Personal and Sensitive Information

Privacy Policy & Secure Transmission

If your app handles personal or sensitive user data (including personally identifiable information, financial and payment information, authentication information, phonebook or contact data, microphone and camera sensor data, and sensitive device data) then your app must:

Post a privacy policy in both the designated field in the Play Developer Console and from within the Play distributed app itself.
Handle the user data securely, including transmitting it using modern cryptography (for example, over HTTPS).

The privacy policy must, together with any in-app disclosures, comprehensively disclose how your app collects, uses and shares user data, including the types of parties with whom it’s shared.

Prominent Disclosure Requirement

If your app collects and transmits personal or sensitive user data unrelated to functionality described prominently in the app’s listing on Google Play or in the app interface, then prior to the collection and transmission, it must prominently highlight how the user data will be used and have the user provide affirmative consent for such use.

Here are some examples of common violations:

An app that doesn’t treat a user’s inventory of installed apps as personal or sensitive user data and doesn’t comply with the Privacy Policy, Secure Transmission, and Prominent Disclosure requirements.
An app that doesn’t treat a user’s phone or contact book data as personal or sensitive user data and doesn’t comply with the Privacy Policy, Secure Transmission, and Prominent Disclosure requirements.

We are using users phone number and email id and can share lately on other user. What we should implement in app so that we can fulfill all requirement related to personal and sensitive information. We are using HTTPS for transferring data to server including encryption. Should we show any popup to user that we are using your phone number and emailId.

Please let me know what should we do to update latest version on play store.