How I can add Privacy Policy to my App not only On Store Listing

Question

I get the following email from google play team:

Hello Google Play Developer,

Our records show that your app, XXXX , with package name com.XXX.XXX, currently violates our User Data policy regarding Personal and Sensitive Information.

Policy issue: Google Play requires developers to provide a valid privacy policy when the app requests or handles sensitive user or device information. Your app requests sensitive permissions (e.g. camera, microphone, accounts, contacts, or phone) or user data, but does not include a valid privacy policy.

Action required: Include a link to a valid privacy policy on your app's Store Listing page and within your app. You can find more information in our help center.

Alternatively, you may opt-out of this requirement by removing any requests for sensitive permissions or user data.

If you have additional apps in your catalog, please make sure they are compliant with our Prominent Disclosure requirements.

Please resolve this issue by March 15, 2017, or administrative action will be taken to limit the visibility of your app, up to and including removal from the Play Store. Thanks for helping us provide a clear and transparent experience for Google Play users.

Regards,

The Google Play Team

What is the meaning of Valid Privacy Policy, I get away to add URL privacy policy to Store Listing from Warning of Google Play Developer policy violation: Action Required , but Is enough to add a link for privacy policy page on Store Listing ? Is play store accept any privacy policy URL? and how I can add valid policy to my app? because on another email from google play team, They Said I need to add a privacy policy in two places not just Store Listing:

If your app requests user data or makes sensitive permissions requests such as Phone, Accounts, Contacts, Camera, or Microphone, you'll need to add a valid privacy policy in two places: your app's Store Listing page (instructions below) and within your app.

Answer 1

I think I'm qualified to give you a more detailed answer. I have two apps on the App Store (iOS) and I've worked on a mobile privacy policy generator for years. I'v e also recently written quite a few words about the above issue.

1) You absolutely need your privacy policy on the Play Store page PLUS within the app

This is what Google says:

If your app requests user data or makes sensitive permissions requests such as Phone, Accounts, Contacts, Camera, or Microphone, you'll need to add a valid privacy policy in two places: your app's Store Listing page (instructions below) and within your app.

I'd also like to add some more insight why that is the case. If you are into privacy law theory, then I suggest you read this pdf by a Pan-European privacy body, otherwise I just suggest to read the summary here:

The essential scope of information about data processing 1) must be available to the users before app installation, via the app store. Secondly, the relevant information about the data processing 2) must also be accessible from within the app, after installation.

And here is some bonus information Google doesn't talk about.

The Working Party recommends that information about personal data processing is also available, and easy to locate, such as within the app store 3) and preferably on the regular websites of the app developer responsible for the app. It is unacceptable that the users be placed in a position where they would have to search the web for information on the app data processing policies instead of being informed directly by the app developer or other data controller.

2) Adding a VALID privacy policy (link)

Now for the question of the vailidity of your privacy policy. You need to outline which sensitive permissions/user data you process and for what purpose.

I'm seeing a lot of advice saying that you just need to say that you access the camera but that isn't enough.

1. Say you access the camera
2. Say what purpose that serves
3. Say whatever else user data you process (name, email address, etc. etc)

This should help :)

Answer 2

Adding Privacy Policy to Web Site

1. Find a policy from an app. There are lots of apps that have privacy policy in them. I, here, clearly state how and why i use users permission and personal info.
2. If you have a web site put it your web site. If you don't have one create one free from Google Sites.

Adding Privacy Policy to Application

There are 3 ways i've sen so far how it's displayed to users

1. Menu button on NavigationView.
2. Inside an AlertDialog after user accepted Runtime Permissions
3. Inside a section of Settings activity or fragment