Branch IO Dependency - Issue: Violation of Personal and Sensitive Information policy on Play Store

I received a notification from the play store saying the following

Issue: Violation of Personal and Sensitive Information policy

We’ve identified that your app is using an SDK or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines.

If necessary, you can consult your SDK provider(s) for further information.

Next steps: Submit your app for another review

  1. Read through the Personal and Sensitive Information policy and make the appropriate changes to your app. Your app is using the Branch IO SDK, which is uploading users Installed Packages information to https://api.branch.io/v1/applist without a prominent disclosure. Prior to the collection and transmission, it must prominently highlight how the user data will be used, describe the type of data being collected and have the user provide affirmative consent for such use.
  2. Make sure your app is compliant with the User Data policy and all other Developer Program Policies. Additional enforcement could occur if there are further policy violations.
  3. Sign in to your Play Console and upload the modified, policy compliant APK. Make sure to increment the version number of the APK.
  4. Submit your app.

Branch isn’t a dependency I have added or one that I use as far as I’m aware but it’s part of the expo package. Can I remove branch or is there a way around this problem without disclosing that my app is uploading peoples data for some purpose that I didn’t instigate?

Hey @alex17,

Take a look at this thread:

It always helps to do a quick search for your issue on the forums to see if other threads exist already that can provide helpful information and or answers.

Cheers,
Adam

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.