Google Play Store data requirements (and how to handle them)

The latest updates on Google Play Store app requirements, as well as how OneTrust Mobile App Consent can help your organization stay compliant

Ashlea Cartee
Consent & Preferences Offering Manager, OneTrust
May 31, 2023

Woman using a banking app on her mobile phone.

Google Play Store data deletion policy

On April 5, 2023, Google Play declared that apps that are on the Play Store must have a “readily discoverable option” for users to delete their accounts and data.  

As a consumer, there’s a good chance you’ve faced the following situation:

  1. You’ve deleted an app that you decided you no longer need
  2. After deleting you realize that you’ve already created an account with that app
  3. With a feeling of mild annoyance, you go back and download the app again
  4. You navigate through the app, trying to find the option to delete your account
  5. The option to delete isn’t readily available, and you have to Google how to delete your account on that app (your annoyance is growing at this point)
  6. You finally figure out how to delete your account and you go in and get rid of it for good

Google Play’s new policy makes sure that you never have to go through that harrowing set of steps again. Any app that requires its users to create an account must ensure that a user does not have to redownload the app to delete their account. 

To make it even easier for users to delete accounts, Google is also making sure that apps provide a web link in their Data safety form to make sure that users can easily delete their accounts even after deleting the app.


3 steps for your business to comply with the data deletion policy

If your business has an app on the Google Play Store, there are a couple of things on the horizon to introduce into your app mechanism. 


1. Take a look at your app database

Enable your database to facilitate easy account deletion, so that any mechanisms you introduce on the front end to ease the process of deleting an account are equally seamless on the backend.


2. Update your front-end processes

The new policy states that when a user deletes an app, you must also provide an option to delete their account at the same time. On top of this, you must include a link to a webpage that facilitates their account deletion. 


3. Introduce new data workflows and optimize

After looking at your backend and frontend and identifying the updates that you need to make to enable easy account deletion, set these new processes and workflows in place across your data systems. 

These processes always involve the balance of maintaining data integrity while facilitating quick deletion. Make sure to review their effectiveness regularly and optimize when the opportunity presents itself. 

Having an interface that can handle data subject access requests (DSAR) on the front-end and backend will ensure that customers have an easy method to get rid of their data.


Google Play Store data collection and usage disclosures 

All developers on the Google Play store are required to declare how they collect and handle user data for apps they publish on the platform. They‘re also required to provide details about how they protect their data (specifically on their security practices, encryption, masking, etc.).

A new form in the Data Safety section of Google Play’s ‘App Content’ page needs to be filled out by developers that have an app published on Google Play; this includes apps that are on internal, closed, open, or production testing tracks. 

Even for apps that do not collect any user data, developers still need to complete this form and provide a link to their privacy policy. In such cases, the form and policy can indicate that there is no collection or sharing of user data. 

Interested in learning more? Sign up for our webinar, Google Play Data Safety: What it Means for Your Android App. 


10 steps for developers to navigate data collection and usage disclosures

Developers can follow the steps below to navigate the requirements with ease:

  1. Leverage OneTrust Mobile App Consent to scan your application.
  2. Review the scan report to get a clear view of the technologies that are tracking user data on your app.
  3. Open the Google Play Console and click on the App Content page (Policy -> App Content). 
  4. Under ’Data Safety’, select ‘Start’. 
  5. In the ‘Data Collection and Security’ section, review the list of required user data types that you need to disclose. If your app collects or shares any of the required user data types, select Yes. If not, select No. 
  6. If you selected Yes, confirm the following by answering Yes or No: 
  7. Is all user data collected by your app encrypted in transit? 
  8. Do you provide a way for users to request their data to be deleted?
  9. In the ‘Data Types’ section, select all user data types that your app collects and/or shares. 
  10. In the ‘Data Usage and Handling’ section, answer the questions on how the data your app collects and/or shares is used and handled for each user.  
  11. After answering all questions, the ‘Store Listing Preview’ section previews the information that will be shown to users on the Google Play Store based on the answers you provided.  
  12. If you’re ready to submit your form, select Submit. If there’s anything to be modified, you can select ‘Back’ to change your answers. You can also select ‘Save as Draft’ to return to the form later. Upon selecting ‘Discard Changes’ the form will reset, and you will need to fill it out again. 


What’s on the horizon for Google Play Store apps?

The ‘Data Safety’ section is now readily available on the Google Play Store to all users. 

All apps on the Google Play Store, including those that do not collect user data, will be required to complete an accurate Data Safety form that discloses their data collection and sharing practices. Any non-compliant apps may face additional enforcement actions, such as removal of the app listing from the Google Play Store. If there are no issues, the app will be approved, with no further action required from the developer. If there are issues, you will need to revert your Data Safety form’s status to “Draft” in Play Console to publish your app update. 

The Google Play Store will also send the developer account owner an email, an Inbox message in Play Console, and show this information on the ‘Policy Status’ page. 

Regarding the new data deletion policy, developers need to add more info about data deletion practices by December 7, 2023, to their Data Safety form. Google says that users will be able to see how apps handle account and data deletion by “early next year”, and developers can file for an extension to set up this mechanism until May 31, 2024.


How can OneTrust help?


Google data deletion policy

With the assistance of OneTrust Privacy Rights Automation, privacy teams can comply with Google’s latest data deletion policy with ease. As privacy laws continue to expand, it also lays the groundwork for more stringent data deletion obligations throughout the consumer journey. 

  • Give your app developers a plug and play solution to enable data deletion
  • Reduce the risk of apps not being approved by the Play Store by providing the technical requirements and resources necessary to get through a speedy review process 
  • Provide users with more options to exercise control over their data 
  • Ensure that you’re meeting data deletion compliance requirements while also supporting the technical, legal, data storage, and security side of things

To learn more about how OneTrust Privacy Rights Automation can help your organization, request a demo today


Google Data Safety requirements

OneTrust Mobile App Consent gives Android developers a clear picture of exactly what data-tracking technologies are collecting from their app users. 

Scan your app to identify privacy permissions, frameworks, and SDKs, and better understand third-party trackers on your app with a pre-categorized database. Use the scan report to fill out the Google Data Safety section form that is required for app owners.  

Additionally, based on the scan, you can adjust your consent approach accordingly to demonstrate compliance and meet data requirements. With visual reports, the privacy health of your app will be easier to understand as well.  

Ensure optimal user experience by leveraging OneTrust’s pre-built consent options or customize your own. Unique consent approaches will be displayed to users based on their location, along with syncing consent and preferences across multiple devices.

Finally, monitor your consent rates over time at a granular level, capturing who consented, when, and what message they received upon giving consent. Demonstrating compliance to regulatory bodies and auditors becomes much easier with a historical consent database that comes with receipts and analytics to show the progress of your app’s privacy journey. 

Learn more about OneTrust’s Mobile App Consent Platform here. 

You may also like


Responsible AI

Unpacking the EU AI Act

Prepare your business for EU AI Act and other AI regulations with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more


Responsible AI

Unpacking the EU AI Act

Prepare your business for EU AI Act and other AI regulations with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more


Consent & Preferences

Live demo: How to automate consent and preference management with OneTrust

In this webinar, we demonstrate how OneTrust Consent and Preferences helps build stronger customer relationships by providing transparency, giving users control over their data use, and delivering personalized experiences.

June 29, 2023

Learn more