Fixing Google Play Data Safety Section Violations
IMPORTANT
As of July 20, 2022, Google requires all apps on Google Play to have an accurate Data Safety section. Non-compliance results in policy violations that can affect your app's visibility or lead to removal from the store.
Problem Overview
Google Play's Data Safety section requires developers to transparently disclose how their apps collect, share, and handle user data. Many developers receive violations related to "Device Or Other IDs" data collection, particularly when using advertising SDKs like Google Ads (AdMob) or Facebook Ads that automatically transmit device identifiers.
The common violation message states:
"We detected user data transmitted off device that you have not disclosed in your app's Data safety section"
Solution: Proper Data Safety Configuration
For Apps Using Advertising SDKs (AdMob, Facebook Ads, etc.)
If your app displays ads using popular advertising networks, follow these steps to properly configure your Data Safety section:
Step-by-Step Configuration
1. Go to Google Play Console → Select your app
2. Navigate to App content → Data safety → Manage
3. Answer initial questions:
- "Does your app collect or share any user data?" → Yes
- "Is all data encrypted in transit?" → Yes (required for most ads SDKs)
- "Data deletion option?" → Yes (recommended)
4. Select these data types:
- Personal info → User IDs
- App activity → App interactions
- App info and performance → Crash logs, Diagnostics, Other performance data
- Device or other IDs → Device or other IDs
5. For each data type, configure:
- Is this data collected, shared or both? → Collected, Shared
- Is this data processed ephemerally? → Yes
- Is this data required? → Data collection is required
- Why is this data collected? → Advertising or marketing1. Download the official Data Safety template from Google
2. Fill in the required fields for advertising data collection
3. In Play Console: App content → Data safety → Manage
4. Click "Import from CSV file" (top right)
5. Upload your completed CSV file
6. Review and submitKey Configuration Details
Ephemeral Processing
Most advertising SDKs process device identifiers ephemerally (temporarily in memory without permanent storage). Selecting "Yes, this collected data is processed ephemerally" is typically correct for ads-related data collection.
Accuracy Requirement
Ensure your declarations match your app's actual behavior. Google performs automated checks to detect discrepancies between declared and actual data practices.
Common Data Types for Advertising Apps
| Data Type | Category | Purpose |
|---|---|---|
| Advertising ID | Device or other IDs | Ad targeting and measurement |
| Android ID | Device or other IDs | Device identification |
| User IDs | Personal info | User identification |
| App interactions | App activity | Analytics and ad performance |
| Crash logs | App performance | Error monitoring |
Verification and Submission
After completing your Data Safety section:
- Review carefully - Ensure all declarations match your app's behavior
- Save your changes - The system will validate your entries
- Submit for review - Google typically reviews within hours to days
- Monitor status - Check back for approval or additional requests
Preventing Future Violations
- Regular audits: Review your Data Safety section quarterly
- SDK updates: Check for changes in third-party SDK data practices
- Documentation: Keep records of your data handling practices
- Testing: Verify what data your app actually transmits
AVOID THIRD-PARTY CSV FILES
Do not download or use CSV files from unverified third-party sources. These may contain incorrect or malicious declarations that violate Google's policies.
Additional Resources
By accurately completing your Data Safety section with these guidelines, your app should become compliant with Google Play policies and avoid future violations related to data collection disclosures.