Before you install an app from Google Play, you can check the app's Data safety section. Developers use the Data safety section to share information about how their app handles your data. This way, you can make more informed decisions about what apps you use.
Find an app’s data safety information
- Go to play.google.com.
- Browse or use the search bar to find an app.
- Select an app.
- Under "Data safety," you’ll find a summary of the app’s data safety practices.
- For more detail, select See details.
Tip: The info in the Data safety section only applies to apps distributed on Google Play. You’ll only find the Data safety section on Android 5 and up.
Understand & review app data safety practices
The Data safety section of an app listing lets developers describe how their apps collect, share, and handle different types of data. Developers explain their practices for:
- Data collection: Developers describe the types of user data their app collects, how they use this data, and whether the collection of this data is optional. Data is generally considered “collected” when the developer uses their app to retrieve data off your device.
- Data sharing: Developers describe if their app shares your data with third parties and what types of data are shared. Data is generally considered "shared" when it is accessed by the app and transferred to a third party.
- In some cases, developers do not need to disclose data as "shared" even if it's technically transferred to another party (for example, when you give your consent to transfer the data after the app explains how it will use the data, or when the data is shared with a developer’s service provider). Learn more about these cases below.
Understand data collection & data sharingData collection
Developers do not need to disclose data accessed by an app as "collected" in the Data safety section if:
- An app accesses the data only on your device and it is not sent off your device. For example, if you provide an app permission to access your location, but it only uses that data to provide app functionality on your device and does not send it to its server, it does not need to disclose that data as collected.
- Your data is sent off the device but only processed ephemerally. This means the developer accesses and uses your data only when it is stored in memory, and retains the data for no longer than necessary to service a specific request. For example, if a weather app sends your location off your device to get the current weather at your location, but the app only uses your location data in memory and does not store the data for longer than necessary to provide the weather.
- Your data is sent using end-to-end encryption. This means the data is unreadable by anyone other than the sender and recipient. For example, if you send a message to a friend using a messaging app with end-to-end encryption, only you and your friend can read the message.
Sometimes apps may redirect you to a different service to complete a certain action. For example, an app may direct you to a payment service such as PayPal, Google Pay, or another similar service, to complete a purchase. In these cases, the app developer does not need to declare the data collected by the other service if:
- The app does not access this information, and
In some cases, app developers do not need to declare data that is transferred to others as "shared" in the Data safety section. This includes when:
- The data is transferred to a third party based on a specific action that you initiate, where you reasonably expect the data to be shared. For example, when you send an email to or share a document with another person.
- The data transfer to a third party is prominently disclosed in the app, and the app requests your consent in a way that meets the requirements of Google Play’s User Data policy.
- The data is transferred to a service provider to process it on the developer’s behalf. For example, a developer may use a service provider to host data on their behalf and in compliance with the developer's instructions, contractual terms, privacy policies, and security standards.
- The data is transferred for specific legal purposes, such as in response to a government request.
- The data transferred is fully anonymized so it can no longer be associated with any individual.
Other information in the Data safety sectionSecurity practices
Developers can describe certain security practices they use. This includes if their app:
- Encrypts data that it collects or shares while it’s in transit.
- Some apps are designed to let you transfer your data to another site or service. These apps may declare in their Data safety section that your data is transferred over a secure connection as long as they use best industry standards to safely encrypt your data while it travels between your device and the app’s servers. The sites or services that you choose to have your data transferred to may have different privacy and security practices. Review those practices independently to ensure that you are transferring your data to secure destinations. For example, a messaging app that declares that it encrypts your data in transit may give you an option to send an SMS message through your mobile services provider. You should review the data handling practices of your mobile services provider, as it may not be using encryption in transit to securely send SMS messages over its mobile network.
- Has been independently reviewed against a global security standard. This independent review validates the app’s security practices against a global standard. The third-party organizations performing the review are doing so on the developers' behalf. This review does not verify the accuracy and completeness of the developer’s Data safety section disclosure.
- Committed to follow Play’s Families Policy. Apps in Google Play’s Designed for Families program and any apps that include children in their target audience must follow Play's Families Policy Requirements. Developers of apps in the Designed for Families program can choose whether they would like their Data safety section to disclose that they have committed to follow Play’s Families Policy. The policy requires, among other things, that app content that is accessible to children be appropriate for children and that the app follows stricter data practices and other requirements.
Learn more about the disclosures for account management data and system services.
Types of data & collection purposes covered in the Data safety section
The Data safety section explains the purpose for collecting and sharing specific types of data. Developers must use the same categories to explain these purposes so you can consistently compare multiple apps. The info should describe all versions and variations of the app.
Learn more about the data types and purposes included in the Data safety section.
Yours or your device's physical location to an area greater than or equal to 3 square kilometers, such as the city you are in.
|Precise location||Yours or your device's physical location within an area less than 3 square kilometers.|
How you refer to yourself, such as your first or last name, or nickname.
|Email address||Your email address.|
|User IDs||Identifiers that relate to an identifiable person. For example, an account ID, account number, or account name.|
Your address, such as a mailing or home address.
|Phone number||Your phone number.|
|Race and ethnicity||
Information about your race or ethnicity.
|Political or religious beliefs||
Information about your political or religious beliefs.
Information about your sexual orientation.
Any other personal information such as date of birth, gender identity, veteran status, etc.
|Financial info||User payment info||
Information about your financial accounts, such as credit card number.
Information about purchases or transactions you have made.
Information about your credit. For example, your credit history or credit score.
|Other financial info||
Any other financial information, such as your salary or debts.
|Health and fitness||Health info||
Information about your health, such as medical records or symptoms.
Information about your fitness, such as exercise or other physical activity.
Your emails, including the email subject line, sender, recipients, and the content of the email.
|SMS or MMS||
Your text messages, including the sender, recipients, and the content of the message.
|Other in-app messages||
Any other types of messages. For example, instant messages or chat content.
|Photos and videos||Photos||Your photos.|
|Audio files||Voice or sound recordings||
Your voice, such as a voicemail or a sound recording.
Your music files.
|Other audio files||
Any other audio files you created or provided.
|Files and docs||Files and docs||
Your files or documents, or information about your files or documents, such as file names.
Information from your calendar, such as events, event notes, and attendees.
Information about your contacts, such as contact names, message history, and social graph information like usernames, contact recency, contact frequency, interaction duration, and call history.
|App activity||App interactions||
Information about how you interact with the app. For example, the number of times you visit a page or sections you tap on.
|In-app search history||Information about what you have searched for in the app.|
|Installed apps||Information about the apps installed on your device.|
|Other user-generated content||
Any other content you generated that is not listed here, or in any other section. For example, bios, notes, or open-ended responses.
Any other activity or actions in-app not listed here, such as gameplay, likes, and dialog options.
|Web browsing||Web browsing history||
Information about the websites you have visited.
|App info and performance||Crash logs||
Crash data from the app. For example, the number of times the app has crashed on the device or other information directly related to a crash.
Information about the performance of the app on the device. For example, battery life, loading time, latency, framerate, or any technical diagnostics.
|Other app performance data||
Any other app performance data not listed here.
|Device or other IDs||Device or other IDs||
Identifiers that relate to an individual device, browser, or app. For example, an IMEI number, MAC address, Widevine Device ID, Firebase installation ID, or advertising identifier.
|Account management||Used for the setup or management of your account with the developer.||
For example, to let you:
|Advertising or marketing||Used to display or target ads or marketing communications, or measuring ad performance.||For example, displaying ads in your app, sending push notifications to promote other products or services, or sharing data with advertising partners.|
|App functionality||Used for features that are available in the app.||For example, to enable app features, or authenticate you.|
|Analytics||Used to collect data about how you use the app or how it performs.||For example, to see how many users are using a particular feature, to monitor app health, to diagnose and fix bugs or crashes, or to make future performance improvements.|
Used to send news or notifications about the app or the developer.
For example, sending a push notification to inform you about new features of the app or an important security update.
|Fraud prevention, security, and compliance||
Used for fraud prevention, security, or compliance with laws.
For example, monitoring failed login attempts to identify possible fraudulent activity.
Used to customize your app, such as showing recommended content or suggestions.
For example, suggesting playlists based on your listening habits or delivering local news based on your location.
Control app permissions & data collection after download
After you download an app, the app must ask for permission to access your data. If an app collects data you’re not comfortable sharing, you can:
- Change your app permissions for a single app or by permission type in your phone's Settings.
- Automatically remove permissions for unused apps.
- Delete apps to stop future data collection. If you can’t request deletion of your data from within the app, you may need to reach out to the developer to request deletion of any data the app has already collected.