Google Play Data Safety Section Guide
Comprehensive guide for completing Google Play's Data Safety Section form when submitting apps integrating Singular SDK, covering data collection, security practices, and sharing disclosures.
Legal Disclaimer: Guidelines on this page do not constitute legal advice. Consult with your legal and privacy teams for guidance on compliance with Google Play requirements and applicable privacy laws.
Since April 2022, Google Play requires app developers to disclose data safety and privacy practices in app store listings, helping users understand how apps collect and share user data before downloading.
This guide helps you accurately complete Data Safety Section form for Singular-integrated apps, ensuring compliance with Google Play transparency requirements.
| Target Audience | Android Developers, Product Managers, Legal/Compliance Teams |
| Prerequisites |
|
| Deadline | Required for all new apps and app updates since July 20, 2022 |
Google Play Requirements
Background and Context
Google updated app submission process to provide users transparency about app data practices before download, requiring developers to disclose data collection and usage through Data Safety Section visible on app product pages.
User Transparency Initiative
Google's Data Safety Section enables users to learn about app's privacy practices before downloading, including:
- Data Types Collected: What information app gathers from users
- Data Usage Purposes: How collected data is utilized
- Data Sharing: Whether data is shared with third parties
- Security Practices: Data encryption and deletion options
Developer Responsibilities
When submitting new app or app update, you must complete Data Safety Section form covering:
- Your app's data collection and privacy practices
- Third-party vendor practices (including Singular SDK)
- All integrated SDKs and analytics tools
- Data security and deletion procedures
Compliance Requirement: Data Safety information must follow Google Play Store app guidelines and all applicable laws. Apps without approved Data Safety Section will be rejected.
Implementation Timeline
- October 2021: Data Safety form became available in Google Play Console
- April 2022: Data Safety Section became visible to all Google Play users
- July 20, 2022: Mandatory for all new apps and app updates
Non-Compliance Consequences
Apps failing to complete Data Safety Section or with unresolved issues:
- New submissions rejected in Play Console
- App updates blocked from publication
- Potential removal of existing app from Google Play Store
- Additional enforcement actions by Google
Review Timeline: Google may take 1-2 weeks to review Data Safety submissions, potentially longer if issues identified. Plan submission timing accordingly.
Before You Begin
Preparation Checklist
Essential Preparation Steps:
- Update Singular SDK: Ensure using latest Singular SDK version for accurate data collection information
- Audit Your Configuration: Identify specific data types configured to send to Singular (custom events, revenue tracking, etc.)
- Review All SDKs: Document privacy practices of ALL integrated third-party SDKs, not only Singular
- Understand Your Implementation: Know which optional Singular features you've implemented
- Consult Legal Team: Involve legal/privacy team to ensure accurate interpretation and disclosure
- Review Partner Integrations: Understand how Singular shares data with configured partners (ad networks, BI tools)
Form Scope
Comprehensive Disclosure
Data Safety form covers ALL privacy-related data collections and uses, not only those applicable to Singular SDK. Must disclose practices of:
- Your first-party data collection
- Singular SDK data collection
- Other third-party SDKs (analytics, advertising, etc.)
- Backend services collecting user data
- WebViews and embedded content
Ongoing Accuracy Requirement: Responses must remain accurate and up-to-date. Update form in Google Play Console when privacy practices change. Updates can be made without submitting new app version.
Singular SDK Configuration
Configurable Data Collection
Singular SDK is highly configurable - data collection varies based on your implementation choices. Almost all data collected by Singular is optional and subject to developer choice, including providing opt-in or opt-out options for users.
Important Context: Data Safety disclosures should reflect YOUR specific Singular SDK implementation, not theoretical maximum data collection. Only disclose data types actually collected in your configuration.
Google Resources
Official Documentation
- Providing Information for Google Play's Data Safety Section - Complete Google guidance
- Data Collection and Sharing Best Practices - Android developer guidance
Data Collection and Security
First section of Data Safety form asks about data collection practices and security measures implemented in your app.
Data Collection Definition
What Constitutes "Collection"
Google defines "collection" as transmitting data off user's device. This includes:
- Data sent from app to remote servers
- Data collected through SDKs (like Singular)
- Data accessed through WebViews
- Ephemeral data (with exceptions noted below)
Data NOT Requiring Disclosure
Collection Exceptions
Following data collection scenarios do NOT need disclosure:
| Exception Type | Description |
|---|---|
| On-Device Processing | Data accessed and processed entirely on device without transmission off device |
| End-to-End Encryption | Data encrypted end-to-end and not readable by any intermediary entity, including developer |
| Ephemeral Data (Qualified) | Data stored only in memory, retained no longer than necessary to service request in real-time, and not persisted |
Singular SDK Context: Data processed by Singular is NOT considered ephemeral. Singular collects and retains data for attribution and analytics purposes, requiring disclosure in Data Safety form.
Security Practices Questions
Required Security Disclosures
If you select "Yes" to collecting data, you must confirm following security practices:
| Security Question | Singular SDK Answer |
|---|---|
| Is all user data encrypted in transit? |
✅ YES
All data transmitted to Singular is encrypted in transit using industry-standard HTTPS/TLS encryption. |
| Do you provide a way for users to request data deletion? |
✅ YES
User data can be requested for deletion via Singular's GDPR API. Developers should implement user-facing mechanism to facilitate deletion requests. |
Implementation Note: While Singular provides GDPR API for data deletion, you should implement user-facing option in your app (e.g., account settings) allowing users to request data deletion easily.
Data Types Collected by Singular
Comprehensive reference of data types and Singular SDK's default collection behavior for completing Google Play Data Safety form.
Data Collection Reference Table
Default Singular SDK Behavior
Following table describes default data collection behavior of Singular SDK. Reference this when completing form, noting that almost all data collected by Singular is optional and subject to developer configuration.
| Category | Data Type | Collected by Singular | Details and Context |
|---|---|---|---|
| Location | Approximate location | No |
Singular SDK does not collect location data (coarse or precise).
IP Address Note: While Singular collects IP address for fraud prevention, this is classified under "Device or other IDs" category, not Location, per Google's definitions. |
| Precise location | No | Singular SDK does not collect GPS coordinates or precise location. | |
| Personal info | Name | No | Singular SDK does not collect user names. |
| Email address | No | Singular SDK does not collect email addresses. | |
| User IDs | No | Singular SDK does not collect personal user IDs in this category. Device IDs are reported under "Device or other IDs" category. | |
| Address | No | Singular SDK does not collect physical addresses. | |
| Phone number | No | Singular SDK does not collect phone numbers. | |
| Race and ethnicity | No | Singular SDK does not collect demographic information. | |
| Political or religious beliefs | No | Singular SDK does not collect personal beliefs. | |
| Sexual orientation | No | Singular SDK does not collect orientation data. | |
| Other info | No | Singular SDK does not collect other personal information. | |
| Financial info | User payment info | No | Singular SDK does not collect payment methods, credit card numbers, or financial account information. |
| Purchase history | Optional |
You may decide to use Singular to measure some or all purchase
events.
Form Answer: Select "Yes" only if you've implemented revenue tracking using Singular SDK. Note this tracks purchase amounts/frequency, not payment details. |
|
| Credit score | No | Singular SDK does not collect credit scores. | |
| Other financial info | No | Singular SDK does not collect other financial information. | |
| Health and fitness | Health info | No | Singular SDK does not collect health data. |
| Fitness info | No | Singular SDK does not collect fitness data. | |
| Messages | Emails | No | Singular SDK does not collect email content. |
| SMS or MMS | No | Singular SDK does not collect SMS/MMS messages. | |
| Other in-app messages | No | Singular SDK does not collect in-app message content. | |
| Photos and videos | Photos | No | Singular SDK does not collect photos. |
| Videos | No | Singular SDK does not collect videos. | |
| Audio files | Voice or sound recordings | No | Singular SDK does not collect audio recordings. |
| Music files | No | Singular SDK does not collect music files. | |
| Other audio files | No | Singular SDK does not collect other audio content. | |
| Files and docs | Files and docs | No | Singular SDK does not access files or documents. |
| Calendar | Calendar events | No | Singular SDK does not access calendar data. |
| Contacts | Contacts | No | Singular SDK does not access user's contacts. |
| App activity | App interactions | Yes |
By default, Singular SDK measures app opens and sessions.
Always Required: Select "Yes" for this data type. Session tracking is core Singular SDK functionality. |
| In-app search history | Optional |
You may decide to use Singular to measure search queries
as custom events.
Form Answer: Select "Yes" only if you explicitly send search queries to Singular via custom events. |
|
| Installed apps | No | Singular SDK does not collect list of installed apps. | |
| Other user-generated content | Optional |
You may decide to send user-generated content data to Singular
as custom
events.
Form Answer: Select "Yes" only if you send user-generated content (reviews, posts, etc.) to Singular. |
|
| Other actions | Optional |
You may decide to measure other user actions as custom Singular
events
(level completions, feature usage, etc.).
Form Answer: Select "Yes" if you track custom in-app events beyond basic sessions. |
|
| Web browsing | Web browsing history | No | Singular SDK does not track web browsing history. |
| App info and performance | Crash logs | No | Singular SDK does not collect crash data. |
| Diagnostics | No | Singular SDK does not collect diagnostic data. | |
| Other app performance data | No | Singular SDK does not collect performance metrics. | |
| Device or other IDs | Device or other IDs | Yes |
Singular collects device identifiers when permission granted:
Always Required: Select "Yes" for this data type. Device identifiers essential for Singular attribution functionality. |
Data Sharing
Critical section of Data Safety form requires disclosing whether and how user data is shared with third parties.
Data Sharing Definition
What Constitutes "Sharing"
Google defines data sharing as user data collected from your app transferred to third party, including:
- Off-Device Server-to-Server: Data transferred between servers
- On-Device Transfer: Data passed from app to another app on device
- App Libraries and SDKs: Data collected by third-party SDKs
- WebViews: Data accessed through WebViews opened through your app
Sharing Exclusions
Data Sharing NOT Requiring Disclosure
Following data sharing scenarios do NOT need disclosure:
| Exclusion Type | Description |
|---|---|
| Service Provider | Data transferred to service provider that processes user data on behalf of developer based on developer's instructions and under contract |
| Legal Purposes | Data disclosure required by law, regulation, or legal process |
| User-Initiated Action | Transfer initiated by user with prominent disclosure and explicit consent |
| Anonymized Data | Data anonymized such that it cannot be tied back to individual user |
Singular and Data Sharing
Understanding Singular's Role
Important Context: Singular functions as "service provider" processing data on your behalf. However, since Singular enables sharing data with third parties (ad networks, BI tools) based on your configured partner integrations, data sharing disclosure depends on your Singular platform configuration.
Service Provider Definition
Singular provides services as "service provider" that:
- Processes data on your behalf per your instructions
- Operates under contractual terms with data processing obligations
- Does not use data for Singular's own purposes
Impact on Disclosure
Pure service provider relationship may not require "sharing" disclosure. However, Singular's platform enables data sharing with:
- Ad Networks: Attribution data shared via postbacks for campaign optimization
- BI Tools: Event data forwarded to internal BI systems via BI postbacks
- Partner Integrations: Data shared based on configured partner connections
Consult Integration Team: Review configured partner integrations in Singular platform with team managing these integrations. Disclosure depends on which partners you've enabled and what data you're sharing.
Questions to Ask
To determine correct data sharing disclosure:
- Review Partner Postbacks: Which ad networks receive attribution data via Singular postbacks?
- Check BI Integrations: Do you forward event data to internal BI tools?
- Audit Data Exports: Do you export Singular data to other systems?
- Assess Custom Integrations: Any custom data sharing configurations in Singular platform?
Disclosure Decision Tree
| Scenario | Disclosure Requirement |
|---|---|
| Only Use Singular for Attribution (No Partner Integrations) | May NOT require "sharing" disclosure (service provider relationship) |
| Send Postbacks to Ad Networks | LIKELY requires "sharing" disclosure (data shared with third parties) |
| Forward Data to BI Tools | DEPENDS on BI tool relationship (internal vs third-party) |
| Export Data to Other Systems | LIKELY requires "sharing" disclosure (depends on recipient) |
Legal Consultation Required: Data sharing determination complex and fact-specific. Consult legal team to assess your specific Singular configuration and determine appropriate disclosure.
Quick Reference Summary
At-a-glance summary of Singular SDK data practices for Google Play Data Safety form.
Data Types - Quick Checklist
| Data Category | Select in Form |
|---|---|
| Location | ❌ No |
| Personal Info | ❌ No |
| Financial Info - Payment Info | ❌ No |
| Financial Info - Purchase History | ⚠️ If revenue tracking implemented |
| Health and Fitness | ❌ No |
| Messages | ❌ No |
| Photos and Videos | ❌ No |
| Audio Files | ❌ No |
| Files and Docs | ❌ No |
| Calendar | ❌ No |
| Contacts | ❌ No |
| App Activity - App Interactions | ✅ Yes (always) |
| App Activity - In-app Search | ⚠️ If implemented |
| App Activity - Other Actions | ⚠️ If custom events implemented |
| Web Browsing | ❌ No |
| App Info and Performance | ❌ No |
| Device or Other IDs | ✅ Yes (always) |
Security Practices - Quick Answers
| Security Question | Answer |
|---|---|
| All user data encrypted in transit? | ✅ YES |
| Provide way for users to request data deletion? | ✅ YES (via GDPR API) |
Data Sharing - Key Decision
Data Sharing Disclosure: Depends on Your Configuration
- Review configured partner integrations in Singular platform
- Consult team managing Singular partner connections
- Seek legal counsel for sharing determination
Additional Resources
Complete documentation for Google Play requirements and Singular SDK implementation.
Google Documentation
- Providing Information for Google Play's Data Safety Section - Official Google guidance
- User Data Policy - Google Play user data requirements
- Data Collection and Sharing Best Practices - Android developer guidance
Singular Documentation
- Getting Started with Singular SDK - Complete SDK integration guide
- GDPR API Reference - Data deletion API documentation
Support
Getting Help
For questions about Singular SDK data practices or assistance with Data Safety form, contact Singular Support or your Customer Success Manager.
Final Reminder: This guide provides technical information about Singular SDK data collection but does not constitute legal advice. Consult your legal and privacy teams for guidance specific to your app, configuration, and jurisdiction.