In July 2021, we announced additional details on the safety section in Google Play following our initial blog post in May 2021. Developers will soon be required to declare how they collect, share, and protect data for the apps they publish on Google Play. This information will be shown on your store listing to help users better understand your privacy and security practices before they download your app.
This article provides an overview of the new safety section requirements, actions needed to complete it, and a timeline of upcoming events (dates subject to change). We will continue to share more guidance over the next few months.
The safety section in Google Play is a simple way for you to help people to understand what data your app collects or shares, as well as showcase your app’s key privacy and security practices. This information helps users make more informed install decisions.
By April 2022, all developers must declare how they collect and handle personal and sensitive user data for the apps they publish on Google Play, and provide details about how they protect this data through security practices like encryption. This includes data collected and handled through any third party libraries or SDKs used in their apps.
You will be able to declare this information through a questionnaire in a new "App privacy & security" section on the App content page (Policy > App content) in Play Console. This information will then be shown in the safety section on your store listing to help users better understand your privacy and data collection practices.
You can expand the section below to see how your store listing will look to Google Play users.What users will see
Note: Images are directional and subject to change
All developers that have an app published on Google Play are required to complete a questionnaire in the new "App privacy & security" section on the App content page in Play Console.
To begin preparing for these changes, we recommend that you:
- Read and understand the requirements for completing the "App privacy & security" section in Play Console and supporting User Data policy.
- Review how your app collects and shares personal and sensitive user data and your app’s security practices. In particular, check your app’s declared permissions and the APIs that your app uses.
- In addition to reviewing how your app collects and shares data, you should also review how any third-party code (such as third-party libraries or SDKs) in your app collects and shares data. It's your responsibility to ensure that any such code used in your app is compliant with Play Developer Program policies.
You can expand the section below to see the planned timeline for the "App privacy & security" section roll-out in Play Console.Timeline information
We anticipate the following timeline for the "App privacy & security" section roll-out in Play Console. Note that this timeline is subject to change; updates will be posted in this article.
- October 2021: The "App privacy & security" section will be available on the App content page in Play Console.
- This Help Center article will be updated with additional guidance.
- Developers can fill out and submit the questionnaire to receive feedback. App submissions will not be impacted during this time.
- Early 2022: The new safety section will be available on Google Play to all users.
- If there are any discrepancies in the information provided, content will not be displayed to users and new app submissions and app updates will be rejected. Until April 2022, developers can temporarily proceed to publish app updates by reverting their “App privacy & security” to draft mode.
- April 2022: New app submissions and app updates will be rejected in Play Console if there are unresolved issues with the questionnaire.*
- All new app and app updates will require a completed “App Privacy & security” section.
*Developers' existing apps on Google Play may be removed in the future due to non-compliance.
This section explains what information you need to declare in the "App privacy & security" section in Play Console, and lists different data types and purposes that will be available.
The information you provide will ultimately be shown to users in the safety section in Google Play. For example, users will see a summary of what personal and sensitive user data your app may collect and whether it’s shared with other companies.
Click on the sections below to expand or collapse them.Data collection
You will need to disclose as “Collected” the types of personal and sensitive user data that are transmitted off a user’s device. Some transmission of data off device, such as where that data is end-to-end encrypted (that is, not readable by you), will not need to be disclosed as “Collected.” We will provide more guidance on these terms in the coming months.
You will need to disclose the data types that you share with third parties as user data that your app “Collects and shares." Some transfers of data, such as for legal compliance or to "service providers" that process data on the developer’s behalf, will not be considered “sharing.” We will provide more guidance on these terms in the coming months. In particular, we will provide additional guidance on the meaning of a “service provider,” but certain ads uses, including building or using advertising profiles across customers, will not be considered “service provider” activity for purposes of the sharing disclosures and thus would need to be disclosed as "sharing."
Your “App privacy & security” section is also an opportunity for you to showcase your app’s privacy and security practices to your users . For example:
- Encryption in transit: Is data collected or shared by your app encrypted in transit?
- Deletion mechanism: Does your app provide a way for users to request deletion of their data?
- Families policy: Does your app's data collection practices comply with Google Play's Families Policy?
- Independent security review: Are you interested in taking your app through an external security review based on a global standard?
- How it’s collected: Is data collection optional or required to use the app?
Click on the sections below to expand or collapse them.Data types
Developers will be asked to provide collection, sharing, and other practices for a range of personal and sensitive data types, as well as the purposes for which you use that data.
We will publish full list of data types along with supporting guidance in coming months, but examples include:
- Location data like user approximate or precise location
- Personal information like user name, phone number and email address
- Financial info like user credit card number and bank account account number
- Health and fitness information
- Photos or videos
- Audio files like sound recordings and music files
- Storage like files and docs
- Emails or texts
- Calendar information
- Contacts information
- Installed apps on user device
- Actions in apps like page views
- App performance like crash logs and performance diagnostics
- Identifiers like device id
Developers will also need to disclose the purposes for which they use these data types, such as:
- app functionality required for the app to work;
- developer communications like reminders, notifications, promotions, and similar communications;
- analytics about how users use the app and how it performs;
- fraud prevention and security; or
- personalization of things like content and recommendations.
We will publish a full list of data purposes along with supporting guidance in coming months.