# Compliance Requirements
Developers can build Apps on the Poynt platform to reach customers via the Poynt app store. The apps developed should be in accordance with the Poynt's Compliance requirements as follows:
# List of Compliance Requirements:
- Apps should only request required permissions in their application manifest. Permission requests to write sensitive information to shared internal storage, read card data, attempt to mount/unmount file systems etc are not allowed.
- The app cannot download Adware etc that automatically installs without user consent. Also, app cannot send spam or introduce viruses.
- The app can only receive updates by way of an upgrade through the Poynt app store.
- After download, an app should remain working until user manually minimizes the app or stops it. App should provide a way to seamlessly transition between screens within the app. App should include a Home Button at the top of the navigation bar which takes user to the Launcher screen. Apps should not interrupt current workflow of other apps(i.e. Background apps/notifications should not interfere with foreground apps).
- For any Identity and Access management, apps should use Poynt’s Identity services to gain access to their system for onboarding, setup and other functionality.
- You may Not mention other app platforms in your app other than Poynt (for instance: “Also available on X!”).
- The app must have some functionality. For instance, it can’t be just a marketing page leading to some online solution. The Only exception to this rule would be if your app is only available as a cloud app (i.e. web app).App Functionality should be in sync with functionality described in Poynt store.
- For all Billing needs, app must always use Poynt Billing.
- All apps must have a minimum 14-day Trial.
- The app does not misrepresent itself as any other app or service other than as intended or advertised.
- Applications built by developers from sanctioned countries are not allowed. Any country or entity on the OFAC list (opens new window) list will be blocked. App should in addition honor country-specific compliance requirements including data storage and protection (e.g. GDPR in EU markets).
- Custom payment methods such as Gift cards and/or Stored balances are allowed with appropriate licensing and legal documentation. Open loop gift cards would require the developer to further present proof of all necessary financial, compliance and issuing requirements.
- Data and Privacy - Developer to provide a list of all data an app collects (eg. end customer and/or merchant info, txns, order info, etc.) Also, how and where this data is transmitted and stored.