Play Store Data Safety Checklist

Keep Play Console declarations aligned with the LifeXShop app and website

What Google Play expects

Google requires that the Data safety form in Play Console accurately describes all user data the app collects, shares, or processes (including data handled in your WebView website), and that your store listing links a working Privacy Policy URL. Deceptive, incomplete, or inconsistent declarations are policy violations.

Scope covered by this project

Android WebView client (loads the production website)
Customer, vendor, and admin account flows on the site loaded in WebView
Store, checkout, bookings, social interactions, uploads, and notifications
Android share-to-app import flow

Android permissions (must match Play Console “App content” and user messaging)

Declared in AndroidManifest.xml and used as follows:

INTERNET / ACCESS_NETWORK_STATE — Core connectivity; required.
POST_NOTIFICATIONS (Android 13+) — Only for push-style alerts the user can enable; request timing should stay user-contextual where possible.
CAMERA / RECORD_AUDIO — Only when the website requests media capture (WebView PermissionRequest); not for background access.
READ_MEDIA_IMAGES / READ_EXTERNAL_STORAGE (max SDK 32) / WRITE_EXTERNAL_STORAGE (max SDK 29) — File picker, uploads, and share import.
VIBRATE — Optional notification or UI feedback.

The app does not declare ACCESS_FINE_LOCATION or ACCESS_COARSE_LOCATION. If you add them later, update this checklist, the Privacy Policy, and Play declarations before release.

Data collected (typical Data safety categories)

Personal info: Name, email, phone for accounts, support, and transactions.
Approximate location / region: Derived from IP, timezone, or phone country code for currency, marketplace labels, and relevance (declare as appropriate under Location or Personal info per Google's current form labels).
Financial / transaction: Purchase references and payment status via payment providers.
App activity: Views, clicks, likes, comments, shares, analytics events.
User content: Reviews, comments, uploads, listings.
Identifiers: Session, visitor, or device-oriented IDs for security and analytics.

Security and handling (form questions)

Encrypted in transit: Yes (HTTPS/TLS for API and website).
Users can request deletion: Yes — in-app flows plus /account-deletion.
Data sold: No — do not mark “sold” unless your legal/commercial practice changes.
Advertising ID: This WebView wrapper does not integrate Play-ads personalization; keep declarations consistent if you add an ads SDK later.

Policy URLs (store listing and in-app)

Privacy Policy: /privacy-policy
Terms of Use: /terms
Account deletion: /account-deletion
Play Console copy notes: /play-console-data-safety-answers

Release gate (before every production upload)

Privacy Policy and Terms text match current product behavior.
Data safety answers match any new SDK, analytics, payments, or messaging integration.
Account deletion path remains reachable and accurate.
Sensitive permissions are requested only in context and justified in the policy.

What Google Play expects

Android permissions (must match Play Console “App content” and user messaging)

Declared in AndroidManifest.xml and used as follows:

INTERNET / ACCESS_NETWORK_STATE — Core connectivity; required.

POST_NOTIFICATIONS (Android 13+) — Only for push-style alerts the user can enable; request timing should stay user-contextual where possible.

CAMERA / RECORD_AUDIO — Only when the website requests media capture (WebView PermissionRequest); not for background access.

READ_MEDIA_IMAGES / READ_EXTERNAL_STORAGE (max SDK 32) / WRITE_EXTERNAL_STORAGE (max SDK 29) — File picker, uploads, and share import.

VIBRATE — Optional notification or UI feedback.

The app does not declare ACCESS_FINE_LOCATION or ACCESS_COARSE_LOCATION. If you add them later, update this checklist, the Privacy Policy, and Play declarations before release.

Data collected (typical Data safety categories)

Personal info: Name, email, phone for accounts, support, and transactions.

Approximate location / region: Derived from IP, timezone, or phone country code for currency, marketplace labels, and relevance (declare as appropriate under Location or Personal info per Google's current form labels).

Financial / transaction: Purchase references and payment status via payment providers.

App activity: Views, clicks, likes, comments, shares, analytics events.

User content: Reviews, comments, uploads, listings.

Identifiers: Session, visitor, or device-oriented IDs for security and analytics.

Security and handling (form questions)

Encrypted in transit: Yes (HTTPS/TLS for API and website).

Users can request deletion: Yes — in-app flows plus /account-deletion.

Data sold: No — do not mark “sold” unless your legal/commercial practice changes.

Advertising ID: This WebView wrapper does not integrate Play-ads personalization; keep declarations consistent if you add an ads SDK later.