Home » Android » android – 10-Day Notification of Google Play Developer Term Violation regarding OneSignal push notification service

android – 10-Day Notification of Google Play Developer Term Violation regarding OneSignal push notification service

Posted by: admin June 15, 2020 Leave a comment

Questions:

Today i received an email from google about policy violation regarding my Onesignal notification service used in my app.
It is about collecting personally identifiable information (PII) without disclosure

Following email

“Hello Google Play Developer,

We detected that the app(s) listed at the end of this email contain a version of OneSignal, a messaging SDK, that collects personally identifiable information (PII) without disclosure. Apps like this may be considered in violation of our User Data policy.

Action required: Your app(s) may be removed from Google Play if the issue is not resolved within 10 days of receiving this message. If the affected version is inactive, future submissions will be rejected if you attempt to publish without first resolving the issue.

You can resolve this issue by:

adding a privacy policy URL to your app listing and within the app, notifying the user that their PII is collected; or
removing any such functionality from your app. You may need to contact your SDK provider for an updated, policy compliant version to include in your app.
After resolving the issue, you’ll need to sign in to your Developer Console and submit the updated version of your app.

We’re here to help

If you feel we have sent this warning in error, you can contact our developer support team.

Regards,

The Google Play Team

Affected app(s) and version(s):

com.app.name 9; 10

Any idea about resolving the issue 🙂
Any help will be appreciated

How to&Answers:

As the mail stated :

adding a privacy policy URL to your app listing and within the app, notifying the user that their PII is collected; or removing any such functionality from your app.

If you don’t have a privacy policy URL, you need to make one. Either create your own .com-domain or get a web-page from a host like Wix.com, then you write your privacy policy there where you inform the user that you collect personal information in your app. Also you create a “about” or “information” section in your app where you state more or less the same, and you should be good to go.

Answer:

We receive the following answer from their development team, hope this helps:

Hi thanks for getting in touch and sorry to hear you encountered this problem. We recently became aware that several developers have received this notice and we have prepared a solution.

We recommend following the below three steps to resolve this. Any one of these steps may be sufficient, but we recommend following all 3 if possible just in case. We apologize for the inconvenience.

1- Update your application such that it does not use the “Identity” (android.permission.GET_ACCOUNTS) Android permission unless this permission is required by your application.

2- Update or add a privacy policy to your application. You must add this Privacy Policy to your app store page in the “Privacy Policy” section of your “Store Listing” page on the Google Developer Center. You must also add a link to this privacy policy in your application itself and re-submit your application to the Google Play store.

If you do not have a Privacy Policy, there are several websites to generate them including this one: http://www.docracy.com/mobileprivacy
Finally, you must also add the following text from this link or https://gist.github.com/gdeglin/c22bed4b9f7f8838339faed2d7cea604 (or its substantial equivilant) to your privacy policy.

3- Use a new, updated version of the OneSignal SDK that is compliant

Answer:

You should contact OneSignal support for guidance on how to resolve this.