Google Play Data Safety for Fliplet apps
Google Play requires apps to complete the Data safety form in Google Play Console so your Play Store listing can show what your app collects, what it shares, and how it’s handled. Learn more.
This guide is for Fliplet app builders and focuses on the most common setup: login, user profiles, file/image uploads, push notifications, and analytics.
Before you start: what to prepare
- Read Google’s Data safety guidance (it defines what “collect,” “share,” and “optional vs required” mean).
- Have a live Privacy Policy URL ready (Google requires a privacy policy link for all apps, even if you don’t access personal/sensitive user data).
- Inventory your app’s data behavior
- What users type into forms (e.g., name/email/phone)
- What you track (analytics, diagnostics)
- Any integrations (SSO, embedded webviews, 3rd-party SDKs)
Fliplet is designed to support compliance with Google Play policies, but the correct answers still depend on how your specific app is configured (what screens/features you added and what data you choose to collect).
Key definitions (the source of most confusion)
“Collected” vs “Shared”
-
Collected: your app (or its SDKs) transmits user data off the device to you/your servers (or stores it beyond a real-time request).
-
Shared: data is transferred to a third party (including via SDKs), even if it’s an on-device transfer to another app in some cases.
“Optional” vs “Required”
- Google lets you mark data collection as optional only if all users can use the app without providing it (or can opt in/out). If the app’s core functionality needs it, mark it required.
“Ephemeral processing”
- “Ephemeral” means data is only held in memory no longer than necessary to service a specific real-time request, and not stored or reused.
Step 1: Data collection & security (Yes/No questions)
- Does your app collect or share user data?
Recommended: Yes (most apps do if they use login, profiles, analytics, uploads, device identifiers, etc.). - Is all user data encrypted in transit?
Recommended: Yes (usually). Choose “Yes” only if data your app sends off-device uses secure transport (e.g., HTTPS/TLS), including anything sent by added SDKs. - Can users request deletion of their data?
If your app supports account creation, Google expects:Account deletion requirement.- a web link users can access outside the app (and you provide this URL in Play Console).
- an in-app way to start account deletion, and
Step 2: Data types (if you have X, select Y)
In Data types, select the categories that match what your app uses. The items below are the most common for Fliplet apps, but your app may use additional data types depending on what screens/features you’ve added (for example location, messaging, payments).
Most common Fliplet features
| If your Fliplet app has… | Select these Data types |
|---|---|
| Login | Personal info (Email, Name) + Device or other identifiers |
| User profiles | Personal info (Name, Email, Phone number — only if collected) |
| Analytics / usage tracking (page views, taps) | App activity + Device or other identifiers |
| Push notifications | Device or other identifiers |
| File uploads (PDFs, docs, attachments) | Files and docs |
| Image uploads (profile photo, photo attachments) | Photos and videos |
Other common data types (only if your app uses these features)
| If your app includes… | Select these Data types | Examples |
|---|---|---|
| Maps / “near me” / check-in / location permission | Location (Approximate and/or Precise) | Showing nearby locations, check-ins, location-based content |
| Crash reporting / diagnostics tooling | App info and performance + Device or other identifiers | Crash logs, diagnostics, performance data |
| Messaging / chat / DMs | Messages (if shown as an option) | In-app chat or direct messages |
| Payments / subscriptions | Financial info (if your app collects it) | Purchases, billing details |
When in doubt: start with the common list above, then scan the rest of the Data types page for anything that matches features you’ve added— especially Location, Files and docs, and Photos and videos.
Step 3: Data usage & handling (how to answer the pop-up)
For each selected data type, Play Console asks how it’s used. Use these simple rules:
- Collected = your app sends it to run the app (your/Fliplet services).
- Shared = it’s sent to a third party (usually because you added an external SDK/service).
- Processed ephemerally = usually No for login, profiles, analytics, identifiers, and uploads. (“Ephemeral” means data is only used in memory and not stored beyond what’s needed for a real-time request.) Definition.
Defaults for the most common Fliplet setup
| Data type | Collected vs Shared | Required or Optional | Processed ephemerally? | Notes |
|---|---|---|---|---|
| Personal info (Email/Name/Phone) | Usually Collected | Login fields usually Required; extra profile fields can be Optional | No | Only include fields you actually collect |
| App activity (analytics) | Usually Collected | Usually Required (runs automatically) | No | If you use a third-party analytics SDK, this may become Shared |
| Device or other identifiers | Usually Collected | Usually Required | No | Often used for app operation, troubleshooting, push, analytics |
| Files and docs | Usually Collected | Often Optional (unless upload is required) | No | Applies to documents users upload |
| Photos and videos | Usually Collected | Often Optional | No | Applies to images users upload |
How to do it in Console: for each row, click Show → Start, choose the options above, then click Next and repeat.
Two common gotchas
- Only mark “Shared” if you truly send data to a third party (external analytics, ads, marketing, crash tools, etc.). If you didn’t add third-party tools, most Fliplet apps are “Collected” (not shared).
- “Ephemeral” is a strict definition—most real apps should answer No for login/profile/analytics/uploads.