Mobile App
Apps collect more data than websites — and the rules are stricter.
Mobile apps access device sensors, location data, push notifications, and app store ecosystems — each with its own regulatory implications beyond standard web compliance.
Vérification de la réalité
Does your app's privacy policy cover all data collected by third-party SDKs you've integrated?
GDPR (General Data Protection Regulation)
mandatory Art. 5(1)(c), Art. 6, Art. 7, Art. 25Vos obligations
- Consent before accessing device features (camera, location)
- Privacy policy accessible before first use
- App store privacy labels must match actual processing
- DPAs with all SDK providers (analytics, crash reporting)
- Data minimisation — only collect what's necessary
SiteGuardian surveille cela
- TLS/HTTPS encryption monitoring
- Automated cookie consent detection
- Security headers analysis
- Email transport encryption checks
- Breach notification SLA tracking (72h)
- Digital DPA/AVV signing
Risque en cas de non-conformité
App store removal for privacy violations. Class action lawsuits (noyb-style complaints). Fines per user affected.
ePrivacy Directive (Cookie Consent)
mandatory Art. 5(3)Vos obligations
- Consent for device storage access (equivalent to cookies)
- Consent for advertising identifiers (IDFA/GAID)
- No tracking without explicit opt-in
SiteGuardian surveille cela
- Pre-consent cookie and tracker detection
- Cookie banner presence and configuration analysis
- Reject option validation
- Consent mode compatibility check
Risque en cas de non-conformité
Apple/Google ATT enforcement. CNIL fines for app tracking without consent (multiple €M penalties in 2023-2024).
Cyber Resilience Act (CRA)
conditional Art. 10, Art. 11, Art. 13Vos obligations
- Security by design for products with digital elements
- Vulnerability handling and disclosure obligations
- Security updates for the product's expected lifetime
- Software Bill of Materials (SBOM) provision
SiteGuardian surveille cela
- TLS version and cipher suite monitoring
- Security headers enforcement checks
- Certificate chain and expiry validation
Risque en cas de non-conformité
Products banned from EU market. Fines up to €15M or 2.5% of global turnover.
European Accessibility Act (EAA)
mandatory Art. 4, Art. 13, Art. 31Vos obligations
- Mobile app accessibility (VoiceOver/TalkBack support)
- Touch target sizes per WCAG 2.2
- Accessible gestures and alternative input methods
SiteGuardian surveille cela
- WCAG 2.2 Level AA conformance auditing
- Automated accessibility scoring
- Violation severity breakdown and remediation hints
- Daily accessibility scans
Risque en cas de non-conformité
App store accessibility requirements increasing. Legal complaints under national EAA laws from June 2025.
Cela vous concerne-t-il ?
Si vous répondez oui à 2 ou plus, ces réglementations s'appliquent très probablement à votre entreprise.
Voyez où vous en êtes
Notre scanner gratuit vérifie la posture de sécurité de votre site, SSL, en-têtes, authentification e-mail et plus. Aucun compte requis.
Scan your app's backend securityCette page fournit des informations générales sur les cadres réglementaires de l'UE. Elle ne constitue pas un avis juridique. Consultez un professionnel du droit qualifié pour des conseils adaptés à votre situation. SiteGuardian documente votre surveillance en continu — la conformité relève de la responsabilité de votre organisation.