1. Terms and privacy policies should be easily accessible.
2. You should be notified in advance if the terms and conditions will be substantially modified.
3. The service should treat and define personal information according to European data protection legislation.
4. You should be able to easily find and access a list of the third parties that will receive your personal data.
5. Separate consent should be sought if information is shared beyond what is necessary to provide the service.
6. You should be able to change your privacy settings in the app itself, and public sharing of information should be off by default.
7. You should be able to download and upload your own data in a universal machine-readable format.
8. User data should not be stored for longer than what’s necessary in order to provide the service. Retention periods should be specified, and you should be able to delete your data when closing your account.
9. It should not be more difficult to delete an account than it was to create it. As long as you can create an account in the app, you should also be able to delete it there.
10. You should be notified in advance if you are being kicked out of the service. It should be possible to “save” your personal data, object to the termination, and receive an explanation for the decision.