When a customer sets up an iCloud account, basic customer information such as name,
physical address, email address, and telephone number may be provided to Apple.
Additionally, information regarding iCloud feature connections may also be available. iCloud
customer information and connection logs with IP addresses, if available, may be obtained
with the appropriate legally valid request for the requestor’s country. Connection logs are
retained up to 25 days.
II. Mail Logs
Mail logs include records of incoming and outgoing communications such as time, date,
sender email addresses, and recipient email addresses. iCloud mail logs are retained up to 25
days; and, if available, may be obtained with the appropriate legally valid request for the
requestor’s country.
III. Email Content and Other iCloud Content, My Photo Stream, iCloud Photo
Library, iCloud Drive, Contacts, Calendars, Bookmarks, Safari Browsing History,
Maps Search History, Messages, iOS Device Backups
iCloud stores content for the services that the customer has elected to maintain in the
account while the customer's account remains active. Apple does not retain deleted content
once it is cleared from Apple’s servers. iCloud content may include email, stored photos,
documents, contacts, calendars, bookmarks, Safari browsing history, Maps Search History,
Messages and iOS device backups. iOS device backups may include photos and videos in the
Camera Roll, device settings, app data, iMessage, Business Chat, SMS, and MMS messages
and voicemail. All iCloud content data stored by Apple is encrypted at the location of the
server. For data Apple can decrypt, Apple retains the encryption keys in its U.S. data centres.
Apple does not receive or retain encryption keys for customer’s end-to-end encrypted data.
All requests from government and law enforcement agencies outside of the United States for
content, with the exception of emergency circumstances (defined above in Emergency
Requests), must comply with applicable laws, including the United States Electronic
Communications Privacy Act (ECPA). A request under a Mutual Legal Assistance Treaty or
under an Executive Agreement under the Clarifying Lawful Overseas Use of Data Act
(“CLOUD Act Agreement”) is in compliance with ECPA. Apple will provide customer content,
as it exists in the customer's account, only in response to such legally valid request.
II. Advanced Data Protection
Advanced Data Protection for iCloud is a feature that uses end-to-end encryption to protect
iCloud data with Apple’s highest level of data security. For users who enable Advanced Data
Protection for iCloud, limited iCloud data may be available. More information on Advanced
Data Protection can be found athttps://support.apple.com/guide/security/advanced-data-
protection-for-icloud-sec973254c5f/webandhttps://support.apple.com/kb/HT212520.
The following information may be available from iCloud if a user has enabled Advanced Data
Protection for iCloud:
a. Customer Information
When a customer sets up an iCloud account, basic customer information such as name,
physical address, email address, and telephone number may be provided to Apple.
Additionally, information regarding iCloud feature connections may also be available.
iCloud customer information and connection logs with IP addresses, if available, may be
obtained with the appropriate legally valid request for the requestor’s country.
Connection logs are retained up to 25 days.