Today i received an email from google about policy violation regarding my Onesignal notification service used in my app. It is about collecting personally identifiable information (PII) without disclosure
Following email
"Hello Google Play Developer,
We detected that the app(s) listed at the end of this email contain a version of OneSignal, a messaging SDK, that collects personally identifiable information (PII) without disclosure. Apps like this may be considered in violation of our User Data policy.
Action required: Your app(s) may be removed from Google Play if the issue is not resolved within 10 days of receiving this message. If the affected version is inactive, future submissions will be rejected if you attempt to publish without first resolving the issue.
You can resolve this issue by:
adding a privacy policy URL to your app listing and within the app, notifying the user that their PII is collected; or removing any such functionality from your app. You may need to contact your SDK provider for an updated, policy compliant version to include in your app. After resolving the issue, you’ll need to sign in to your Developer Console and submit the updated version of your app.
We’re here to help
If you feel we have sent this warning in error, you can contact our developer support team.
Regards,
The Google Play Team
Affected app(s) and version(s):
com.app.name 9; 10
Any idea about resolving the issue :) Any help will be appreciated
Tap "Site Settings" > "Notifications". Choose "Allow" or "Block".
Push notifications can consist of a title, a message, an image, and a URL. They can also include logos, emojis, and other elements. Push notifications look different across distinct operating systems, such as Google Android and Apple OS. Learn more about the design and anatomy of a push notification.
Send Your First Push NotificationNavigate to the OneSignal dashboard. Select Check Subscribed Users. If everything went well, you should see a green pop-up message indicating that the connection was successful. You can proceed to create your first notification by clicking on the blue Send a Message button.
We receive the following answer from their development team, hope this helps:
Hi thanks for getting in touch and sorry to hear you encountered this problem. We recently became aware that several developers have received this notice and we have prepared a solution.
We recommend following the below three steps to resolve this. Any one of these steps may be sufficient, but we recommend following all 3 if possible just in case. We apologize for the inconvenience.
1- Update your application such that it does not use the "Identity" (android.permission.GET_ACCOUNTS) Android permission unless this permission is required by your application.
2- Update or add a privacy policy to your application. You must add this Privacy Policy to your app store page in the "Privacy Policy" section of your "Store Listing" page on the Google Developer Center. You must also add a link to this privacy policy in your application itself and re-submit your application to the Google Play store.
If you do not have a Privacy Policy, there are several websites to generate them including this one: http://www.docracy.com/mobileprivacy Finally, you must also add the following text from this link or https://gist.github.com/gdeglin/c22bed4b9f7f8838339faed2d7cea604 (or its substantial equivilant) to your privacy policy.
3- Use a new, updated version of the OneSignal SDK that is compliant
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With