Privacy Policy for Android Apps

Welcome. This post mainly answers the question how and why you should add a privacy policy to your Android app.

Android apps privacy policy

If you want to read a more general overview of privacy policies in mobile apps then you can read that here
To skip all that just use our generator to help you make a privacy policy for your Android
Since we’ve launched our mobile apps privacy policy generator we’ve started to publish guides on how to submit your app to the app stores with a privacy policy. You are reading the guide on the Android Play Store by Google.

All our (other) guides can be found here:

You can now find a similar privacy policy guide for Windows Phone here: Privacy Policy for Windows Phone Apps
You can now find a similar privacy policy guide for iOS here: Privacy Policy for iOS Apps
You can also find a similar privacy policy guide for BlackBerry here: Privacy Policy for BlackBerry Apps
You can find a similar privacy policy guide for Firefox OS here: Privacy Policy for Firefox OS Apps
Let’s say I want to include a privacy policy into my Android application: what do I need to do?

In Short
Use our generator for mobile apps;
Add all the clauses you need for your app to your privacy policy and then:
Embed it into your app or link to it from the app;
Possibly link to it from the app store;
Possibly link to it from your website;
Read here how to properly add a privacy policy to a mobile app
Be happy.
1) Do I have to include a privacy policy in my Android app?

Well, that depends on what the app is doing. But consider the fact, that you can never be wrong including a link or a full page view of your privacy policy. It is however very likely that you are required by law to include a privacy policy into your Android baby. Easy CHECK: Am I collecting/storing/sharing personal information like email, names or sensitive data like payments info or using a third party service that accesses my info?
You are likely using a third party service in your app that requires you to add a privacy policy to your app. Additionally to a legal requirement it is often an additional prerequisite to use a specific service. Check in your service provider’s terms. A very popular third party service that requires you to post a privacy policy in their TOS is Google Analytics (they also have a mobile solution).
2) Am I required by the Google Play Store to post a privacy policy?

The Play store does still not require you in a blank statement to have a privacy policy in any case. You can therefore post an app to the store that is non-compliant with privacy laws.
From the Google Play Developer Distribution Agreement: «You agree that if you use the Store to distribute Products, you will protect the privacy and legal rights of users. If the users provide you with, or your Product accesses or uses, user names, passwords, or other login information or personal information, you must make the users aware that the information will be available to your Product, and you must provide legally adequate privacy notice and protection for those users. Further, your Product may only use that information for the limited purposes for which the user has given you permission to do so. If your Product stores personal or sensitive information provided by users, it must do so securely and only for as long as it is needed.»
From the Privacy and Security Policy: If your app handles personal or sensitive user data (including personally identifiable information, financial and payment information, authentication information, phonebook or contact data, and sensitive device data) then your app must: Post a privacy policy that, together with any in-app disclosures, comprehensively discloses the collection, use and sharing of any user data your app handles, how it’s used, and the types of parties with whom it’s shared, and (…)
The California Attorney General is working on making all apps privacy regulations compliant and working on this with the big platform providers like Google Play. This situation could therefore change down the road to include a requirement for a privacy policy for any app regardless of their data collection.
How do you add and edit that privacy policy on the Play Store?

3) How do I add/edit my privacy policy on the Play store? (source)

Log into your Google Play Developer Console
Next, select All Applications and select the application whose privacy policy you’d like to edit.
After that, select Store Listing.
Then, scroll to the section marked Privacy Policy and enter the URL where you have the privacy policy hosted online.
Lastly, be sure to click Save or update.
4) What if I don’t want to add a privacy policy at this time?

If you do not want to add a privacy policy at the moment, you can check the box next toNot submitting a privacy policy URL at this time on the Store Listings screen of your application in the Google Play Developer Console. Follow the instructions above to view that screen.

5) An example privacy policy for Android Apps?

A lot of people ask for sample privacy policies for apps. Let’s start with the legal minimum requirements. A good starting point is the California Online Privacy Protection act (CalOPPA), and even better Europe’s minimum requirements since they are more refined:

CalOPPA minimum requirements:

Provide info about the personally identifiable information (PII) like:

a description of the types of PII collected and disclosed by the operator;
a description of the process by which a consumer can access and request changes to his or her PII, if available;
a description of the process by which the operator will notify consumers of material changes to the privacy policy; and
an effective date
EU Privacy Directives minimum requirements:

Provide a readable, understandable and easily accessible privacy policy, which at a minimum informs users about:

who you are (identity and contact details),
what precise categories of personal data the app wants to collect and process,
why the data processing is necessary (for what precise purposes),
whether data will be disclosed to third parties (not just a generic but a specific
description to whom the data will be disclosed),
what rights users have, in terms of withdrawal of consent and deletion of data
You can easily google for an example privacy policy for X but chances are you won’t find anything ready-made.

Helpful docs:

1. Privacy on the Go

2. Article 29 Working Group

Our Approach of Generating an Android Privacy Policy

So here’s where iubenda’s privacy policy generator will come in very handy:

1) Define the services and categories of data collection your app is making use of.

2) Add the services (and categories of data collection like «access to address book») you are using to your policy and it will generate the full text privacy policy in a condensed easily scannable fashion as well as an entire document your users can read if they want.

3) You can either link to your policy or embed the text into your app.