Home/Store Policies/Google Play Data Safety Form: The Complete Guide

Google Play Data Safety Form: The Complete Guide

Step-by-step instructions for filling out the Google Play Data Safety form, covering data types, purposes, and common declaration mistakes.

data safetygoogle playprivacydata collectionandroiddeclarationtransparency

Table of Contents

What Is the Data Safety Form?

The Data Safety form is Google Play's equivalent of Apple's privacy labels. It is a mandatory declaration in the Google Play Console that tells users what data your app collects, shares, and how it handles security. Every app on Google Play must have a completed Data Safety form.

Users see this information on your app's Play Store listing under the "Data safety" section, allowing them to make informed decisions before installing.

What You Must Declare

The Data Safety form covers four key areas:

1. Data Collection

For each data type, you must state whether your app collects it. "Collection" means data is transmitted off the device to your servers or a third party.

Does your app share any collected data with third parties? Third parties include analytics providers, ad networks, payment processors, and any external service that receives user data.

3. Data Handling Practices

Is the data encrypted in transit?
Can users request data deletion?
Is the data collection optional or required?

4. Security Practices

Does your app use encryption for data in transit?
Do you follow a data retention and deletion policy?

Data Types and Categories

Google organizes data into these categories:

Category	Data Types
Location	Approximate location, precise location
Personal info	Name, email, user IDs, address, phone number
Financial info	Purchase history, credit info, other financial info
Health and fitness	Health info, fitness info
Messages	Emails, SMS/MMS, other messages
Photos and videos	Photos, videos
Audio files	Voice/sound recordings, music files
Files and docs	Files and docs
Calendar	Calendar events
Contacts	Contacts
App activity	App interactions, search history, installed apps
Web browsing	Web browsing history
App info and performance	Crash logs, diagnostics, other performance data
Device or other IDs	Device ID, advertising ID

Filling Out the Form: Step by Step

Step 1: Audit Your App

Before touching the form, conduct a thorough audit:

List every piece of data your app collects
Identify all third-party SDKs and their data practices
Map data flows: what goes to your servers, what goes to third parties
Document your security practices (encryption, retention, deletion)

Step 2: Access the Form

Open Google Play Console
Select your app
Navigate to "App content" then "Data safety"
Click "Start" or "Manage"

Step 3: Answer the Overview Questions

Google starts with high-level questions:

Does your app collect or share any user data?
Does your app use encryption for data in transit?
Do you provide a way for users to request data deletion?
Is your app a news or entertainment app that primarily deals with content?

Step 4: Declare Each Data Type

For every data type you collect, specify:

Collection - Is this data sent off the device?
Sharing - Is this data shared with third parties?
Ephemeral - Is the data processed only in memory without being stored?
Required or optional - Can the user opt out of this collection?
Purpose - Why do you collect this data? (app functionality, analytics, advertising, fraud prevention, personalization, account management)

Step 5: Review and Submit

Preview your Data Safety section to see how it will appear to users. Make sure everything is accurate before submitting.

Third-Party SDK Data Practices

This is the trickiest part. You are responsible for declaring data collected by every SDK in your app, even if you do not directly access that data.

Common SDKs and their typical data collection:

Firebase Analytics - App interactions, device ID, crash logs
Google AdMob - Advertising ID, location (approximate), device info
Facebook SDK - Device ID, app interactions, advertising data
Crashlytics - Crash logs, device info, performance data
OneSignal - Device ID, notification interactions

Check each SDK's documentation for their specific Data Safety guidance. Most major SDKs now provide detailed information about what they collect.

Common Mistakes

Under-declaring - Not accounting for SDK data collection. Google checks declarations against actual behavior and may remove non-compliant apps.
Over-declaring - Declaring data you do not collect makes your listing look worse than necessary.
Wrong purpose classification - Labeling advertising data as "app functionality" instead of being honest about the real purpose.
Missing data deletion - Google requires both an in-app and a web-based deletion mechanism.
Not updating - Your form must stay current when you add SDKs, remove features, or change data practices. Review it quarterly.

How did you find this article?

← Previous

Apple App Review Guidelines: What Every Developer Needs to Know

Google Play Developer Policy: The Complete 2026 Guide

Apple App Review Guidelines: What Every Developer Needs to Know

A complete breakdown of Apple App Review Guidelines covering safety, performance, design, legal, and business rules for App Store approval.

Google Play Developer Policy: The Complete 2026 Guide

Everything you need to know about Google Play Developer Program Policies, from content rules to billing compliance and enforcement actions.

Most Common App Rejections and How to Avoid Them

Learn the top reasons apps get rejected by Apple and Google, with practical fixes for each rejection type to save time on your next submission.

iOS Privacy Labels: A Complete Guide to App Privacy Nutrition Labels

How to accurately fill out Apple privacy nutrition labels for your iOS app, covering data types, collection purposes, and common mistakes.

App Tracking Transparency (ATT): The Definitive Guide for 2026

Everything about Apple App Tracking Transparency framework, from implementation to opt-in strategies and its impact on mobile advertising.

What Is the Data Safety Form?

Users see this information on your app's Play Store listing under the "Data safety" section, allowing them to make informed decisions before installing.

What You Must Declare

The Data Safety form covers four key areas:

1. Data Collection

For each data type, you must state whether your app collects it. "Collection" means data is transmitted off the device to your servers or a third party.

Does your app share any collected data with third parties? Third parties include analytics providers, ad networks, payment processors, and any external service that receives user data.

3. Data Handling Practices

Is the data encrypted in transit?
Can users request data deletion?
Is the data collection optional or required?

4. Security Practices

Does your app use encryption for data in transit?
Do you follow a data retention and deletion policy?

Data Types and Categories

Google organizes data into these categories:

Category	Data Types
Location	Approximate location, precise location
Personal info	Name, email, user IDs, address, phone number
Financial info	Purchase history, credit info, other financial info
Health and fitness	Health info, fitness info
Messages	Emails, SMS/MMS, other messages
Photos and videos	Photos, videos
Audio files	Voice/sound recordings, music files
Files and docs	Files and docs
Calendar	Calendar events
Contacts	Contacts
App activity	App interactions, search history, installed apps
Web browsing	Web browsing history
App info and performance	Crash logs, diagnostics, other performance data
Device or other IDs	Device ID, advertising ID

Filling Out the Form: Step by Step

Step 1: Audit Your App

Before touching the form, conduct a thorough audit:

List every piece of data your app collects
Identify all third-party SDKs and their data practices
Map data flows: what goes to your servers, what goes to third parties
Document your security practices (encryption, retention, deletion)

Step 2: Access the Form

Open Google Play Console
Select your app
Navigate to "App content" then "Data safety"
Click "Start" or "Manage"

Step 3: Answer the Overview Questions

Google starts with high-level questions:

Does your app collect or share any user data?
Does your app use encryption for data in transit?
Do you provide a way for users to request data deletion?
Is your app a news or entertainment app that primarily deals with content?

Step 4: Declare Each Data Type

For every data type you collect, specify:

Collection - Is this data sent off the device?
Sharing - Is this data shared with third parties?
Ephemeral - Is the data processed only in memory without being stored?
Required or optional - Can the user opt out of this collection?
Purpose - Why do you collect this data? (app functionality, analytics, advertising, fraud prevention, personalization, account management)

Step 5: Review and Submit

Preview your Data Safety section to see how it will appear to users. Make sure everything is accurate before submitting.

Third-Party SDK Data Practices

This is the trickiest part. You are responsible for declaring data collected by every SDK in your app, even if you do not directly access that data.

Common SDKs and their typical data collection:

Firebase Analytics - App interactions, device ID, crash logs
Google AdMob - Advertising ID, location (approximate), device info
Facebook SDK - Device ID, app interactions, advertising data
Crashlytics - Crash logs, device info, performance data
OneSignal - Device ID, notification interactions

Check each SDK's documentation for their specific Data Safety guidance. Most major SDKs now provide detailed information about what they collect.

Common Mistakes

Under-declaring - Not accounting for SDK data collection. Google checks declarations against actual behavior and may remove non-compliant apps.
Over-declaring - Declaring data you do not collect makes your listing look worse than necessary.
Wrong purpose classification - Labeling advertising data as "app functionality" instead of being honest about the real purpose.
Missing data deletion - Google requires both an in-app and a web-based deletion mechanism.
Not updating - Your form must stay current when you add SDKs, remove features, or change data practices. Review it quarterly.

Google Play Data Safety Form: The Complete Guide

What Is the Data Safety Form?

What You Must Declare

1. Data Collection

2. Data Sharing

3. Data Handling Practices

4. Security Practices

Data Types and Categories

Filling Out the Form: Step by Step

Step 1: Audit Your App

Step 2: Access the Form

Step 3: Answer the Overview Questions

Step 4: Declare Each Data Type

Step 5: Review and Submit

Third-Party SDK Data Practices

Common Mistakes

Related Topics

Related Articles

Apple App Review Guidelines: What Every Developer Needs to Know

Google Play Developer Policy: The Complete 2026 Guide

Most Common App Rejections and How to Avoid Them

iOS Privacy Labels: A Complete Guide to App Privacy Nutrition Labels

App Tracking Transparency (ATT): The Definitive Guide for 2026

Google Play Data Safety Form: The Complete Guide

What Is the Data Safety Form?

What You Must Declare

1. Data Collection

2. Data Sharing

3. Data Handling Practices

4. Security Practices

Data Types and Categories

Filling Out the Form: Step by Step

Step 1: Audit Your App

Step 2: Access the Form

Step 3: Answer the Overview Questions

Step 4: Declare Each Data Type

Step 5: Review and Submit

Third-Party SDK Data Practices

Common Mistakes

Related Topics

Related Articles

Apple App Review Guidelines: What Every Developer Needs to Know

Google Play Developer Policy: The Complete 2026 Guide

Most Common App Rejections and How to Avoid Them

iOS Privacy Labels: A Complete Guide to App Privacy Nutrition Labels

App Tracking Transparency (ATT): The Definitive Guide for 2026