Google Play Store Publish Considerations

In order to be able to provide precise attribution statistics for your applications, our SDK needs to identify each user individually and collect some device identifiers such as Google Advertising ID, Android ID, ....

In addition, based on the Google Official documentation, Google Play wants to inform users about how each application collects and shares users' data.  Developers are required to tell Google Play about their apps' privacy and security practices by completing a form in Play Console and publishing a link to a privacy policy, even if they don’t collect any of the data types specified by Google.

Although collecting these identifiers won't add any sensitive permissions to your application, Google Play Store may issue some warnings regarding collection of a few of them. So, if you intend to publish your application on this store,consider the following items:

  1. Disable collection of sensitive data
  2. State the usage of our SDK in your privacy policy and provide a reference to our privacy policy page
  3. Fill Google data safety form in Google Play console

Disable collection of sensitive data

By adding the following application meta-data in your AndroidManifest.xml file, you van prevent facing some warnings.

<manifest>

  ...

  <application>

    ...

    <!-- Add these lines -->
    <meta-data
        android:name="metrix_deviceId_collection_enabled"
        android:value="false" />

  </application>
</manifest>

Provide a reference to our Privacy Policy page

Also, you need to state the usage of our SDK in your Privacy Policy and provide a reference to our Privacy Policy Page.

There is a sample of a privacy policy providing Metrix SDK reference below:

Privacy Policy

Sample-Organization built the Sample-App app as a Free app. This SERVICE is provided by Sample-Organization at no cost and is intended for use as is.

This page is used to inform visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service.

If you choose to use our Service, then you agree to the collection and use of information in relation to this policy. The Personal Information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy.

The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, which are accessible at Sample-App unless otherwise defined in this Privacy Policy.

Information Collection and Use

The app does use third-party services that may collect information used to identify you.

Link to the privacy policy of third-party service providers used by the app:

Service Providers

We may employ third-party companies and individuals due to the following reasons:

  • To facilitate our Service;
  • To provide the Service on our behalf;
  • To perform Service-related services; or
  • To assist us in analyzing how our Service is used.

We want to inform users of this Service that these third parties have access to their Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

Security

We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

Children’s Privacy

We do not knowingly collect personally identifiable information from children under 13 years of age. In the case we discover that a child under 13 has provided me with Personal Information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with Personal Information, please contact us so that we will be able to do the necessary actions.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page.

This policy is effective as of Some-Date

Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at Some-Email.

Google data safety form in Google Play console

This section provides all requirements and information about Metrix to assist you in answering the Google Data Safety Section Questionnaire.

Data collection

  In this section, you will be asked a few general yes/no questions:

  1. Does your app collect or share any of the required data types?
  2. Is all of the user data collected by your app encrypted in transit?
  3. Do you provide a way for users to request that their data be deleted?

  In order to provide installation attribution to advertising campaigns with the highest possible precision, our service needs to identify each user individually by collecting Google Advertising Id. Note that this collection does not require any sensitive permissions. Also, Metrix encrypts all data transmitted through the SDK and provides customers with the ability to delete specific end-user data. So with respect to your use of Metrix, the answer to the first two questions must be YES. The answer to the third question depends on your application and whether or not you provide a way for users to request data deletion. 

Google Play Store Publish Considerations Data collection

Data types

In this section, you will be asked to select the data types collected and respond to the following:

  1. whether or not the data is shared
  2. whether or not the data is processed ephemerally
  3. whether or not the data is required or end-users can opt-out
  4. The purpose of the collection

   As stated before, Metrix needs to collect Google Advertising Id. So, you must declare this collection in the Data Types section by checking Device or other IDs.

Google Play Store Publish Considerations Device ID

Data sharing

Data Sharing means the transfer of data to a third party (whether off or on the device) by the application itself or any of the used SDKs. Exceptions include the following: • Transfers to service providers that process the data on your behalf and per your instructions • Transfers required for legal purposes (for example, in response to a government request) • End-user action or based on a prominent in-app disclosure and consent • Anonymous data

By definition, Metrix does not share any end-user data with any third parties.

It is important to note that while Metrix acts solely as a service provider on your behalf and per your instructions, if you are sharing data with third-party networks (for example, through postbacks, SRN’s, and audiences) this would be deemed sharing. Therefore, you will need to assess your configurations and partner integrations and respond accordingly.

Ephemeral processing

Ephemeral processing refers to data processed in memory, only for the period of time needed to process a specific action in real-time and for no other purpose. Given the nature of the Metrix services, the data processed by Metrix on your behalf is not processed ephemerally.  

Purpose of collection

Metrix provides you with attribution and analytics services that are related to how users use your application. So, you must specify Analytics as the reason for the data collection.  

Conclusion

As far as the usage of Metrix SDK and services goes, the above specification is all you need to do in your application’s data safety form. It is important to note that considering your application’s data collection or other SDKs you may use in your application, the correct response to the questions may differ for your application. Therefore, you will need to assess your application and SDKs’ needs and functionalities and respond accordingly.