• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

android app user permissions and privacy policy

No there's nothing in your app's Java code which is uploading the user's phone number details. I have no idea what your Javascript is doing.
Have you tried contacting Google to ask why they think your app is doing this.

Also, why do you actually need an app, if all it does is display a Webview? Or are you planning to add more functionality in future?
 
Thanks LV426

1) My Javascript does this: https://www.theairlinepilots.com/apps/atr/atr72-loadsheet.php .You may view source to see the code. Its just mathematical calculations and nothing about android stuff.

2) Yes contacted Google. Nothing but canned responses. The conversation goes as below:

Google: "During review, we found that your application, ATR 72-500 (com.theairlinepilots.atr72_500loadsheet), violates the Personal and Sensitive Information provisions of our User Data policy. Our policy states: You must be transparent in how you handle user data (e.g., information provided by a user, collected about a user, and collected about a user’s use of the app or device), including by disclosing the collection, use, and sharing of the data, and you must limit use of the data to the description in the disclosure. Your application is currently uploading user information without consent. In order to be policy compliant, you will need to provide the user with a disclosure within the app. The user needs to be able to agree to the disclosure before the behavior of uploading the information occurs. Make sure you’ve corrected all policy violations and increment your app’s version code before submitting your app again."

Me: "I have rechecked the code. It does not collect user info. Can you please point out where in the code it is retrieving user info. I got it checked by other developers too. no one could find an issue."

Google: "As much as I'd like to help, I’m not able to provide any more information or a better answer to your question. In our previous email, I made sure to include all the information available to me. If you have a different question about the Play Developer Console, please let me know."

Me: "Can you connect me to your development team because information you provided does not have the answers I am looking for. I consider the claims made by google play team incorrect because there is nothing in my code that is uploading user data anywhere. So when my app does not use user data what am I supposed to disclose. I know you are busy and I don't want to irritate you by saying the same thing again and again, but if you can't help any further then you may not reply to this email, instead just forward my feedback to your developers (if possible) that there is something wrong in the system and it needs scrutiny."
Click to expand...

3) I am basically an airline pilot not a programmer. So just know enough to get the work done by mostly using javascript and php to run my website. In order to use the applications offline in the aircraft I need to develop apps. Since I don't know Java and very much constrained by time, the quickest solution was webview and pasting my javascript code their. My apps are mostly mathematical calculations.
 
Careful offline> airline pilot> mathematical calculations> JavaScript are hotkey notes in triggering NSA Webcrawlers.
 
@mikedt: no i am not running any third party stuff like ads etc. Only thing I am using which is not written by me is chart code by https://plot.ly/ again its just javscript to create a graph.

@KBU2: Can you please explain what you are saying, I don't get it.
 
made another appeal to google to point out which part of the code requests user info but again their reply looks like a canned response. Can someone help me what should I do. How can one get in touch with a developer in google who can look into my code. Their reply is as under:

During review, we found that version code 3 of your app violates the personal and sensitive information policy and section 4.8 of the Developer Distribution Agreement.
  • You must be transparent in how you handle user data (e.g., information provided by a user, collected about a user, and collected about a user’s use of the app or device), including by disclosing the collection, use, and sharing of the data, and you must limit use of the data to the description in the disclosure.
  • If your app collects and transmits personal or sensitive user data unrelated to functionality described prominently in the app’s listing on Google Play or in the app interface, then prior to the collection and transmission, it must prominently highlight how the user data will be used and have the user provide affirmative consent for such use.

You can read through the Personal and Sensitive Information policy page for more details and examples of common violations.

For example, your app is uploading users' device phone number information to 108.177.11.188:5228 without a prominent disclosure. Make sure to also post a privacy policy in both the designated field in the Play Developer Console and from within the Play distributed app itself.

Please update your app to fix this issue. You may also want to double check that your app complies with all other Developer Program Policies, as additional enforcement could occur if there are further policy violations.
Click to expand...
 
Can someone please check if the code in this attached "graphcode.txt" file if that is causing the problem (it is actually a .js file but uploaded as text file here since .js extension is not allowed). If you search for the word android you will find it but the rest of the code around it, i don't understand.
Isn't the code <uses-permission android:name="android.permission.READ_CONTACTS" /> necessary to retrieve the user contact info? I don't have anything like it in my app. Thanks for the help
 

Attachments

You must log in or register to reply here.
Back
Top Bottom