For new data safety section in play console.do we ,as play console developer,needs to create an online form to state down the data usage outline? I don’t know anything about online stuff,so i would like to know does nsbasic have any approach,any plans?i think the deadline is july this year.so i need to spent money on this online form?tell me wrong if i misunderstood google’s stand.i do not collect any data from the user.
Can you include a link to the exact page you are referring to?
Sorry,i think i made a mistake.the data section is one of the form in the app.below is the help page of google console.could nsbasic kindly provide a sample of data safety form text,is it possible?thanks in advance.
User Data
You must be transparent in how you handle user data (e.g., information collected from or about a user, including device information). That means disclosing your app’s access, collection, use, and sharing of the data, and limiting the use of the data to the purposes disclosed. In addition, if your app handles personal and sensitive user data, please also refer to the additional requirements in the “Personal and Sensitive User Data” section below. These Google Play requirements are in addition to any requirements prescribed by applicable privacy and data protection laws. If you include third party code (e.g., SDKs) in your app, you must ensure that the third party code used in your app is compliant with Google Play Developer Program policies.
COLLAPSE ALL EXPAND ALL
Personal and Sensitive User Data
Personal and sensitive user data includes, but isn’t limited to, personally identifiable information, financial and payment information, authentication information, phonebook, contacts, device location, SMS and call related data, inventory of other apps on the device, microphone, camera, and other sensitive device or usage data. If your app handles personal and sensitive user data, then you must:
Limit your access, collection, use, and sharing of personal and sensitive user data acquired through the app to purposes directly related to providing and improving the features of the app (e.g., user anticipated functionality that is documented and promoted in the app's description on Google Play). Sharing personal and sensitive user data includes using SDKs or other third party services that cause data to be transferred to a third party. Apps that extend usage of personal and sensitive user data for serving advertising must be in compliance with our Ads Policy.
Handle all personal and sensitive user data securely, including transmitting it using modern cryptography (for example, over HTTPS).
Use a runtime permissions request whenever available, prior to accessing data gated by Android permissions.
Not sell personal and sensitive user data.
Prominent Disclosure & Consent Requirement
In cases where users may not reasonably expect that their personal and sensitive user data will be required to provide or improve the policy compliant features or functionality within your app (e.g., data collection occurs in the background of your app), you must meet the following requirements:
You must provide an in-app disclosure of your data access, collection, use, and sharing. The in-app disclosure:
Must be within the app itself, not only in the app description or on a website;
Must be displayed in the normal usage of the app and not require the user to navigate into a menu or settings;
Must describe the data being accessed or collected;
Must explain how the data will be used and/or shared;
Cannot only be placed in a privacy policy or terms of service; and
Cannot be included with other disclosures unrelated to personal and sensitive user data collection.
Your in-app disclosure must accompany and immediately precede a request for user consent and, where available, an associated runtime permission. You may not access or collect any personal and sensitive data until the user consents. The app’s request for consent:
Must present the consent dialog clearly and unambiguously;
Must require affirmative user action (e.g., tap to accept, tick a check-box);
Must not interpret navigation away from the disclosure (including tapping away or pressing the back or home button) as consent; and
Must not use auto-dismissing or expiring messages as a means of obtaining user consent.
To meet policy requirements, it’s recommended that you reference the following example format for Prominent Disclosure when it’s required:
“[This app] collects/transmits/syncs/stores [type of data] to enable ["feature"], [in what scenario]."
Example: “Fitness Funds collects location data to enable fitness tracking even when the app is closed or not in use and is also used to support advertising.”
Example: “Call buddy collects read and write call log data to enable contact organization even when the app is not in use.”
Examples of common violations
Restrictions for Personal and Sensitive Data Access
In addition to the requirements above, the table below describes requirements for specific activities.
Activity Requirement
Your app handles financial or payment information or government identification numbers Your app must never publicly disclose any personal and sensitive user data related to financial or payment activities or any government identification numbers.
Your app handles non-public phonebook or contact information We don’t allow unauthorized publishing or disclosure of people’s non-public contacts.
Your app contains anti-virus or security functionality, such as anti-virus, anti-malware, or security-related features Your app must post a privacy policy that, together with any in-app disclosures, explain what user data your app collects and transmits, how it’s used, and the type of parties with whom it’s shared.
Your app targets children Your app must not include an SDK that is not approved for use in child-directed services. See Designing Apps for Children and Families for full policy language and requirements.
Your app collects or links persistent device identifiers (e.g., IMEI, IMSI, SIM Serial #, etc.)
Persistent device identifiers may not be linked to other personal and sensitive user data or resettable device identifiers except for the purposes of
Telephony linked to a SIM identity (e.g., wifi calling linked to a carrier account), and
Enterprise device management apps using device owner mode.
These uses must be prominently disclosed to users as specified in the User Data Policy.
Please consult this resource for alternative unique identifiers.
Please read the Ads policy for additional guidelines for Android Advertising ID.
Data safety section
All developers must complete a clear and accurate Data safety section for every app detailing collection, use, and sharing of user data. The developer is responsible for the accuracy of the label and keeping this information up-to-date. Where relevant, the section must be consistent with the disclosures made in the app’s privacy policy.
Please refer to this article for additional information on completing the Data safety section.
Privacy Policy
All apps must post a privacy policy in both the designated field in Play Console and within the app itself. The privacy policy must, together with any in-app disclosures, comprehensively disclose how your app accesses, collects, uses, and shares user data, not limited by the data disclosed in the Data Safety section. This must include:
developer information and a privacy point of contact or a mechanism to submit inquiries
disclosing the types of personal and sensitive user data your app accesses, collects, uses, and shares; and any parties with which any personal or sensitive user data is shared
secure data handling procedures for personal and sensitive user data
the developer’s data retention and deletion policy
clear labeling as a privacy policy (e.g., listed as “privacy policy” in title)
The entity (e.g., developer, company) named in the app’s Google Play listing must appear in the privacy policy or the app must be named in the privacy policy. Apps that do not access any personal and sensitive user data must still submit a privacy policy.
Please make sure your privacy policy is available on an active URL (no PDFs) and is non-editable.
Usage of App Set ID
Android will introduce a new ID to support essential use cases such as analytics and fraud prevention. Terms for the use of this ID are below.
Usage: App set ID must not be used for ads personalization and ads measurement.
Association with personally-identifiable information or other identifiers: App set ID may not be connected to any Android identifiers (e.g., AAID) or any personal and sensitive data for advertising purposes.
Transparency and consent: The collection and use of the app set ID and commitment to these terms must be disclosed to users in a legally adequate privacy notification, including your privacy policy. You must obtain users’ legally valid consent where required. To learn more about our privacy standards, please review our User Data policy.
EU-U.S., Swiss Privacy Shield
If you access, use, or process personal information made available by Google that directly or indirectly identifies an individual and that originated in the European Union or Switzerland (“EU Personal Information”), then you must:
Comply with all applicable privacy, data security, and data protection laws, directives, regulations, and rules;
Access, use or process EU Personal Information only for purposes that are consistent with the consent obtained from the individual to whom the EU Personal Information relates;
Implement appropriate organizational and technical measures to protect EU Personal Information against loss, misuse, and unauthorized or unlawful access, disclosure, alteration and destruction; and
Provide the same level of protection as is required by the Privacy Shield Principles.
You must monitor your compliance with these conditions on a regular basis. If, at any time, you cannot meet these conditions (or if there is a significant risk that you will not be able to meet them), you must immediately notify us by email to data-protection-office@google.com and immediately either stop processing EU Personal Information or take reasonable and appropriate steps to restore an adequate level of protection.
As of July 16, 2020, Google no longer relies on the EU-U.S. Privacy Shield to transfer personal data that originated in the European Economic Area or the UK to the United States. (Learn More.) More information is set forth in Section 9 of the DDA.
Was this helpful?
Open in a new window
Rather than copying the text off the page, could you provide the link to the actual page? We can then the context of it.
I just kept it simple, I wrote mine up in Google Docs, published it to the web from Google Docs and then gave Google Play the link to the published doc which contained the following.
SurvEngCalcs Privacy Policy
With reference to the following applications available for purchase from the Google Play App Store:
- SurvEngCalc
- SurvEngTrav
- SurvEngLev
User Privacy
There are no permission requests from any of the above applications listed 1 to 3 whatsoever.
No user data from any of the above applications listed1 to 3 is collected or used whatsoever.
None of the above listed applications 1 to 3 can access the user’s device or disrupt network services in any way or form.
None of the above listed applications 1 to 3 can access other apps, make changes to the device settings, services or functions whatsoever.
All of the above listed applications 1 to 3 function as stated in their respective descriptions on the Google Play App Store.
Now i’m confused,online form or form in app?
It’s just an online document. You can use Google Docs to write it up and use Google Docs to publish it to the web. Once you’ve published it to the web you give Google Play the link to your published document. A copy of your document is automatically kept in Google drive,
Oh,i am zero knowledge on how to upload a text file and share it as a link.hi,robinson,would u mind give me some pointers,eg,which web site you use,how to use it.i am now short of budget to use appstudio online tools.all my cash is kept by my sister ,n she doesn’t wants me to overspent.anyway,my intention was to prolong my play store app,n doing so,do i need to purchase new appstudio subscription to upload this new link?btw,only a text file,am i right?
Or,nsb team,do you have any brilliant ideas to solve my problem,or any/others nsb user problem in play store such ‘new’ decision on data safety form?
Thanks,everyone,now done with data safety form,just search app content,go through the list ,leave the page,paste and save the link.you have to go through all your app.