Privacy & Compliance Playbook

A practitioner's checklist for handling user data the right way — Privacy Manifest, ATT, system pickers, App Store nutrition labels, GDPR/CCPA/COPPA. Synthesized from 12 years of WWDC privacy sessions and Apple's app review guidance.

Not legal advice. This playbook covers Apple's technical privacy primitives and common compliance touchpoints. For jurisdiction-specific obligations (GDPR, CCPA/CPRA, COPPA, HIPAA, regional rules) consult qualified counsel.

Overall progress reset progress

The Pathway

All Items

Quick Wins

The Privacy Pathway

Five sequential phases. Inventory first — you can't protect what you haven't catalogued. Then adopt system privacy APIs (the ones Apple ships are usually safer than what you'd build), handle data carefully, contain third-party leakage, and finally make compliance disclosure honest and durable.

All Items

Filter by impact, effort, risk, or category. Risk = how bad it gets if you skip this item — blocker (App Store rejection or regulator action) → low (best practice but tolerable).

Quick Wins

High-impact items that take less than a sprint. Most are configuration changes, manifest entries, or small code edits with disproportionate compliance value.

Each dashboard contains: deep transcript analysis (best practices, hidden gems, performance tips, migration guidance), curated learning pathways with prerequisites, session clusters, transcript-vs-docs deltas, and an interactive dependency graph.

Source transcripts from Nonstrict WWDC Index and auramagi gist. Independent project, not affiliated with Apple. Code is MIT; original editorial content and curation are CC BY-NC-ND 4.0. See third-party notices.