Google Play’s data deletion badge and Data deletion area within the Data safety section give users a new set of transparency and controls over their user data while providing developers a way to showcase how they treat user data responsibly. Our policy requires that if your app allows users to create an account from within your app, then it must also allow users to request for their account to be deleted.
Overview
The User Data policy's Account Deletion Requirement means that:
- All developers must complete new Data deletion questions in the Data safety form on the App content page (Policy > App content) in Play Console.
- If your app enables account creation, you must:
- Provide users with an in-app path to delete their app accounts and associated data.
- Provide a web link resource where users can request app account deletion and associated data deletion. You have the opportunity to show users if you delete other data too.
Make sure to read the policy in full and ensure you understand and comply as some information you provide about account and data deletion will be visible on your app store listing. Developers who are not in compliance by the deadline or after the extension period may be subject to enforcement actions.
In early 2024, Google Play users will begin to see reflected changes in your store listing where they can:
- Spot privacy control features your app offers with the refreshed data deletion badge in the Data safety section on your app’s store listing.
- Control their data by following your links in the Data deletion area, where they can submit requests to delete their account and/or other data where applicable.
You can expand the section below to see how this may look to users in your store listing if you support account deletion.
What users will see if your app supports account deletionNote: Images are examples and subject to change
Timeline information
We anticipate the following timeline for roll-out in Play Console and Google Play. Note that this is subject to change; updates will be posted in this article.
- April, 2023: We announced the new account deletion requirements and added the new Data deletion questions within your Data safety form. You can find this form on the App content page in Play Console.
- You can now fill out and submit the form to receive early feedback on identified issues. Complete these questions early to make sure your information is reviewed and approved before the feature launches to consumers next year.
- If there are issues with your answers to the Data deletion questions in your Data safety form, new submissions and app updates will be rejected in Play Console. You can temporarily proceed with app and Data safety form updates by clearing your responses to the Data deletion questions.
- December 7, 2023: Deadline to complete the Data deletion questions.
- Without an extension, app updates will require completed Data deletion questions in your Data safety form. You will no longer be able to publish a new app or app update if these questions are incomplete or have unaddressed issues.
- If you need more time to complete the Data deletion questions of the Data safety form, you can request an extension to May 31, 2024. We will let you know when this extension form is available in Play Console.
- Early next year: Users can start to see the new data deletion badge and Data deletion area on your app’s store listing in Google Play.
- The previous data deletion badge will be removed and no longer shown for all apps.
- In order for your app to show the new badge, you must have an approved Data safety form, including the Data deletion questions in Play Console.
- After May 31, 2024: Non-compliant apps may face additional enforcement actions in the future, such as the removal of your app from Google Play.
Frequently asked questions
What is an app account?An app account is a unique user identity that developers provide as a user-facing feature to serve the user across applications and devices (can often include use of usernames, email-addresses and passwords). App accounts generally include a mechanism to verify an identity, such as password, phone number OTP (one-time password), 2FA (two-factor authentication), biometric, SSO (single sign-on), and so on.
Your app supports account creation within the app if a user can complete creating an app account directly in the app or if the app directs the user to an app account creation flow outside of the app.
If your app offers account creation in any part of the app experience, then you still need to offer app account deletion even if some features can be accessed without an account.
A full end-to-end mobile first account deletion can be a great user experience. However, we understand that this may not yet be feasible for some developers, so we’re giving you options on how to meet this requirement. As an alternative, you can choose to provide a link within your app that takes users to your app account deletion web resource.
Yes, all developers will be prompted and required to answer a new set of questions in the Data safety form focused around deletion practices. If your app is within the scope of the policy requirements, you must disclose if your app provides account deletion and provide the web link within your Data safety form in Play Console. Some updates to your form will be reflected on your app store listing’s Data safety section.
Some users may have already uninstalled your app or not be able to access your in-app experience for a variety of other reasons. We want to ensure that all users can still exercise control over their data by being able to go to the web link based deletion resource that developers provide.
The weblink must be functional (for example, loads without error), relevant in scope (for example, the pathway to request account deletion should be prominently featured and easily discoverable on the page) and reference the app or developer name (that is, as it appears on your store listing in Google Play). The user must be able to request deletion of their account through the pathway. You can offer this in many ways, like an additional link that initiates account deletion or a form they can submit a request through. If the user needs to take additional steps before deleting their account (for example, canceling a subscription), this must be clearly outlined, and a support flow must be available for users to initiate.
Permanently private and enterprise device management apps are exempt from this policy requirement. Please note if your app falls within a highly regulated industry (such as utilities, healthcare, financial services), it is permissible if you need to provide additional flows to facilitate account deletion requests to completion. As a reminder, accounts that are created and operated offline are not app accounts and do not fall within policy scope.
It is possible that your app may need to retain certain data for legitimate reasons such as security, fraud prevention or regulatory compliance. In that case, you must clearly inform users about your data retention practices, for example, within your privacy policy.