Separate APP policies

Hi All

I hope you are well and have a Merry Christmas and a Happy New Year.

Anyway, trying to get my head around APP policies for both BYOD and Corp (COBO) Android devices.

I'd like nothing more than a single APP policy for Android but there are certain settings such block screenshots that I would like to include in the BYOD APP policy but not include in the Corp (COBO) APP policy.

So, my thinking is:

• BYOD APP policy > Assigned to E3 / F3 groups > Filter on EXCLUDE corp devices
• Corp Owned / Intune Enrolled COBO APP policy - Filter on EXCLUDE personal devices

Could someone advise on the best way to achieve this? What's the best Device / App filter syntax to use?

Info appreciated