Play Console Data Safety Answers

Baseline answers for the Data safety section — update when behavior changes

Top-level questions (common)

Does the app collect or share user data? Yes (account, commerce, content, analytics, security).
Is all user data encrypted in transit? Yes, for traffic to your production API and website over TLS.
Can users request data deletion? Yes — customer and vendor in-app deletion where implemented, plus instructions at /account-deletion and support fallback per Privacy Policy.
Do you sell user data? No (unless your business model changes; then update everything).
Committed to Google Play Families Policy? Only mark “yes” if you actually comply with the Families program requirements; this marketplace app is typically not designed for children.

Data types and purposes (select consistently)

For each type you collect, declare collection and (if applicable) sharing, then pick purposes such as:

App functionality
Analytics
Developer communications (if you send product emails)
Fraud prevention, security, and compliance
Personalization (only if you truly personalize beyond basic locale/currency)

Location

Precise location: Not collected by the Android wrapper as shipped (no location runtime permission in manifest).
Approximate location / region: May be inferred on the server or in the web app (IP, timezone, phone country code) for currency and marketplace display — declare if your backend stores or processes it as location-related data.

Photos and videos

Collected when users upload listing images, profile media, or share files into the app.
Purposes: App functionality, fraud prevention where applicable.

Audio

Only if the user initiates a WebView feature that uses the microphone; declare only if you ship that flow.

App activity and diagnostics

Interaction events, crash or performance telemetry if enabled — match your analytics SDK list in Play.

Device or other IDs

Session or visitor identifiers — declare for analytics and security as applicable.
Do not claim “no IDs” if analytics cookies or server logs create pseudonymous identifiers.

Data linked to the user

Account-backed data is generally linked to the user in Play's sense. Anonymous strictly-aggregated analytics may be treated differently only if your implementation truly supports that distinction.

Store listing alignment

Privacy Policy URL in Play Console must match a live page (e.g. /privacy-policy).
Any “sensitive” or ‘restricted’ features declared under App content must match the binary.

Reviewer note template

"LifeXShop is a WebView-based Android client for our HTTPS marketplace website. User data is processed for accounts, orders, bookings, social features, and security. Sensitive device permissions are requested only when the user triggers the corresponding web feature. Account deletion instructions are published at /account-deletion. We do not sell personal data."

Keep in sync

Before each release, re-read:

Top-level questions (common)

Does the app collect or share user data? Yes (account, commerce, content, analytics, security).

Is all user data encrypted in transit? Yes, for traffic to your production API and website over TLS.

Can users request data deletion? Yes — customer and vendor in-app deletion where implemented, plus instructions at /account-deletion and support fallback per Privacy Policy.

Do you sell user data? No (unless your business model changes; then update everything).

Committed to Google Play Families Policy? Only mark “yes” if you actually comply with the Families program requirements; this marketplace app is typically not designed for children.

Location

Precise location: Not collected by the Android wrapper as shipped (no location runtime permission in manifest).

Approximate location / region: May be inferred on the server or in the web app (IP, timezone, phone country code) for currency and marketplace display — declare if your backend stores or processes it as location-related data.

Reviewer note template