App Removed from Playstore- Violation of Personal and Sensitive Information policy

Hi,

I received a mail from google play store that my appis removed for Violation of Personal and Sensitive Information policy .

Email Content:

Hi Developers at DesignQube,

After review, DesignQube Projects, com.designqube.dqprogress  **(Version code 1)** , has been removed from Google Play due to a policy violation. This app won’t be available to users until you submit a compliant update.

**Issue: Violation of Personal and Sensitive Information policy**

We’ve identified that your app is using an SDK or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines. 

If necessary, you can consult your SDK provider(s) for further information.

Our App only uses a camera and storage. I have mentioned clearly in the description in app.json

Can you please suggest me how to solve this and publish the apk in the app store again.

Hello @designqube, what you should be sharing is your package.json

Hi ,

my packge.json is

{
  "name": "Projects",
  "version": "0.1.0",
  "private": true,
  "devDependencies": {
    "babel-eslint": "^10.0.1",
    "eslint": "^5.15.1",
    "eslint-config-airbnb": "^17.1.0",
    "eslint-config-prettier": "^4.1.0",
    "eslint-plugin-import": "^2.16.0",
    "eslint-plugin-jsx-a11y": "^6.2.1",
    "eslint-plugin-prettier": "^3.0.1",
    "eslint-plugin-react": "^7.12.4",
    "husky": "^1.3.1",
    "lint-staged": "^8.1.5",
    "prettier": "^1.16.4",
    "pretty-quick": "^1.10.0",
    "react-native-scripts": "^2.0.1",
    "react-test-renderer": "^16.7.0",
    "schedule": "^0.4.0"
  },
  "main": "./node_modules/expo/AppEntry.js",
  "scripts": {
    "start": "expo start",
    "eject": "expo eject",
    "android": "expo --android",
    "ios": "expo --ios",
    "lint": "eslint --ext js,jsx src --fix"
  },
  "jest": {
    "preset": "jest-expo"
  },
  "rnpm": {
    "assets": [
      "./assets/fonts/"
    ]
  },
  "dependencies": {
    "@expo/vector-icons": "^9.0.0",
    "@okgrow/react-native-copilot": "^2.4.1",
    "@shoutem/ui": "^0.23.9",
    "accordion-collapse-react-native": "^0.1.3",
    "apollo-cache-inmemory": "^1.3.12",
    "apollo-client": "^2.4.8",
    "apollo-link": "^1.2.6",
    "apollo-link-error": "^1.1.5",
    "apollo-link-http": "^1.5.9",
    "apollo-link-ws": "^1.0.8",
    "apollo-utilities": "^1.0.27",
    "async": "^2.6.1",
    "expo": "^32.0.0",
    "expo-multiple-imagepicker": "^1.0.6",
    "graphql": "^14.0.2",
    "graphql-tag": "^2.7.3",
    "lodash": "^4.17.11",
    "moment": "^2.23.0",
    "prop-types": "^15.6.2",
    "react": "^16.7.0",
    "react-apollo": "^2.3.3",
    "react-native": "https://github.com/expo/react-native/archive/sdk-32.0.0.tar.gz",
    "react-native-action-button": "^2.8.5",
    "react-native-aws3": "0.0.8",
    "react-native-checkbox": "^2.0.0",
    "react-native-controlled-picker": "^0.1.0",
    "react-native-easy-toast": "^1.1.0",
    "react-native-image-zoom-viewer": "^2.2.24",
    "react-native-iphone-x-helper": "^1.2.0",
    "react-native-keyboard-spacer": "0.4.1",
    "react-native-material-bottom-navigation": "^1.0.2",
    "react-native-material-menu": "^0.4.2",
    "react-native-material-ripple": "^0.8.0",
    "react-native-modal": "^7.0.2",
    "react-native-multiple-select": "^0.4.4",
    "react-native-nav": "2.0.2",
    "react-native-optimized-flatlist": "^1.0.4",
    "react-native-popup-dialog": "^0.14.46",
    "react-native-progress": "^3.5.0",
    "react-native-search-box": "0.0.19",
    "react-native-swipeable-parallax-carousel": "1.1.0",
    "react-native-tabs": "^1.0.9",
    "react-native-timeago": "^0.4.0",
    "react-native-timeline-listview": "^0.2.2",
    "react-native-ui-kitten": "3.1.2",
    "react-native-user-avatar": "1.0.3",
    "react-native-vector-icons": "^6.1.0",
    "react-navigation": "^3.6.0",
    "react-redux": "^5.0.6",
    "redux": "^3.7.2",
    "redux-persist": "^5.9.1",
    "reselect": "^3.0.1",
    "sentry-expo": "^1.11.0",
    "shortid": "^2.2.13",
    "subscriptions-transport-ws": "^0.9.15"
  },
  "lint-staged": {
    "*.{js,jsx}": [
      "pretty-quick --staged",
      "eslint --ext js,jsx src --fix",
      "git add"
    ]
  }
}

Hello Expo Team,

Is there any other solution for this?

Hello,

Jumping into this thread because I had the same thing happen as well. I had recently updated my APK due to a recent take-down because of the BranchIO stuff and things seemed fine for the 5 days or so until today when it was removed again. My listing has had a privacy policy for well over a year.

Problem here looks to also be the “Issue: Violation of Personal and Sensitive Information policy”

Thanks!
matt

As of today we are having the same issue as well

Need help

Got today:

Issue: Violation of Personal and Sensitive Information policy

We’ve identified that your app is using an SDK or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines.

If necessary, you can consult your SDK provider(s) for further information.

Next steps: Submit your app for another review

1. Read through the Personal and Sensitive Information policy and make the appropriate changes to your app.
2. Make sure your app is compliant with the User Data policy and all other Developer Program Policies. Additional enforcement could occur if there are further policy violations.
3. Sign in to your Play Console and upload the modified, policy compliant APK. Make sure to increment the version number of the APK.
4. Submit your app.

Hey all,

Does the message from Google not indicate a specific SDK or library that is in violation?

Cheers,
Adam

@adamjnav That is correct, it is much less specific than the BranchIO error.

@mitka 's error is the exact same as mine.

Thanks for the update. Have you tried to ask Google for more specific information? I know they aren’t the most responsive or timely.

Yes, I have already reached out to them for more info and am waiting for a response. As soon as I get more info I can add it to this thread.

Same exact thing happened to us. I also reached out to googleplay for more info.

We heard back from Google Play and they said that we needed to resubmit the app via the Store listing page to complete the process:

In order to show your app on Google Play, please submit your app again:

1. Sign in to your Play Console.
2. Select your app.
3. Select Store presence > Store listing .
4. Click Submit update or Resubmit app .

If the submit button is grayed out, you can make a minor change to your store listing to activate the button. For example, add a space after your app title and then delete it. Once the button turns blue, you can submit your update.

@thistle Did you they reference any specific changes you had to make before resubmitting? Seems strange that they would issue a take-down and then allow you to resubmit the same APK without making changes to address the take-down issue.

It was very strange. This was the sequence of events:

1. Email from playstore saying that we were using BranchIO and violating their info policy (we don’t use BranchIO, so this was confusing)
2. Submitted a support request to Google Play and heard back from Mary confirming that our app was using BranchIO
3. After some Googling, per Expo’s blog post, I rebuilt our Android APK with expo, incremented the version number (15 → 16), and uploaded it to alpha and beta tracks. Promoted beta track to production.
4. Shortly after the successful release, received another email that our app had been taken down (again). This time with no details on the reason why.
5. I inquired on my thread with Mary from Google Play about why our app was taken down again
6. Hours later received an email back from Mary saying that our app (v16) was approved to be reinstated, we just had to resubmit via the store listing page. So… ¯_(ツ)_/¯

I received almost same email today

After review, Harzaan, com.bawersystem.harzaan, has been removed from Google Play due to a policy violation. This app won’t be available to users until you submit a compliant update.

Issue: Violation of Personal and Sensitive Information policy

We’ve identified that your app is using an SDK or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines.

If necessary, you can consult your SDK provider(s) for further information.

Next steps: Submit your app for another review

1. Read through the Personal and Sensitive Information policy and make the appropriate changes to your app.
2. Make sure your app is compliant with the User Data policy and all other Developer Program Policies. Additional enforcement could occur if there are further policy violations.
3. Sign in to your Play Console and upload the modified, policy compliant APK. Make sure to increment the version number of the APK.
4. Submit your app.

If you’ve reviewed the policy and feel this removal may have been in error, please reach out to our policy support team. One of my colleagues will get back to you within 2 business days.

Hi all,

I receive the exact same email from PlayStore:

Issue: Violation of Personal and Sensitive Information policy

We’ve identified that your app is using an SDK or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines. 

If necessary, you can consult your SDK provider(s) for further information.

Are there any known causes for this issue + Expo?

Thanks

@adamjnav

I receive the exact same email from PlayStore:
Jumping into this thread because I had the same thing happen as well. I had recently updated my APK due to a recent take-down because of the BranchIO stuff and things seemed fine for the 5 days

or so until today when it was removed again.

Issue: Violation of Personal and Sensitive Information policy

We’ve identified that your app is using an SDK or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines. 

If necessary, you can consult your SDK provider(s) for further information.

Any suggestions or solution from Expo Team?

I have received the same warnings. We added a privacy policy. Changed version number and still getting the response below. Anyone know what the problem could be?

Step 1: Fix the policy violation with your app

During review, we found that your app version code 1 in BETA track is using an SDK(BranchIO SDK) or library that facilitates the collection and transmission of installed packages information without meeting the prominent disclosure guidelines.

If necessary, you can consult your SDK provider(s) for further information.

Please refer to the information below to fix the issue.

1. Remove the flagged version codes and resubmit the incrementing submission.
2. Add in a prominent disclosure, which outlines what data (installed application information and other data that app could be taking), why (BranchIO looks like an analytics SDK), and how the data is being treated. Must also provide affirmative consent which uploading of the user data is after user consent.

Step 2: Update your app and submit it for review

1. Read through the [Personal and Sensitive Information] policy and make the appropriate changes to your app.
2. Submit an updated version of your app that is free of the problematic app install attribution behavior. You can consider removing the SDKs in question and working with a different SDK provider.
3. Make sure your app is compliant with the User Data policy and all other [Developer Program Policies] Additional enforcement could occur if there are further policy violations.
4. Sign in to your Play Console and upload the modified, policy compliant APK. Make sure to increment the version number of the APK.
5. Submit your app.

Hey @paradeigm,

I’m pretty sure the issue is right in the message there. Your beta track has an .apk running with branch.

Here’s an exerpt from our blog post:

Please ensure you have put an updated (Branch-less) apk in every release track, not just the production track! (If adding a new build to all release tracks doesn’t resolve this, you may need to delete your prior releases altogether.)

I’d remove that from your beta track and see if that resolves it.