We received another notice about an app not complying with the data safety standards. After updating the Play Store data safety policy by using the csv export in SAB Build menu (Build > Export Data Safety to CSV) we are still getting a window that requires more input as shown here. The app does include User Accounts (Email and password). The CSV export is a huge help. However, I wonder if there could be a few more tweaks so we don’t have to enter more data?
For now this is optional, but come Dec. 2023 we’ll need to be able to answer these. However, unless I’m not understanding it, the way the question is worded does not allow us to answer it correctly. I know a user can delete their account, but, I presume that also deletes all their data, which does not fit the question as posed by the Play Store. Therefore, there is no way to answer this question correctly, right?
I could be wrong but I think that you could store user data in places that are not connected to a users account.
For example you could store their email addresses in a separate location to be used by your marketing department. And if they deleted their account it does not necessarily mean that their email address would get deleted.
So deleting their account would only delete that information that is directly linked to the account. You sometimes see this on old forums on the internet. A user deletes their account so their username, picture, etc. is removed. But the posts they created or replied to are not.
It appears Google would like you have a link where people can request account deletion and a statement about what you are actually doing to delete and what you will not be deleting and if so how long will you keep things.
So, at the moment the only way around this is to disable the user account option and answer the Play Store issue with a “no” we don’t collect a User Name & Password.
I think it is ok to say “no” to the question about “Do you provide …” This is an optional service, but they are definitely suggesting what they would like people to do. It could be a requirement in the future?
I’m not exactly sure how to submit this either. I downloaded the latest version of SAB (11.0.4) and exported the Data Safety CSV after building the latest version of the app. After the import, it brought me here:
I manually clicked “My app does not allow users to create an account,” as I have never used that option and don’t intend to yet. Still, it has the question below about providing users a way to request that their data be deleted. Since I don’t actually know whether data can be deleted, I left those blank and just moved forward, and this was the summary:
What I am confused about is whether data deletion is possible for those apps which don’t allow account creation – or even whether the Play Store will care about data deletion if the app doesn’t allow account creation.
Based on the Release Notes, it looks like version 11.0.3 added a Data Deletion URL, but the option of data deletion seems to necessitate the possibility of having an account:
Added Data Deletion URL for User Accounts data. See User Accounts > Data Deletion.
The app clearly collects some data, but not associated with an account. I guess the main question is, If my app doesn’t allow users to create an account, does it still allow data deletion, and does it need to?
One of my other apps seems to be okay. The Play Store isn’t requiring anything of me, even while the Data Safety declaration looks like this:
Just another follow-up, for those who DO NOT allow users to create an account, Google sent out another update that is trying to be clearer in stating that we can disregard the call to complete the account deletion section:
