Submitting the Google Play Data Safety Section Form

Starting April, 2022, data safety and privacy practices information will be shown in Google Play app store listings to help users understand how apps collect and share user data.

This guide will help you to submit information about your Singular-integrated app.

For more information, see Google's article on providing information for Google Play's data safety section.

 

Background: Why is This Required?

Google has updated the app submission process so that end-users can learn about each app's privacy practices before they decide whether to download it. Privacy information includes any types of data the app may collect and whether that data is used to track the user.

When you submit a new app or an app update, you will be required to fill a Google Play data safety section form questionnaire related to your app's data and privacy practices - including the practices of any third-party vendors whose code is integrated into your app, such as Singular.

Important: Guidelines on this page do not constitute legal advice you may need your legal and privacy teams to provide.

Before You Begin

Keep the following in mind:

  • Singular and the Singular SDK are configurable in terms of the data you send us and how we use it. Make sure you're using Singular's latest SDK version, and identify the types of data that you've configured Singular to receive before answering the questionnaire.
  • The form covers all privacy-related data collections and uses, not only the ones applicable to the Singular SDK.
  • Your app’s privacy practices must follow the Google Play Store app guidelines and all applicable laws.
  • Going forward, if you make changes to the data you collect, you will have to update your responses in Google Play accordingly.

Completing the Form

Data Collection and Security

You will be asked if your app collects or shares any of the required user data types. “Collection” is defined as transmitting data off of the user’s device.  This includes SDKs, webviews, and ephemeral data.  Ephemeral data does not need to be disclosed if it is only stored in memory and retained for no longer than necessary to service the request in real-time.

Data collection that does not need to be disclosed, is data used for:

  • On-device access/process
  • End-to-end encrypted data that is not readable by any intermediary entity, including the developer

If you select yes, you will be asked to confirm the following.

  • Whether or not all of the user data collected by your app is encrypted in transit
  • Whether or not you provide a way for users to request that their data is deleted

As it relates to the data collected by Singular:

  • All data is encrypted in transit
  • User’s data can be requested to be deleted via Singular’s GDPR API.
  • Data processed by Singular is not considered ephemeral.

Data Types

In the next sections, you will need to select all of the user data types collected or shared by your app.

For each data type collected you will need to answer:

  • If the data is shared
  • How the data is handled, ie. optional or required

The following table describes the default data collection behavior of the Singular SDK which you can reference when compiling your answers. Note that almost all data collected by Singular is optional, and subject to app developers choice, including providing opt-in or opt-out options for users.

Category Data Type Is it collected by Singular? Additional Comments
Location Approximate location No  
Precise location No  
Personal info Name No  
Email address No  
User IDs No  
Address No  
Phone number No  
Race and ethnicity No  
Political or religious beliefs No  
Sexual orientation No  
Other info No  
Financial info User payment info No  
Purchase history Optional You may decide to use Singular to measure some or all purchase events.
Credit score No  
Other financial info No  
Health and fitness Health info No  
Fitness info No  
Messages Emails No  
SMS or MMS No  
Other in-app messages No  
Photos and videos Photos No  
Vidoes No  
Audio files Voice or sound records No  
Music files No  
Other audio files No  
Files and docs Files and docs No  
Calendar Calendar events No  
Contacts Contacts No  
App activity App interactions Yes By default, the Singular SDK measures app opens.
In-app search history Optional You may decide to use Singular to measure this data type.
Installed apps No  
Other user-generated content Optional You may decide to use Singular to measure this data type.
Other actions Optional You may decide to use Singular to measure this data type.
Web browsing Web browsing history No  
App info and performance Crash logs No  
Diagnostics No  
Other app performance data No  
Device or other IDs Device or other IDs Yes Google Advertising ID and App Set ID are collected when permission is granted

Data Sharing

Data sharing is defined as user data collected from your app to a third party, including:

  • Off-device server-to-server transfers
  • On-device transfer to another app
  • From app libraries and SDKs
  • From webviews opened through your app

Data sharing excludes:

  • Data transferred to a “service provider” that processes user data on behalf of the developer based on the developer’s instructions
  • Legal purposes
  • User-initiated action or prominent disclosure and user consent
  • Anonymized data

As it relates to the data shared with Singular, Singular provides services as a “service provider”.  However as Singular provides services to share data with other third parties (ad networks, third party BI tools), data could be shared based on the configured partner integrations within Singular’s platform. The app developer should consult the team managing these Singular integrations.