Data Portability Apps

It is unclear how your application uses the Data Portability API
 

If you have received this notification in your email from the OAuth verification team, we are uncertain why your application requires the Data Portability API. Your application may only request access to data portability permissions for features that benefit the user by allowing them to move, copy, or transfer user data from one Google service to another platform or service, for the user’s benefit.

We require more information to determine whether your app fits within an approved use case for the Data Portability API scopes under the Data Portability API policy.

Step 1: Understand the use case for the Data Portability API

Review the appropriate use cases outlined in the Data Portability API policy to understand how your app has been assessed.

Step 2a: if you agree your app does not need the Data Portability API: 

Reply directly to the email you received from the OAuth Verification team and we will close your request.

Step 2b: if you believe your app is an acceptable use case

Reply directly to the email you received from the OAuth Verification with the following information:

  • Clarify how your app aligns to this use case based on functionality and user features
  • Explain how the requested Data Portability scopes are being used by your app
Your app is missing a clear call-to-action button for users to authorize and connect with Google

Your application must include a request for consent to initiate the OAuth authorization flow. The request for consent must include a clear call-to-action for the user. Examples include:

  • “Import from Google”
  • “Copy and move your data from Google”
  • “Copy your data from Google”
  • “Copy and move your Google data to <platform/service”
  • “Share your Google data and info” 

Please ensure your application’s request for consent meets each of the requirements outlined in the Data Portability API User Data Policy. Once updated, directly respond to the email you received to notify the OAuth Verification team that the updates have been completed.

The page where users authorize and connect with Google does not sufficiently explain the purpose of the connection and data export

Your application does not sufficiently explain to the user how their data will be used and shared alongside the request for user consent. The user should be well informed about the purpose for the data export. 

The requirements for transparent and accurate notice to the user are outlined in the Data Portability API User Data Policy. Once your disclosure meets these requirements, directly respond to the email you received to notify the OAuth Verification team that the updates have been completed, including instructions on where to find the disclosure.

Was this helpful?

How can we improve it?
true
Search
Clear search
Close search
Main menu
16336420898022717386
true
Search Help Center
true
true
true
true
true
95384
false
false