To ensure privacy policies aren't tweaked after apps have been submitted, Apple say the policies will only be available to edit when a new version of the app is submitted.
The new policy also means apps must detail any third parties that data is shared with -- such as analytics tools, advertising networks, and third-party SDKs -- and must ensure these parties are also compliant with the new policy.
Under the terms of the policy, the app must also explain its data retention and deletion policies, as well as informing users how they can revoke consent or request their data be deleted.
SEE: IT pro's guide to GDPR compliance (free PDF)
At its core, the regulation is designed to reflect the data-centric nature of the modern world and to update laws governing personal data, privacy and consent across Europe accordingly.
Designed to provide users with more control over their data, the legislation applies to any organisation that does business in Europe.
Apple's new privacy rules have already claimed at least one victim in the run up to October 3 -- Facebook's Onavo VPN app has already been 'voluntarily' removed from the App Store based on a request from Apple.
A source familiar with the app said Facebook was able to use the free virtual private network to monitor how iPhone users used their devices outside Facebook.
The incident is another black mark against Facebook's privacy policies following the Cambridge Analytica (CA) revelations, which found that up to 87 million users had their data "improperly shared" by CA.
READ MORE ON CYBER SECURITY
- GDPR: What's really changed so far?
- Only 20% of companies believe they're actually GDPR compliant TechRepublic
- Google, Facebook hit with serious GDPR complaints: Others will be soon
- Hundreds of US news sites unavailable in Europe two months after GDPR CNET
- How Cambridge Analytica used your Facebook data to help elect Trump