How-to: Google Play Store Violation "Policy Issue" 2017

How-to: Google Play Store Violation "Policy Issue" 2017

Google Play Store is sending out warning emails to Android developers for apps that don't have a Privacy Policy URL added.

Warning of Google Play Developer policy violation: Action Required: Policy issue

If you received this email from Google, it means that your apps are violating Google Play Store guidelines when it comes to Privacy Policy agreements:

  • Your Android app requests sensitive permissions and personal data from users
  • Your Android app does not have a Privacy Policy

The deadline from Google is March 15, 2017.

Your app will be unlisted from the Google Play Store after this deadline if you don't take the required action to fix the violation.

The "Policy Issue" Email

Here's how the email sent by Google looks like (credits to TNW):

2017 Email from Google Play Store on Policy Violation

The email reads:

Hello Google Play Developer,

Our records show that your app, XXXX, with package name com.XXXX.XXXXXXXXXX, currently violates our User Data policy regarding Personal and Sensitive Information.

Policy issue: Google Play requires developers to provide a valid privacy policy when the app requests or handles sensitive user or device information. Your app requests sensitive permissions (e.g. camera, microphone, accounts, contacts, or phone) or user data, but does not include a valid privacy policy.

Action required: Include a link to a valid privacy policy on your app's Store Listing page and within your app. You can find more information in our help center.

Alternatively, you may opt-out of this requirement by removing any requests for sensitive permissions or user data.

If you have additional apps in your catalog, please make sure they are compliant with our Prominent Disclosure requirements.

Please resolve this issue by March 15, 2017, or administrative action will be taken to limit the visibility of your app, up to and including removal from the Play Store. Thanks for helping us provide a clear and transparent experience for Google Play users.

Regards,
The Google Play Team

A Privacy Policy can fix the "Policy Issue" violation

The required action, as suggested by Google, is to either provide a link to your Privacy Policy or stop asking for sensitive permissions from users.

Logo of Google Play Store

If you don't need the sensitive permissions that your app currently asks from users, update your app's manifest group to stop asking for those permissions.

Examples of sensitive permissions apps can request include:

  • android.permission.CAMERA
  • android.permission.RECORD_AUDIO
  • android.permission.READ_PHONE_STATE
  • android.permission.GET_ACCOUNTS
  • android.permission.READ_CONTACTS

If your app needs those sensitive permissions, you need to provide a Privacy Policy URL on your listing page:

Google Developer Console: Privacy Policy URL

This URL will be made available on the listing page of your app:

Dropbox Android app on Play Store: Link to Privacy Policy

As along as your app needs access to sensitive data (camera, contacts etc.) and your app doesn't have a Privacy Policy to inform users of this collection, you are in violation of Google Play Store guidelines.

The Google Play Developer distribution agreement informs you that you're required to have "privacy procedures and notices in place".

You agree that if you use the Store to distribute Products, you will protect the privacy and legal rights of users. If the users provide you with, or your Product accesses or uses, user names, passwords, or other login information or personal information, you must make the users aware that the information will be available to your Product, and you must provide a legally adequate privacy notice and protection for those users.

You need a Privacy Policy URL submitted on your app profile page in order to fix the current policy violation, but you may also need to make the Privacy Policy available from within your app screens.

How to add Privacy Policy URL on listing page

Download the instructions on how to add a Privacy Policy URL to a Google Play Store listing

You can add a Privacy Policy to your Android app profile page by following these steps:

  1. Log into your Google Play Developer Console. If you don't have an account, create one first.
  2. Select All Applications
  3. Select the application
  4. Click Store Listing
  5. Use the Privacy Policy Generator to create a Privacy Policy for your app.
  6. Copy the public URL that our Privacy Policy Generator will create for you.You can also host the agreement on your website. In this case, download the agreement in HTML format and upload it on your website and then simply copy the URL from your website.

  7. TermsFeed Privacy Policy Generator creates Public URL

  8. Paste the public URL at the Privacy Policy field:
  9. Google Developer Console: Privacy Policy URL

  10. Click Save

How to add Privacy Policy within app

You can also make your Privacy Policy accessible within your app screens: Settings or About screens, Welcome, Login or Sign-up screens.

Make the agreement available anywhere users can easily access it. Do not hide the Privacy Policy URL.

Here are some examples of apps from Google Play Store and how they integrated this into their apps.

Flipboard

Flipboard links to its Privacy Policy agreement and its Terms of Use agreement from its Android app screens:

Flipboard, Android app: Highlight Privacy Policy Item

Dropbox Carousel

Dropbox Carousel app loads the Privacy Policy of Dropbox directly in the app, from the "Settings" screens. From there, the user goes to the "Legal & Privacy" screen and then to the "Privacy Policy" link:

Dropbox Carousel: Highlight Legal and Privacy Item on Settings

A dialog window allows the user to choose what agreement to read: the Terms of Service, the Privacy Policy or the Open Source Attributions:

Dialog Window of Legal & Privacy from Dropbox Carousel

Dropbox's Privacy Policy agreement is loaded:

Dropbox, Android App: Embed Privacy Policy Agreement

Sara P.

Sara P.

Law school graduate, B.A. in English/Writing. In-house writer.

This article is not a substitute for professional legal advice. This article does not create an attorney-client relationship, nor is it a solicitation to offer legal advice.