[fiiv]

I think as other users have said, the review board is your best bet.

But maybe you could let us know more about what the problem is exactly? Here's Apple's guidelines for VPNs: https://developer.apple.com/app-store/review/guidelines/#vpn...

Sounds from what you said the user is informed about what data you are collecting, but what other part of the guidelines are you potentially breaking here?

[fairplayer]

Apple Review Team rejected us based on: 5 Performance: Software Requirements Unapproved use of VPN in this context.

[fiiv]

"2.5 Performance" is a long section with various ways your app might violate this clause. In no part of it does it specifically mention VPNs. So you're going to have to a bit more specific here.

I can assume that your app falls under this part of 2.5.1:

> Apps should use APIs and frameworks for their intended purposes and indicate that integration in their app description. For example, the HomeKit framework should provide home automation services; and HealthKit should be used for health and fitness purposes and integrate with the Health app.

So you're running a VPN using the NEVPNManager API, and I'm guessing your app does something such as monitor traffic or speed or something like that by routing all traffic through a VPN so you can "listen in" to get your reports.

Apart from appealing the ruling, I think maybe if you could be more specific as to what your app is collecting and why, someone here might help with figuring out an alternative way of doing that so that you can get your app back in the store.