I'm an attorney and have worked with several financial institutions drafting policies/statements/investor disclosures about privacy and user data. For most financial institutions user privacy is good for the bottom line but expensive so they tend to do the bare minimum. The bare minimum is not a lot but it's quite a bit more than nothing, which is what most non-medical/non-financial institutions have to do. I've never worked with a tech company on privacy matters but I would expect any company that depends on collecting and monetizing user data to be much more aggressive than the typical financial institution. That said, comparing Apple's privacy policies to those of a financial institution they are truly above and beyond any minimum regulatory standard.
I know most people don't pay them any attention but I'm really not sure you could find a more customer-focused privacy policy. I've yet to find one and I would guess I've read at least 10x as many privacy policies as the average person. Everything from what their disclosures say to how they've structured them to be easily read, easily understood, and (dare I say) engaging is indicative of just how much they prioritize user-privacy.
I know most people don't pay them any attention but I'm really not sure you could find a more customer-focused privacy policy. I've yet to find one and I would guess I've read at least 10x as many privacy policies as the average person. Everything from what their disclosures say to how they've structured them to be easily read, easily understood, and (dare I say) engaging is indicative of just how much they prioritize user-privacy.
edit: meant non medical