawful reason for processing personal data. Article 6 of the UK GDPR provides six lawful bases:

  • Consent
  • Contract
  • Legal obligation
  • Vital interests
  • Public task
  • Legitimate interests

You do not have to gain consent for every single act of data processing. Often one of the other five reasons is more appropriate, for example, legitimate interest. Examples of legitimate interests are ensuring security or sending our marketing information.

Mobile apps GDPR compliance

The most important factor is to document how you have considered the privacy of the users of your mobile app and you process user data.

Cookie consent

GDPR requires user consent for all tracking cookies. All EU and UK app users need to be informed about cookie use and given the option to consent or decline. The Privacy and Electronic Communications Regulations (PECR) requires that apps must obtain users’ informed consent before storing cookies on a user’s device for tracking purposes.

For more information on cookie consent read: what are cookies?

Privacy policies

All mobile apps must have an accessible privacy policy. Neither Google Pay nor App Store will publish or approve your app without a valid privacy policy. A Data Protection Solicitor can advise on and draft a bespoke privacy policy tailored to your mobile app and business.


Free Privacy Policy Template


Get legal assistance from LawBite

No one expects you to navigate the many privacy and data laws on your own - especially when you are focused on growing your business. 

The best way to ensure you are GDPR compliant is to partner with one of our specialist Privacy Law Solicitors. LawBite can advise you through each stage of your mobile app’s development and distribution.


Book a free 15 minute consultation


Additional resources

In closing

Nothing in this article constitutes legal advice on which you should rely. The article is provided for general information purposes only. Professional legal advice should always be sought before taking any action relating to or relying on the content of this article. Our Platform Terms of Use apply to this article.

Free legal support for businesses

The LawBite Free Essentials Plan acts as your very own legal assistant, ready to provide expertise and guidance on the common legal issues that SMEs and businesses face.

Free Templates
  • X 3 legal document templates
  • Drafted by our expert lawyers
  • New documents added every month
Legal Healthcheck Tools
  • Business-specific surveys
  • Understand how compliant you are
  • Checks in, GDPR, IP, Brexit and more
Resources, Webinars and Articles
  • Access to the latest LawBite events
  • Legal guides for businesses
  • Smarter business law videos