Hi
We currently have an app being rejected due to Guideline 5.4 (VPN apps). The answer from App Review was a vague reference to the app not providing enough information to the user about data collection.
About 6 months ago we added a modal sheet that requires agreement from the user before the app will attempt to create a VPN profile via NEVPNManager APIs. This was in response to a prior rejection, and our app was subsequently approved.
Following our latest rejected update we tried to clarify if our modal was being observed and after some back and forth, the latest rejection from Apple Review states that:
we still found that your app does not sufficiently explain how the app or VPN service is using data collected from users in the purpose string of VPN Configurations prompt.
I have scoured the documentation and gone through all the Plist options within Xcode and can find no reference to a custom purpose/privacy string on the VPN configurations prompt. My understanding is that the content of that alert is fully controlled by the system.
Has anyone else encountered this, or aware of any changes to the way VPN apps should create new connection profiles?
Many thanks