Another place we’ve seen many apps fail Store submission is with 4.1.1 of the Windows Store Certification Requirements (v4.0). It’s title is “Your app must have a privacy statement if it is network-capable.” It basically says that if you declare any network-related capabilities in your app manifest, you need to have a privacy policy available from two places specific places.

To the point of being network-capable, the requirement states, “If your app has the technical ability to transmit any user’s personal information, you must maintain a privacy policy.” While you could interpret this statement to suggest that an app that doesn’t collect any kind of personal information at all, e.g. just downloads posts from a public blog, doesn’t need a privacy policy, it’s best to err on the side of a more general meaning. The phrase “if your app has the technical ability” means that whether or not you collect any personal information, declaring those capabilities in the manifest means that you do, in fact, have the ability. So you want to have a privacy policy.

The requirement then states where that policy must be accessible: “You must provide access to your privacy policy in the Description page of your app, as well as in the app’s settings as displayed in the Windows Settings charm.”

The short of this means that you need to have a web page somewhere with the privacy policy, preferably in every language that you support in your app, though this is not explicitly spelled out (after all, page translators can be used on your page). That page is what you link to in your app’s description. [Addendum: This is required because it allows users to check the privacy policy before installing the app, rather than after the fact.]

In your Settings pane, then, you can make the privacy policy accessible in one of two ways. First, you can just create a link to that same web page, which opens the browser to display it. No problem there. Second, you can create a flyout panel that contains the text directly, often by using an iframe that loads its contents from your web page. I use this latter approach in the Here My Am! app in Chapter 17 of Programming Windows 8 Apps in HTML, CSS, and JavaScript, where I do have localized versions of the policy on my web site and include those within an iframe (as shown below in German).

The bottom line: set up privacy policy pages in your supported languages on a web site, and be sure to link to that page in your app Description and through your Settings, and don’t risk failing certification for such a basic matter.


This is something we saw with a number of early partners. In the app manifest, in the Application UI section of Visual Studio’s editor, there’s an option called Show name with a variety of options:

By default, this is set to “All logos” meaning that the value in the “Display name” field (also on the Application UI section), or the value in the “Short name” field, if given,  will appear on the lower left of a tile as shown here:

As you can see here, the display name/short name text is redundant with the app name that’s already on the tile. To remove it, select one of the other options in the Show name drop-down.

It’s a good thing to double-check before submitting an app to the Store. Having a name show on a tile when the graphic shows a name too won’t cause the app to fail certification, but it does look a little silly.

When you support live tiles, there are situations where you do want the name or a badge logo to appear on the tile, even though you don’t show the name for the default tile. For these purposes, use the branding attribute in the tile update XML. See Chapter 13 of Programming Windows 8 Apps with HTML, CSS, and JavaScript, in the “Branding” section (page 585) for details.

 

 


With requirement 6.2 of the Windows Store Certification Requirements (v4.0), all apps must have an age rating. Be sure to follow the guidelines because they are taking very serious from everything I've seen, and many apps fail on this simple basis.

One of the key bits to pay attention to is the following statement:

If your app provides a user with uncontrolled: (i) access to online social networks, or (ii) sharing of personal information with third parties, including other gamers or online acquaintances, then you must assign it a Windows Store rating of at least 12+.  For such activity to be considered "controlled", your app must include parental control features that require parental permission to use such sharing features, and you must identify those and explain their functionality in the Notes to testers.

To make this story short, if your app uses the Internet, carefully evaluate your usage to understand whether you need the 12+ rating or not. Also see Giving Your App an Age Rating.

You also want to make sure that any terms of service you link to from your app indicates ages that are compatible with your chosen age rating with the Store. One partner I worked with a while back failed for this reason: their terms of service said something about a person needing to be 14 years or older to agree, but the app was rated for an age lower than that. This meant that a young user could acquire the app from the Store but wasn't technically allowed to use it due to the terms of service.

It's good to note that earlier versions of the Store certification requirements specifically called out manifest capabilities like geolocation and webcam as requiring a 12+ age rating in and of themselves. This has been refined to allow apps with a 3+ rating, for example, to use the webcam, so long as it does not allow uncontrolled sharing of pictures. So a 3+ app can take pictures from the webcam and let a preschooler doctor themselves up, no problem, but sharing the results via a social network would require parental consent in the app.