Launched by Google in October 2021, the data safety section is a form that provides developers an easy way to help users understand the data collected by their app and showcase the app's key privacy and security practices. Starting its journey as an optional task in the app review process, Google plans to mandate developers fill out the form from July 2022.
Data safety form
The data safety form includes a declaration of each data type used by the app. Developers need to create an exhaustive list of all data points, categories, and the purpose of requesting the declared data in the app. Developers also need to report the data collected/stored by any 3rd party SDK present in the app.
The Data safety form is divided into three sections:
Data Collection and Security
Here, developers must declare their app's overall data collection and security practices. The section includes three simple questions for the developers to fill out.
In step 2, the developer needs to select all the data types collected, processed, or shared by the app with the backend or any 3rd party services. Additionally, they need to declare the purpose of every data type present in the app.
This section of the form needs to be filled out very carefully to avoid problems during Google's app review process. Below you can find the list of data types required to be disclosed in the data safety form, as provided by Google.
Data usage and handling
In this section, developers need to provide a thorough summary of how user data is collected and shared, along with the purpose of the data type.
This process must be completed for every data type declared in the previous form. Below is a list of purposes, their description, and an example provided by Google.
Challenges filling out the data safety form
As we've seen so far, there are a lot of details that a developer needs to declare in the data safety form to get their app approved by the Google Play Store.
On average, an app collects eight different data types to function. Filling out details for every data type takes up a lot of time and effort, and failure to fill it correctly can fail the app in the review process.
Suppose an app uses/integrates with 3rd party SDKs. In that case, it is the developer's responsibility to find out all the data types collected by that SDK and share that information in the data safety form. This makes it exponentially more time-consuming for developers to fill out the form if their app uses multiple 3rd party SDKs.
How to fill out the Play Store's data safety form quickly?
We have created a free tool to automatically generate Play Store Data Safety Report. It's a CLI tool that does a static scan of your android app's code to find data types collected, SDKs. We look at Android permissions, user forms to detect Android Data Type. For the third party, we find relevant SDKs, Libraries & API calls. Read more about our tool here.
Consumers are increasingly becoming more conscious of their data and how services use their data. With that in mind, evolving your workflow and maintaining a privacy-first approach while developing apps has become necessary.
Initiatives like the data safety form help build trust in the ecosystem.
Google's data safety section is becoming mandatory starting July 2022. All developers who want to continue publishing their apps and keep them updated must comply with Google policies.
Get started with data safety now!