Google Play Store data deletion policy
On April 5, 2023, Google Play declared that apps that are on the Play Store must have a “readily discoverable option” for users to delete their accounts and data.
As a consumer, there’s a good chance you’ve faced the following situation:
Google Play’s new policy makes sure that you never have to go through that harrowing set of steps again. Any app that requires its users to create an account must ensure that a user does not have to redownload the app to delete their account.
To make it even easier for users to delete accounts, Google is also making sure that apps provide a web link in their Data safety form to make sure that users can easily delete their accounts even after deleting the app.
3 steps for your business to comply with the data deletion policy
If your business has an app on the Google Play Store, there are a couple of things on the horizon to introduce into your app mechanism.
1. Take a look at your app database
Enable your database to facilitate easy account deletion, so that any mechanisms you introduce on the front end to ease the process of deleting an account are equally seamless on the backend.
2. Update your front-end processes
The new policy states that when a user deletes an app, you must also provide an option to delete their account at the same time. On top of this, you must include a link to a webpage that facilitates their account deletion.
3. Introduce new data workflows and optimize
After looking at your backend and frontend and identifying the updates that you need to make to enable easy account deletion, set these new processes and workflows in place across your data systems.
These processes always involve the balance of maintaining data integrity while facilitating quick deletion. Make sure to review their effectiveness regularly and optimize when the opportunity presents itself.
Having an interface that can handle data subject access requests (DSAR) on the front-end and backend will ensure that customers have an easy method to get rid of their data.
Google Play Store data collection and usage disclosures
All developers on the Google Play store are required to declare how they collect and handle user data for apps they publish on the platform. They‘re also required to provide details about how they protect their data (specifically on their security practices, encryption, masking, etc.).
A new form in the Data Safety section of Google Play’s ‘App Content’ page needs to be filled out by developers that have an app published on Google Play; this includes apps that are on internal, closed, open, or production testing tracks.
Even for apps that do not collect any user data, developers still need to complete this form and provide a link to their privacy policy. In such cases, the form and policy can indicate that there is no collection or sharing of user data.
Interested in learning more? Sign up for our webinar, Google Play Data Safety: What it Means for Your Android App.
10 steps for developers to navigate data collection and usage disclosures
Developers can follow the steps below to navigate the requirements with ease:
What’s on the horizon for Google Play Store apps?
The ‘Data Safety’ section is now readily available on the Google Play Store to all users.
All apps on the Google Play Store, including those that do not collect user data, will be required to complete an accurate Data Safety form that discloses their data collection and sharing practices. Any non-compliant apps may face additional enforcement actions, such as removal of the app listing from the Google Play Store. If there are no issues, the app will be approved, with no further action required from the developer. If there are issues, you will need to revert your Data Safety form’s status to “Draft” in Play Console to publish your app update.
The Google Play Store will also send the developer account owner an email, an Inbox message in Play Console, and show this information on the ‘Policy Status’ page.
Regarding the new data deletion policy, developers need to add more info about data deletion practices by December 7, 2023, to their Data Safety form. Google says that users will be able to see how apps handle account and data deletion by “early next year”, and developers can file for an extension to set up this mechanism until May 31, 2024.
How can OneTrust help?
Google data deletion policy
With the assistance of OneTrust Privacy Rights Automation, privacy teams can comply with Google’s latest data deletion policy with ease. As privacy laws continue to expand, it also lays the groundwork for more stringent data deletion obligations throughout the consumer journey.
To learn more about how OneTrust Privacy Rights Automation can help your organization, request a demo today.
Google Data Safety requirements
OneTrust Mobile App Consent gives Android developers a clear picture of exactly what data-tracking technologies are collecting from their app users.
Scan your app to identify privacy permissions, frameworks, and SDKs, and better understand third-party trackers on your app with a pre-categorized database. Use the scan report to fill out the Google Data Safety section form that is required for app owners.
Additionally, based on the scan, you can adjust your consent approach accordingly to demonstrate compliance and meet data requirements. With visual reports, the privacy health of your app will be easier to understand as well.
Ensure optimal user experience by leveraging OneTrust’s pre-built consent options or customize your own. Unique consent approaches will be displayed to users based on their location, along with syncing consent and preferences across multiple devices.
Finally, monitor your consent rates over time at a granular level, capturing who consented, when, and what message they received upon giving consent. Demonstrating compliance to regulatory bodies and auditors becomes much easier with a historical consent database that comes with receipts and analytics to show the progress of your app’s privacy journey.
Learn more about OneTrust’s Mobile App Consent Platform here.