I received a notification from the play store saying the following
Issue: Violation of Personal and Sensitive Information policy
We’ve identified that your app is using an SDK or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines.
If necessary, you can consult your SDK provider(s) for further information.
Next steps: Submit your app for another review
- Read through the Personal and Sensitive Information policy and make the appropriate changes to your app. Your app is using the Branch IO SDK, which is uploading users Installed Packages information to https://api.branch.io/v1/applist without a prominent disclosure. Prior to the collection and transmission, it must prominently highlight how the user data will be used, describe the type of data being collected and have the user provide affirmative consent for such use.
- Make sure your app is compliant with the User Data policy and all other Developer Program Policies. Additional enforcement could occur if there are further policy violations.
- Sign in to your Play Console and upload the modified, policy compliant APK. Make sure to increment the version number of the APK.
- Submit your app.
Branch isn’t a dependency I have added or one that I use as far as I’m aware but it’s part of the expo package. Can I remove branch or is there a way around this problem without disclosing that my app is uploading peoples data for some purpose that I didn’t instigate?