Google Play Store is sending out warning emails to Android developers for apps that don't have a Privacy Policy URL added.
Warning of Google Play Developer policy violation: Action Required: Policy issue
If you received this email from Google, it means that your apps are violating Google Play Store guidelines when it comes to Privacy Policy agreements:
- Your Android app requests sensitive permissions and personal data from users
- Your Android app does not have a Privacy Policy
The deadline from Google is March 15, 2017.
Your app will be unlisted from the Google Play Store after this deadline if you don't take the required action to fix the violation.
The "Policy Issue" Email
Here's how the email sent by Google looks like (credits to TNW):
The email reads:
Hello Google Play Developer,
Our records show that your app, XXXX, with package name com.XXXX.XXXXXXXXXX, currently violates our User Data policy regarding Personal and Sensitive Information.
Policy issue: Google Play requires developers to provide a valid privacy policy when the app requests or handles sensitive user or device information. Your app requests sensitive permissions (e.g. camera, microphone, accounts, contacts, or phone) or user data, but does not include a valid privacy policy.
Action required: Include a link to a valid privacy policy on your app's Store Listing page and within your app. You can find more information in our help center.
Alternatively, you may opt-out of this requirement by removing any requests for sensitive permissions or user data.
If you have additional apps in your catalog, please make sure they are compliant with our Prominent Disclosure requirements.
Please resolve this issue by March 15, 2017, or administrative action will be taken to limit the visibility of your app, up to and including removal from the Play Store. Thanks for helping us provide a clear and transparent experience for Google Play users.
Regards,
The Google Play Team
A Privacy Policy can fix the "Policy Issue" violation
The required action, as suggested by Google, is to either provide a link to your Privacy Policy or stop asking for sensitive permissions from users.
If you don't need the sensitive permissions that your app currently asks from users, update your app's manifest group to stop asking for those permissions.
Examples of sensitive permissions apps can request include:
- android.permission.CAMERA
- android.permission.RECORD_AUDIO
- android.permission.READ_PHONE_STATE
- android.permission.GET_ACCOUNTS
- android.permission.READ_CONTACTS
If your app needs those sensitive permissions, you need to provide a Privacy Policy URL on your listing page:
This URL will be made available on the listing page of your app:
As along as your app needs access to sensitive data (camera, contacts etc.) and your app doesn't have a Privacy Policy to inform users of this collection, you are in violation of Google Play Store guidelines.
The Google Play Developer distribution agreement informs you that you're required to have "privacy procedures and notices in place".
You agree that if you use the Store to distribute Products, you will protect the privacy and legal rights of users. If the users provide you with, or your Product accesses or uses, user names, passwords, or other login information or personal information, you must make the users aware that the information will be available to your Product, and you must provide a legally adequate privacy notice and protection for those users.
You need a Privacy Policy URL submitted on your app profile page in order to fix the current policy violation, but you may also need to make the Privacy Policy available from within your app screens.
How to add Privacy Policy URL on listing page
Download the instructions on how to add a Privacy Policy URL to a Google Play Store listing
You can add a Privacy Policy to your Android app profile page by following these steps:
- Log into your Google Play Developer Console. If you don't have an account, create one first.
- Select All Applications
- Select the application
- Click Store Listing
- Use the Privacy Policy Generator to create a Privacy Policy for your app.
- Copy the public URL that our Privacy Policy Generator will create for you.You can also host the agreement on your website. In this case, download the agreement in HTML format and upload it on your website and then simply copy the URL from your website.
- Paste the public URL at the Privacy Policy field:
- Click Save
How to add Privacy Policy within app
You can also make your Privacy Policy accessible within your app screens: Settings or About screens, Welcome, Login or Sign-up screens.
Make the agreement available anywhere users can easily access it. Do not hide the Privacy Policy URL.
Here are some examples of apps from Google Play Store and how they integrated this into their apps.
Flipboard links to its Privacy Policy agreement and its Terms of Use agreement from its Android app screens:
Dropbox Carousel
Dropbox Carousel app loads the Privacy Policy of Dropbox directly in the app, from the "Settings" screens. From there, the user goes to the "Legal & Privacy" screen and then to the "Privacy Policy" link:
A dialog window allows the user to choose what agreement to read: the Terms of Service, the Privacy Policy or the Open Source Attributions:
Dropbox's Privacy Policy agreement is loaded:
Comprehensive compliance starts with a Privacy Policy.
Comply with the law with our agreements, policies, and consent banners. Everything is included.