Play Store Submission
Overview
This guide provides essential information for developers on how to adhere to the data safety protocols and practices laid out by Google for applications on the Play Store. It encompasses the key aspects of user data handling and disclosure that developers need to be aware of before publishing applications with the Credolab SDK embedded.
Data Safety
When submitting or updating an app on the Play Store, developers must ensure that their app complies with Google's Data Safety policies. These policies are designed to protect user data and maintain trust in the Google Play ecosystem.
As a developer, you are required to provide accurate and clear information about the data your app collects, how it is used, and how users' data is kept safe. This information is presented in the Play Store listing under the "Data Safety" section.
For a detailed understanding of how Credolab uses different data types and how to provide accurate information, refer to Data Safety Answers.
Prominent Disclosure and Consent
In accordance with Google Play Console best practices, it is essential to provide a prominent disclosure of your app's data collection and usage practices. This means clearly and transparently informing users about the types of data your application collects, how it is used, stored, and shared. Prominent disclosure should not be hidden in the midst of text, rather it should stand out so that users can easily notice and understand it.
Disclosure Sample
The following sample uses Core, Account, Application, Behavioral, Calendar, Contact, Audio, Images, and Video modules from our Android SDK:
<application's name>
collects data about your Contacts, Calendar, Registered Accounts which might include Social Accounts, Images, Video, Audio, and Installed Applications to better evaluate your loan application and calculate a more accurate credit score. The data is only accessed once and collected in the form of metadata.
Offer the user a choice: Accept or Decline
It is good practice to give users the option to either agree or disagree with the disclosure when it is presented.
As for example, two buttons maybe added into dialog popup:
- OK (Agree)
- Maybe Later (Decline)
Consent
Consent is equally important in this process. Users should be given the choice to agree or disagree with your data practices. It is not enough to simply disclose your data practices; you must also obtain explicit user consent before collecting and using their data. This is typically done through a clear, easy-to-understand prompt that requires users to actively opt-in, usually by checking a box or clicking a button that indicates their agreement. Remember, the objective is to give users control over their personal information and ensure they understand how it is being used.
Consent Sample
☑️ I consent to the collection, use, processing, and disclosure of my personal metadata to CredoLab only for the purpose of credit scoring.
Privacy Policy
Your app's listing on the Google Play Store must include a link to your privacy policy. This policy should thoroughly explain the types of data your app collects, how this data is used, and how it's shared with any third parties. This is a critical aspect of maintaining transparency and trust with your users.
Your privacy policy link should be added in the "Privacy Policy" field under the "Store Listing" tab in the Google Play Console. The link should direct users to a webpage where your privacy policy is hosted.
Please note that this link should remain active and accessible online to ensure users can always access privacy policy.
To learn more about our privacy practices and policies, please visit our Policy Center.
Query all packages permission
As of Android 11, Google has introduced new changes to package visibility on Android devices. The QUERY_ALL_PACKAGES
permission is sensitive and should only be used when necessary.
If your app targets Android 11 (API level 30) or higher and Application Module for Android, you need to declare the
QUERY_ALL_PACKAGES
permission in your manifest file.
However, Google Play restricts the use of this permission to certain app categories. For more information on how to declare this permission and under what conditions you may use it, refer to Declaring Query All Packages permission.
Advertisement ID
Developers must not connect the Advertising ID with any personally identifiable information or with any persistent device identifier without explicit consent from the user.
Credolab doesn't use the Advertisement ID.
Updated over 1 year ago