[URGENT] Got warning from google playstore : Data safety section in Google Play User Data policy: Invalid Data safety form

Please provide the following:

  1. SDK Version:45
  2. Platforms(Android/iOS/web/all): android
    3 SDK 45, Google Playstore

hey guys, recently our app received a warning from google “Data safety section in Google Play User Data policy: Invalid Data safety form” weve call the google team and they say our app SDK has sent off personal info data, while we’re sure were not collecting any personal info data such as (name, address, phone, ids) automatically from the device, i wanted to ask you if the expo SDK has collected any personal information data that might be related? and if so what type of personal info so we can define it in the google safety data form.

note that we use device_id from expo, does it cause the problem?

I’m facing this, as well, with our latest release (from March 2022, which did not use EAS and used SDK… 44 or 45, I can’t remember).

My assumption here is that some package bundled into Expo was detected by them as having the potential to send information. I’m assuming that an EAS release would resolve this, since it wouldn’t use that package anymore. However, they want this resolved by Dec 3 and I don’t know if I can have anything ready by then.

So in the meantime, I want to make my data safety form comply with whatever they’re detecting.

We found an issue in the following area(s):

SPLIT_BUNDLE 83: Policy Declaration - Data Safety Section: Device Or Other IDs Data Type - Device Or Other IDs (some common examples may include Advertising ID, Android ID, IMEI, BSSID, MAC address)

About the Data safety section in Google Play User Data policy

Your app must be in compliance with this policy. If your app continues to be non-compliant after August 22, 2022, your app updates will be rejected and your app may face additional enforcement actions in the future.

Please make changes to align your app’s Data safety form with the app’s behavior. This can be done by either:

Updating your form in Play Console to declare collection of Data Types noted below; or
Removing unwanted functionality and attributable code that collects this user data from your app or libraries used in your app, and when applicable to deactivate all non-compliant APKs.
To deactivate non-compliant APKS, you can create a new release and upload a compliant APK to each track containing the non-compliant APKs.
Be sure to increment the APK version code. If using staged rollout, be sure to set the release to 100% rollout.

Solution for me was to churn out a new release using EAS. That got rid of my old APK that they found problematic.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.