Google Play WARNING : Invalid Data safety form

Thumbwind

Thumbwind

New Member

Please advise how to respond to this issue in their review of the a data security issue found in apps compiled by AppYet.com​


--------------------------------------------------------------------

Issue found: Invalid Data safety form​



We reviewed your app’s Data safety form in Play Console and found discrepancies between it and how the app collects and shares user data. All apps are required to complete an accurate Data safety form that discloses their data collection and sharing practices - this is required even if your app does not collect any user data.

We detected user data transmitted off device that you have not disclosed in your app’s Data safety form as user data collected.

Issue details

We found an issue in the following area(s):

  • SPLIT_BUNDLE 22: Policy Declaration - Data Safety Section: Device Or Other IDs Data Type - Device Or Other IDs (some common examples may include Advertising ID, Android ID, IMEI, BSSID)

About the Data safety section in Google Play User Data policy​



Your app must be in compliance with this policy. If your app continues to be non-compliant after August 22, 2022, your app updates will be rejected and your app may face additional enforcement actions in the future.

Please make changes to align your app’s Data safety form with the app’s behavior. This can be done by either:

  • Updating your form in Play Console to declare collection of Data Types noted below; or
  • Removing unwanted functionality and attributable code that collects this user data from your app or libraries used in your app, and when applicable to deactivate all non-compliant APKs.
    • To deactivate non-compliant APKS, you can create a new release and upload a compliant APK to each track containing the non-compliant APKs.
    • Be sure to increment the APK version code. If using staged rollout, be sure to set the release to 100% rollout.
For helpful resources, you can:

 
Stigmabase

Stigmabase

New Member
Thumbwind said:

Please advise how to respond to this issue in their review of the a data security issue found in apps compiled by AppYet.com​


--------------------------------------------------------------------

Issue found: Invalid Data safety form​



We reviewed your app’s Data safety form in Play Console and found discrepancies between it and how the app collects and shares user data. All apps are required to complete an accurate Data safety form that discloses their data collection and sharing practices - this is required even if your app does not collect any user data.

We detected user data transmitted off device that you have not disclosed in your app’s Data safety form as user data collected.

Issue details

We found an issue in the following area(s):

  • SPLIT_BUNDLE 22: Policy Declaration - Data Safety Section: Device Or Other IDs Data Type - Device Or Other IDs (some common examples may include Advertising ID, Android ID, IMEI, BSSID)

About the Data safety section in Google Play User Data policy​



Your app must be in compliance with this policy. If your app continues to be non-compliant after August 22, 2022, your app updates will be rejected and your app may face additional enforcement actions in the future.

Please make changes to align your app’s Data safety form with the app’s behavior. This can be done by either:

  • Updating your form in Play Console to declare collection of Data Types noted below; or
  • Removing unwanted functionality and attributable code that collects this user data from your app or libraries used in your app, and when applicable to deactivate all non-compliant APKs.
    • To deactivate non-compliant APKS, you can create a new release and upload a compliant APK to each track containing the non-compliant APKs.
    • Be sure to increment the APK version code. If using staged rollout, be sure to set the release to 100% rollout.
For helpful resources, you can:

Click to expand...


The permission READ_EXTERNAL_STORAGE is considered by GOOGLE as a sensitive/ high risk permission.

This permission is written in the source code ... more precisely in the AndroidManifest.xml


<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>


AS LONG Appyet does not remove this line of code, all OUR applications will be considered at risk by GOOGLE and NON compliance with the DATA SAFETY


**************************************** decompiled via www.decompiler.com ******************************************

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android" android:versionCode="86" android:versionName="8,7" android:installLocation="auto" android:compileSdkVersion="23" android:compileSdkVersionCodename="6.0-2438415" package="......" platformBuildVersionCode="30" platformBuildVersionName="11">
<uses-sdk android:minSdkVersion="21" android:targetSdkVersion="30"/>
<supports-screens android:anyDensity="true" android:smallScreens="true" android:normalScreens="true" android:largeScreens="true" android:xlargeScreens="true"/>
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
<uses-permission android:name="android.permission.WAKE_LOCK"/>
<uses-permission android:name="android.permission.VIBRATE"/>
<uses-permission android:name="android.permission.FLASHLIGHT"/>
<uses-permission android:name="com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY"/>
<uses-feature android:name="android.hardware.location.network" android:required="false"/>
<uses-feature android:name="android.hardware.touchscreen" android:required="false"/>
<uses-feature android:name="android.hardware.wifi" android:required="false"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
<queries>
 
Stigmabase

Stigmabase

New Member
yahyaaa said:
@Thumbwind do you solve the problem or not?
can you help me because i face the same problem?
Click to expand...
The permission READ_EXTERNAL_STORAGE is considered by GOOGLE as a sensitive/ high risk permission.

This permission is written in the source code ... more precisely in the AndroidManifest.xml


<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>


AS LONG Appyet does not remove this line of code, all OUR applications will be considered at risk by GOOGLE and NON compliance with the DATA SAFETY


**************************************** decompiled via www.decompiler.com ******************************************

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android" android:versionCode="86" android:versionName="8,7" android:installLocation="auto" android:compileSdkVersion="23" android:compileSdkVersionCodename="6.0-2438415" package="......" platformBuildVersionCode="30" platformBuildVersionName="11">
<uses-sdk android:minSdkVersion="21" android:targetSdkVersion="30"/>
<supports-screens android:anyDensity="true" android:smallScreens="true" android:normalScreens="true" android:largeScreens="true" android:xlargeScreens="true"/>
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
<uses-permission android:name="android.permission.WAKE_LOCK"/>
<uses-permission android:name="android.permission.VIBRATE"/>
<uses-permission android:name="android.permission.FLASHLIGHT"/>
<uses-permission android:name="com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY"/>
<uses-feature android:name="android.hardware.location.network" android:required="false"/>
<uses-feature android:name="android.hardware.touchscreen" android:required="false"/>
<uses-feature android:name="android.hardware.wifi" android:required="false"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
<queries>
 
techlanka.lk

techlanka.lk

New Member
Stigmabase said:
The permission READ_EXTERNAL_STORAGE is considered by GOOGLE as a sensitive/ high risk permission.

This permission is written in the source code ... more precisely in the AndroidManifest.xml


<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>


AS LONG Appyet does not remove this line of code, all OUR applications will be considered at risk by GOOGLE and NON compliance with the DATA SAFETY


**************************************** decompiled via www.decompiler.com ******************************************

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android" android:versionCode="86" android:versionName="8,7" android:installLocation="auto" android:compileSdkVersion="23" android:compileSdkVersionCodename="6.0-2438415" package="......" platformBuildVersionCode="30" platformBuildVersionName="11">
<uses-sdk android:minSdkVersion="21" android:targetSdkVersion="30"/>
<supports-screens android:anyDensity="true" android:smallScreens="true" android:normalScreens="true" android:largeScreens="true" android:xlargeScreens="true"/>
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
<uses-permission android:name="android.permission.WAKE_LOCK"/>
<uses-permission android:name="android.permission.VIBRATE"/>
<uses-permission android:name="android.permission.FLASHLIGHT"/>
<uses-permission android:name="com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY"/>
<uses-feature android:name="android.hardware.location.network" android:required="false"/>
<uses-feature android:name="android.hardware.touchscreen" android:required="false"/>
<uses-feature android:name="android.hardware.wifi" android:required="false"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
<queries>
Click to expand...
any fix yet?
 
Stigmabase

Stigmabase

New Member
The only people who can fix this are the APPYET developers. Following Google's refusal and their explanations: we decompiled the applications. Indeed, the APPYET source code asks for permission that Google refuses : <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>. That's why our applications are outsourced. Seeing that APPYET did not move, we changed supplier. We did this reluctantly : APPYET was extraodinary.
 
You must log in or register to reply here.
Top