Reputation: 32171
How to fill in Google Play Data Safety form taking into account Firebase Analytics and Firebase Crashlytics libraries?
I have an app which does not push any data to any server except that it uses the Firebase Analytics and Firebase Crashlytics libraries to submit analytics and crash reports to my Firebase account. My use of both of these libraries is bare minimum.
I submit analytics events as follows:
FirebaseAnalytics.getInstance(applicationContext).logEvent("SomeEvent", bundle)
I submit exceptions as follows:
FirebaseCrashlytics.getInstance().recordException(exception)
Neither the bundles submitted via the FirebaseAnalytics instance nor the exceptions submitted via the FirebaseCrashlytics instance contain any of the user's personal data or any data that identifies the user. The exceptions just convey that a certain area of the application has failed and the bundles just convey that a certain button was tapped without linking in any way to the user.
With this in mind, how do I answer the following "Data collection and security" questions in the Google Play Data Safety form:
- Does your app collect or share any of the required user data types? [Yes/No]
- Is all of the user data collected by your app encrypted in transit? [Yes/No]
- Do you provide a way for users to request that their data is deleted? [Yes/No]
Upvotes: 24
Views: 4134
Answers (1)
Reputation: 1654
The same applies for Firebase as it does for AdMob.
Answer the first set of questions as follows:
- Does your app collect or share any of the required user data types? Yes
- Is all of the user data collected by your app encrypted in transit? Yes
- Do you provide a way for users to request that their data is deleted? No
Answer the second set of questions as follows:
- Location > Approximate location
- App activity > Page views and taps in app
- App info and performance > Crash logs, Diagnostics
- Device or other identifiers > Device or other identifiers
My source is this Stack Overflow answer.
Because the "Device or other IDs" row in the Date Types section in the Provide information for Google Play's Data safety section document states:
Identifiers that relate to an individual device, browser or app. For example, an IMEI number, MAC address, Widevine Device ID, Firebase installation ID, or advertising identifier.
This indicates that Google considers Firebase to be collecting user data.
Upvotes: 11
Related Questions
- Does firebase app data collection need to be declared in Data Safety Form of Play Console?
- Data safety form in google play console
- How to export data from Firebase Crashlytics to another application?
- Firebase Analytics required for Crashlytics
- Firebase Crashlytics without Google Play Services
- Firebase Analytics / Firebase Crashlytics - reporting errors
- Firebase: Reporting Analytics and Crash Data to Separate Projects
- Firebase Analytics and Crashlytics answers
- Firebase crash reporting or different Crashlytics API key to mitigate collision with Crashlytics in App
- Firebase combined analytics and error reporting in free and paid