GDPR compliance for mobile apps: A checklist in 7 steps

Mobile app developer! How do you secure your users’ privacy and make your company app meet GDPR requirements? A checklist for securing your app’s GDPR compliance in 7 easy steps.
Table of Contents

GDPR - an app developer's headache

Meet Chris. 

Chris works as an Android app developer at an international SaaS. He’s got a lot of exiting tasks, but one day “the compliance task” landed on his desk.

Like any other task, Chris got to work head held high. 

The only problem was, he didn’t know what he was doing.

He is a developer, not a lawyer. 

No matter how much he browsed through privacy laws, he didn’t know how to solve the case.

But today, things are different.

Today Chris is on top of his game.

He has solved the task and made sure his company’s mobile app is GDPR compliant.. even without reading the GDPR.

And now he can go back to what he loves doing: developing cool in-app features.

Here’s how he did it.

A checklist to secure your app’s GDPR compliance

Chris reached out to me one day and asked: can you help me make sure our app complies with the GDPR?

I replied: checkmark each of these steps on this GDPR checklist for mobile apps. Then your app complies with the GDPR.

It may look like a daunting task.

Get in touch with Cookie Information and we will handle every single step for you. 

Just like Chris did! 

GDPR checklist for mobile apps:

  1. First, find out which law applies to your app.
    • GDPR/ePrivacy?
    • CCPA?
    • LGPD?
  2. Then perform an audit to know:
    • All the mobile SDK’s you use in your app (Firebase, CoreLocation, AdMob).
    • What data these SDK’s collect and process.
  3. Inform your users.
    • Inform users of what personal data the SDK’s are collecting.
    • Make sure your app also has a privacy policy.
    • Update information when making changes to your use of SDK’s.
  4. Collect valid consent. Consent must be:
    • Freely given
    • Informed
    • Specific
    • Unambiguous
  5. Get consent before collecting data (prior consent).
    • Make sure SDK’s cannot store, gain access to or collect personal data before you have collected your user’s consent.
  6. Make it easy to withdraw consent.
    • Consent must be as easy to reject as it is to give.
  7. Store all consents for documentation.
    • In case the Data Protection Authority wants to see them.

How do I collect consent in our mobile app?

Go through every single privacy law to know exactly how you respect your users’ privacy.

And you can build a mobile app consent SDK for both Android and iOS to collect all your users’ consents.

Or you can let Cookie Information handle everything.

We provide you with a proven and stable Consent Management Platform that:

  • can collect consent on your behalf in your company’s mobile app.

And you can rest assured that:

  • your app always complies with international data privacy laws.

Wherever in the world you have users and customers!

Mobile App Consent from Cookie Information collects consents for your use of mobile SDK's.
Use our GDPR checklist for mobile apps to know if your app is GDPR compliant

How does Cookie Information’s Mobile App Consent work?

Deploy the Mobile App Consent SDK directly in your app (both on iOS and Android).

The Mobile App Consent SDK asks for consent for your use of third-party SDK’s.

It uses a consent pop-up to collect consents. We store all consents both locally and on secure servers within the EU/EEA.

We can retrieve all consents for you, if you are subject to an audit by the Data Protection Authority.

Use Cookie Information’s Mobile App Consent SDK to ensure your company app’s GDPR compliance.

Just like Chris did!

Get in touch and we’ll show you how.


Choose to log in to:

* Log into Consent Management to access your Website Consent Banner and Mobile App account. Log into Privacy & Compliance to access Data Discovery and Data Subject Request.