The latest data protection regulations, including The California Online Privacy Protection Act (CalOPPA) and the GDPR, have been rocking mobile app publishers’ boat with a variety of different requirements unlike any that have come before. For instance, both acts require publishers “to create clear and transparent privacy policies that reflect the state’s privacy laws and allow consumers to make informed decisions”.
At first blush, CalOPPA seems to be applicable only to developers based in California. The reality is that only a few publishers can avoid including comprehensible privacy policies in their apps. Following the GDPR and CalOPPA requirements, Google Play started sending warnings to apps that lack privacy policies. A privacy policy that is not meaningful or comprehensive enough can trigger such warning from Google Play too.
Whether you’ve already been warned by Google’s “Warning of Google Play Developer policy violation: Action Required Policy issue” or you believe your apps might fall victim to the new regulations, you should consider a few steps to fix the violation. Here’s a quick overview that may be of help.
Step 1. Check if you need a privacy policy in your mobile app.
The short answer is: most likely you need a privacy policy. If your app collects, stores or shares any type of personal data or requests sensitive permissions (e.g. camera, microphone, accounts, contacts, or phone), it’s under the obligation to include a privacy policy.
Personal information can include a first and last name, an email address, a telephone number, location data, and other data items connected to analytics or advertisement settings.
Step 2. Make sure your privacy policy includes information about advertising ID collection.
Don’t forget to add information about IP address and advertising ID collection, as well as the link to Appodeal’s privacy policy to your app's privacy policy in Google Play.
To speed up the process, you could use privacy policy generators—just insert advertising ID, IP address, and location (if you collect a user’ location) in the "Personally Identifiable Information you collect" field (in line with other information about your app) and the link to Appodeal’s privacy policy in "Link to the privacy policy of third party service providers used by the app".
Step 3. Add a privacy policy to your mobile app.
You must add your explicit privacy policies in two places: your app’s Store Listing page and within your app.
You can find detailed instructions on adding your privacy policy to your app on legal service websites. For example, Iubenda, the solution tailored to legal compliance, provides a comprehensive guide on including a privacy policy in your app.
Make sure that your privacy policy website has an SSL-certificate—this point might seem to be obvious, but it’s still essential.
Here’s are two useful resources that you can utilize while working on your app compliance:
Privacy, Security and Deception regulations (by Google Play)
Please note that although we’re always eager to back you up with valuable information, we’re not authorized to provide any legal advice. It’s important to address your questions to lawyers who work specifically in this area.
