You just downloaded the newest, shiniest contacts management app to your smartphone, linked it to your G Suite account to sync with your Gmail Contacts, and now you’re waiting for your mobile address book to fill with everyone you’ve ever known. Show
Suddenly, all of your contacts are gone from Google and your phone. This happens more than you’d think, and it is largely because too many applications make it easy to set your empty smartphone address book to overwrite your up-to-date Google Contacts list, rather than the other way around. Fortunately, Google Contacts has built-in versioning functionality so you can “roll back” your Gmail Contacts to an earlier state, restoring any lost contacts in mere seconds. Here’s how it works:
You’ll have the option to roll back your entire Gmail Contacts list to any saved state—which is to say, any time you altered the data in your Google Contacts—within the last 30 days. In the case of a full overwrite that deleted all your Gmail Contacts, just roll back to the save point right before you installed the destructive smartphone app. By India Today Web Desk: Contacts, offered by Google, helps people to back up the contacts stored on their phone or SIM card. If someone loses or needs to replace their phone, they can restore these contacts on the new phone. Now, if you want to restore contacts which were saved to your Google Account, there are some simple steps you need to know. Here is the step by step guide to restore your contacts from Google backups. If you save your contacts to your Google Account, they automatically show on your phone after you sign in. You won’t need to restore contacts this way. If needed, these are some steps which can help you to restore your contacts from Google backups. Steps to restore contacts from Google backupsFollow these steps to restore contacts from your Google backups. Step 1: First of all, you have to open your phone's Settings app. Step 2: Then, you need to tap Google. Step 3: Under "Services," you have to tap Restore contacts. Step 4: If you have multiple Google Accounts, to choose which account's contacts to restore, you need to tap From account. Step 5: Then, you have to tap the phone with the contacts to copy. Step 6: If you don’t want to copy contacts from your SIM card or phone storage, you have to turn off SIM card or Device storage. Step 7: Tap Restore, then wait until you see "Contacts restored." Step 8: To avoid duplicates, your phone restores only contacts that it doesn't already have. Your restored contacts also sync to your current Google Account and other devices. Following these steps can help you to restore your contacts from Google backups. Please remember, to restore contacts from other apps, like Outlook or WhatsApp, you’ll need to reinstall those apps. Your innovation is what drives our shared success, but with it comes responsibility. These Developer Program Policies, along with the Developer Distribution Agreement, ensure that together we continue to deliver the world's most innovative and trusted apps to over a billion people through Google Play. We invite you to explore our policies below. Restricted ContentPeople from all over the world use Google Play to access apps and games every day. Before submitting an app, ask yourself if your app is appropriate for Google Play and compliant with local laws. Child EndangermentApps that do not prohibit users from creating, uploading, or distributing content that facilitates the exploitation or abuse of children will be subject to immediate removal from Google Play. This includes all child sexual abuse materials. To report content on a Google product that may exploit a child, click Report abuse. If you find content elsewhere on the internet, please contact the appropriate agency in your country directly. We prohibit the use of apps to endanger children. This includes but is not limited to use of apps to promote predatory behavior towards children, such as:
We will take appropriate action, which may include reporting to the National Center for Missing & Exploited Children, if we become aware of content with child sexual abuse materials. If you believe a child is in danger of or has been subject to abuse, exploitation, or trafficking, please contact your local law enforcement and contact a child safety organization listed here. In addition, apps that appeal to children but contain adult themes are not allowed, including but not limited to:
We also don’t allow apps that promote negative body or self image including apps that depict for entertainment purposes plastic surgery, weight loss, and other cosmetic adjustments to a person's physical appearance. Inappropriate ContentTo ensure that Google Play remains a safe and respectful platform, we've created standards defining and prohibiting content that is harmful or inappropriate for our users. Sexual Content and ProfanityWe don't allow apps that contain or promote sexual content or profanity, including pornography, or any content or services intended to be sexually gratifying. We don’t allow apps or app content that appear to promote a sexual act in exchange for compensation. Content that contains nudity may be allowed if the primary purpose is educational, documentary, scientific or artistic, and is not gratuitous. If an app contains content that violates this policy but that content is deemed appropriate in a particular region, the app may be available to users in that region, but will remain unavailable to users in other regions. Here are some examples of common violations:
Hate SpeechWe don't allow apps that promote violence, or incite hatred against individuals or groups based on race or ethnic origin, religion, disability, age, nationality, veteran status, sexual orientation, gender, gender identity, caste, immigration status, or any other characteristic that is associated with systemic discrimination or marginalization. Apps which contain EDSA (Educational, Documentary, Scientific, or Artistic) content related to Nazis may be blocked in certain countries, in accordance with local laws and regulations. Here are examples of common violations:
ViolenceWe don't allow apps that depict or facilitate gratuitous violence or other dangerous activities. Apps that depict fictional violence in the context of a game, such as cartoons, hunting or fishing, are generally allowed. Here are some examples of common violations:
Terrorist ContentWe do not permit terrorist organizations to publish apps on Google Play for any purpose, including recruitment. We don't allow apps with content related to terrorism, such as content that promotes terrorist acts, incites violence, or celebrates terrorist attacks. If posting content related to terrorism for an educational, documentary, scientific, or artistic purpose, be mindful to provide relevant EDSA context. Dangerous Organizations and MovementsWe do not permit movements or organizations that have engaged in, prepared for, or claimed responsibility for acts of violence against civilians to publish apps on Google Play for any purpose, including recruitment. We don’t allow apps with content related to planning, preparing, or glorifying violence against civilians. If your app includes such content for an EDSA purpose, that content must be provided alongside the relevant EDSA context. Sensitive EventsWe don't allow apps that capitalize on or are insensitive toward a sensitive event with significant social, cultural, or political impact, such as civil emergencies, natural disasters, public health emergencies, conflicts, deaths, or other tragic events. Apps with content related to a sensitive event are generally allowed if that content has EDSA (Educational, Documentary, Scientific, or Artistic) value or intends to alert users to or raise awareness for the sensitive event. Here are examples of common violations:
Bullying and HarassmentWe don't allow apps that contain or facilitate threats, harassment, or bullying. Here are examples of common violations:
Dangerous ProductsWe don't allow apps that facilitate the sale of explosives, firearms, ammunition, or certain firearms accessories.
We don't allow apps that provide instructions for the manufacture of explosives, firearms, ammunition, restricted firearm accessories, or other weapons. This includes instructions on how to convert a firearm to automatic, or simulated automatic, firing capabilities. MarijuanaWe don't allow apps that facilitate the sale of marijuana or marijuana products, regardless of legality. Here are some examples of common violations:
Tobacco and AlcoholWe don't allow apps that facilitate the sale of tobacco (including e-cigarettes and vape pens) or encourage the illegal or inappropriate use of alcohol or tobacco. Here are examples of common violations:
Financial ServicesWe don't allow apps that expose users to deceptive or harmful financial products and services. For the purposes of this policy, we consider financial products and services to be those related to the management or investment of money and cryptocurrencies, including personalized advice. If your app contains or promotes financial products and services, you must comply with state and local regulations for any region or country that your app targets - for example, include specific disclosures required by local law. Binary OptionsWe do not allow apps that provide users with the ability to trade binary options. CryptocurrenciesWe don't allow apps that mine cryptocurrency on devices. We permit apps that remotely manage the mining of cryptocurrency. Personal loansWe define personal loans as lending money from one individual, organization, or entity to an individual consumer on a nonrecurring basis, not for the purpose of financing purchase of a fixed asset or education. Personal loan consumers require information about the quality, features, fees, repayment schedule, risks, and benefits of loan products in order to make informed decisions about whether to undertake the loan.
Apps that provide personal loans, including but not limited to apps which offer loans directly, lead generators, and those who connect consumers with third-party lenders, must have the App Category set to “Finance” in Play Console and disclose the following information in the app metadata:
We do not allow apps that promote personal loans which require repayment in full in 60 days or less from the date the loan is issued (we refer to these as "short-term personal loans"). Effective January 31, 2023 High APR personal loansIn the United States, we do not allow apps for personal loans where the Annual Percentage Rate (APR) is 36% or higher. Apps for personal loans in the United States must display their maximum APR, calculated consistently with the Truth in Lending Act (TILA). This policy applies to apps which offer loans directly, lead generators, and those who connect consumers with third-party lenders. Additional requirements for personal loan apps in India, Indonesia, the Philippines, Nigeria, and Kenya. Personal loan apps in India, Indonesia, the Philippines, Nigeria, and Kenya must complete the additional proof of eligibility requirements below.
Here is an example of a common violation: Real-Money Gambling, Games, and ContestsWe allow real-money gambling apps, ads related to real-money gambling, loyalty programs with gamified outcomes, and daily fantasy sports apps that meet certain requirements. Gambling AppsSubject to restrictions and compliance with all Google Play policies, we allow apps that enable or facilitate online gambling in select countries, as long as the Developer completes the application process for gambling apps being distributed on Google Play, is an approved governmental operator and/or is registered as a licensed operator with the appropriate governmental gambling authority in the specified country, and provides a valid operating license in the specified country for the type of online gambling product they want to offer. We only allow valid licensed or authorized gambling apps that have the following types of online gambling products:
Eligible apps must meet the following requirements:
Other Real-Money Games, Contests, and Tournament AppsFor all other apps which do not meet the eligibility requirements for gambling apps noted above and are not included in the “Other Real-Money Game Pilots” noted below, we don't allow content or services that enable or facilitate users’ ability to wager, stake, or participate using real money (including in-app items purchased with money) to obtain a prize of real world monetary value. This includes but is not limited to, online casinos, sports betting, lotteries, and games that accept money and offer prizes of cash or other real world value (except programs permitted under the Gamified Loyalty Programs requirements described below). Examples of violations
Other Real-Money Game PilotsWe may occasionally conduct limited time pilots for certain types of real money gaming in select regions. For details, refer to this Help Center page. Gamified Loyalty ProgramsWhere permitted by law and not subject to additional gambling or gaming licensing requirements, we allow loyalty programs that reward users with real world prizes or monetary equivalent, subject to the following Play Store eligibility requirements: For all apps (games and non-games):
For Game apps:
For non-Game apps:
Ads for Gambling or Real-Money Games, Contests, and Tournaments within Play-distributed AppsWe allow apps that have ads which promote gambling, real-money games, contests, and tournaments if they meet the following requirements:
Only apps that meet all of these requirements in the section listed above may include ads for gambling or real money games, lotteries, or tournaments. Accepted Gambling Apps (as defined above), or accepted Daily Fantasy Sports Apps (as defined below) which meet requirements 1-6 above, may include ads for gambling or real money games, lotteries, or tournaments. Examples of violations
Daily Fantasy Sports (DFS) AppsWe only allow daily fantasy sports (DFS) apps, as defined by applicable local law, if they meet the following requirements:
Illegal ActivitiesWe don’t allow apps that facilitate or promote illegal activities. Here are some examples of common violations:
User Generated ContentUser-generated content (UGC) is content that users contribute to an app, and which is visible to or accessible by at least a subset of the app's users. Apps that contain or feature UGC, including apps which are specialized browsers or clients to direct users to a UGC platform, must implement robust, effective, and ongoing UGC moderation that:
Incidental Sexual ContentSexual content is considered “incidental” if it appears in a UGC app that (1) provides access to primarily non-sexual content, and (2) does not actively promote or recommend sexual content. Sexual content defined as illegal by applicable law and child endangerment content are not considered “incidental” and are not permitted. UGC apps may contain incidental sexual content if all of the following requirements are met:
Apps whose primary purpose is featuring objectionable UGC will be removed from Google Play. Similarly, apps that end up being used primarily for hosting objectionable UGC, or that develop a reputation among users of being a place where such content thrives, will also be removed from Google Play. Here are some examples of common violations:
Health Content and ServicesWe don't allow apps that expose users to harmful health content and services. If your app contains or promotes health content and services, you must ensure your app is compliant with any applicable laws and regulations. Prescription DrugsWe do not allow apps that facilitate the sale or purchase of prescription drugs without a prescription. Unapproved SubstancesGoogle Play doesn't allow apps that promote or sell unapproved substances, irrespective of any claims of legality. Here are some examples of common violations:
For additional information on the unapproved or misleading pharmaceuticals and supplements that we monitor, please visit www.legitscript.com. Health MisinformationWe don’t allow apps containing misleading health claims that contradict existing medical consensus, or can cause harm to users. Here are some examples of common violations:
COVID-19 RestrictionsApps must follow the Requirements for coronavirus disease 2019 (COVID-19) apps article. Medical FunctionalitiesWe don’t allow apps that feature medical or health-related functionalities that are misleading or potentially harmful. For example, we do not allow apps that claim to have oximetry functionality that is solely app-based. Oximeter apps must be supported by external hardware, wearable, or dedicated smartphone sensors designed to support oximetry functionality. These supported apps must also contain disclaimers in the metadata stating that they are not intended for medical use, are only designed for general fitness and wellness purposes, are not a medical device, and must properly disclose the compatible hardware model/device model. Payments - Clinical ServicesTransactions involving regulated clinical services should not use Google Play’s billing system. For more information, see Understanding Google Play’s Payments policy. Health Connect DataData accessed through Health Connect Permissions is regarded as personal and sensitive user data subject to the User Data policy, and is subjected to additional requirements. Intellectual PropertyWe don’t allow apps or developer accounts that infringe on the intellectual property rights of others (including trademark, copyright, patent, trade secret, and other proprietary rights). We also don’t allow apps that encourage or induce infringement of intellectual property rights. We will respond to clear notices of alleged copyright infringement. For more information or to file a DMCA request, please visit our copyright procedures. To submit a complaint regarding the sale or promotion for sale of counterfeit goods within an app, please submit a counterfeit notice. If you are a trademark owner and you believe there is an app on Google Play that infringes on your trademark rights, we encourage you to reach out to the developer directly to resolve your concern. If you are unable to reach a resolution with the developer, please submit a trademark complaint through this form. If you have written documentation proving that you have permission to use a third party's intellectual property in your app or store listing (such as brand names, logos and graphic assets), contact the Google Play team in advance of your submission to ensure that your app is not rejected for an intellectual property violation. Unauthorized Use of Copyrighted ContentWe don’t allow apps that infringe copyright. Modifying copyrighted content may still lead to a violation. Developers may be required to provide evidence of their rights to use copyrighted content. Please be careful when using copyrighted content to demonstrate the functionality of your app. In general, the safest approach is to create something that’s original. Here are some examples of common violations:
Encouraging Infringement of CopyrightWe don’t allow apps that induce or encourage copyright infringement. Before you publish your app, look for ways your app may be encouraging copyright infringement and get legal advice if necessary. Here are some examples of common violations:
Trademark InfringementWe don’t allow apps that infringe on others’ trademarks. A trademark is a word, symbol, or combination that identifies the source of a good or service. Once acquired, a trademark gives the owner exclusive rights to the trademark usage with respect to certain goods or services. Trademark infringement is improper or unauthorized use of an identical or similar trademark in a way that is likely to cause confusion as to the source of that product. If your app uses another party’s trademarks in a way that is likely to cause confusion, your app may be suspended. CounterfeitWe don't allow apps that sell or promote for sale counterfeit goods. Counterfeit goods contain a trademark or logo that is identical to or substantially indistinguishable from the trademark of another. They mimic the brand features of the product in an attempt to pass themselves off as a genuine product of the brand owner. Privacy, Deception and Device AbuseWe’re committed to protecting user privacy and providing a safe and secure environment for our users. Apps that are deceptive, malicious, or intended to abuse or misuse any network, device, or personal data are strictly prohibited. User DataYou must be transparent in how you handle user data (for example, information collected from or about a user, including device information). That means disclosing the access, collection, use, handling, and sharing of user data from your app, and limiting the use of the data to the policy compliant purposes disclosed. Please be aware that any handling of personal and sensitive user data is also subject to additional requirements in the "Personal and Sensitive User Data" section below. These Google Play requirements are in addition to any requirements prescribed by applicable privacy and data protection laws. If you include third party code (for example, an SDK) in your app, you must ensure that the third party code used in your app, and that third party’s practices with respect to user data from your app, are compliant with Google Play Developer Program policies, which include use and disclosure requirements. For example, you must ensure that your SDK providers do not sell personal and sensitive user data from your app. This requirement applies regardless of whether user data is transferred after being sent to a server, or by embedding third-party code in your app. Personal and Sensitive User DataPersonal and sensitive user data includes, but isn't limited to, personally identifiable information, financial and payment information, authentication information, phonebook, contacts, device location, SMS and call related data, health data, Health Connect data, inventory of other apps on the device, microphone, camera, and other sensitive device or usage data. If your app handles personal and sensitive user data, then you must:
Prominent Disclosure & Consent RequirementIn cases where your app’s access, collection, use, or sharing of personal and sensitive user data may not be within the reasonable expectation of the user of the product or feature in question (for example, if data collection occurs in the background when the user is not engaging with your app), you must meet the following requirements: Prominent disclosure: You must provide an in-app disclosure of your data access, collection, use, and sharing. The in-app disclosure:
Consent and runtime permissions: Requests for in-app user consent and runtime permission requests must be immediately preceded by an in-app disclosure that meets the requirement of this policy. The app's request for consent:
Apps that rely on other legal bases to process personal and sensitive user data without consent, such as a legitimate interest under the EU GDPR, must comply with all applicable legal requirements and provide appropriate disclosures to the users, including in-app disclosures as required under this policy. To meet policy requirements, it’s recommended that you reference the following example format for Prominent Disclosure when it’s required:
If your app integrates third party code (for example, an SDK) that is designed to collect personal and sensitive user data by default, you must, within 2 weeks of receipt of a request from Google Play (or, if Google Play’s request provides for a longer time period, within that time period), provide sufficient evidence demonstrating that your app meets the Prominent Disclosure and Consent requirements of this policy, including with regard to the data access, collection, use, or sharing via the third party code. Here are some examples of common violations:
Refer to this article for more information on the Prominent Disclosure and Consent requirement. Restrictions for Personal and Sensitive Data AccessIn addition to the requirements above, the table below describes requirements for specific activities. Activity RequirementYour app handles financial or payment information or government identification numbersYour app must never publicly disclose any personal and sensitive user data related to financial or payment activities or any government identification numbers.Your app handles non-public phonebook or contact informationWe don't allow unauthorized publishing or disclosure of people's non-public contacts.Your app contains anti-virus or security functionality, such as anti-virus, anti-malware, or security-related featuresYour app must post a privacy policy that, together with any in-app disclosures, explain what user data your app collects and transmits, how it's used, and the type of parties with whom it's shared.Your app targets childrenYour app must not include an SDK that is not approved for use in child-directed services. See Designing Apps for Children and Families for full policy language and requirements. Your app collects or links persistent device identifiers (e.g., IMEI, IMSI, SIM Serial #, etc.)Persistent device identifiers may not be linked to other personal and sensitive user data or resettable device identifiers except for the purposes of
These uses must be prominently disclosed to users as specified in the User Data Policy. Please consult this resource for alternative unique identifiers. Please read the Ads policy for additional guidelines for Android Advertising ID.Data safety sectionAll developers must complete a clear and accurate Data safety section for every app detailing collection, use, and sharing of user data. The developer is responsible for the accuracy of the label and keeping this information up-to-date. Where relevant, the section must be consistent with the disclosures made in the app’s privacy policy. Please refer to this article for additional information on completing the Data safety section. Privacy PolicyAll apps must post a privacy policy link in the designated field within Play Console, and a privacy policy link or text within the app itself. The privacy policy must, together with any in-app disclosures, comprehensively disclose how your app accesses, collects, uses, and shares user data, not limited by the data disclosed in the privacy label. This must include:
The entity (for example, developer, company) named in the app’s Google Play store listing must appear in the privacy policy or the app must be named in the privacy policy. Apps that do not access any personal and sensitive user data must still submit a privacy policy. Please make sure your privacy policy is available on an active, publicly accessible and non-geofenced URL (no PDFs) and is non-editable. Usage of App Set IDAndroid will introduce a new ID to support essential use cases such as analytics and fraud prevention. Terms for the use of this ID are below.
EU-U.S., Swiss Privacy ShieldIf you access, use, or process personal information made available by Google that directly or indirectly identifies an individual and that originated in the European Union or Switzerland (“EU Personal Information”), then you must:
You must monitor your compliance with these conditions on a regular basis. If, at any time, you cannot meet these conditions (or if there is a significant risk that you will not be able to meet them), you must immediately notify us by email to [email protected] and immediately either stop processing EU Personal Information or take reasonable and appropriate steps to restore an adequate level of protection. As of July 16, 2020, Google no longer relies on the EU-U.S. Privacy Shield to transfer personal data that originated in the European Economic Area or the UK to the United States. (Learn More.) More information is set forth in Section 9 of the DDA. Permissions and APIs that Access Sensitive InformationRequests for permission and APIs that access sensitive information should make sense to users. You may only request permissions and APIs that access sensitive information that are necessary to implement current features or services in your app that are promoted in your Google Play listing. You may not use permissions or APIs that access sensitive information that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes. Personal or sensitive data accessed through permissions or APIs that access sensitive information may never be sold nor shared for a purpose facilitating sale. Request permissions and APIs that access sensitive information to access data in context (via incremental requests), so that users understand why your app is requesting the permission. Use the data only for purposes that the user has consented to. If you later wish to use the data for other purposes, you must ask users and make sure they affirmatively agree to the additional uses. Restricted PermissionsIn addition to the above, restricted permissions are permissions that are designated as Dangerous, Special, Signature, or as documented below. These permissions are subject to the following additional requirements and restrictions:
Certain Restricted Permissions may be subject to additional requirements as detailed below. The objective of these restrictions is to safeguard user privacy. We may make limited exceptions to the requirements below in very rare cases where apps provide a highly compelling or critical feature and where there is no alternative method available to provide the feature. We evaluate proposed exceptions against the potential privacy or security impacts on users. SMS and Call Log PermissionsSMS and Call Log Permissions are regarded as personal and sensitive user data subject to the Personal and Sensitive Information policy, and the following restrictions: Restricted PermissionRequirementCall Log permission group (e.g. READ_CALL_LOG, WRITE_CALL_LOG, PROCESS_OUTGOING_CALLS)It must be actively registered as the default Phone or Assistant handler on the device.SMS permission group (e.g. READ_SMS, SEND_SMS, WRITE_SMS, RECEIVE_SMS, RECEIVE_WAP_PUSH, RECEIVE_MMS)It must be actively registered as the default SMS or Assistant handler on the device.
Apps lacking default SMS, Phone, or Assistant handler capability may not declare use of the above permissions in the manifest. This includes placeholder text in the manifest. Additionally, apps must be actively registered as the default SMS, Phone, or Assistant handler before prompting users to accept any of the above permissions and must immediately stop using the permission when they’re no longer the default handler. The permitted uses and exceptions are available on this Help Center page. Apps may only use the permission (and any data derived from the permission) to provide approved core app functionality Core functionality is defined as the main purpose of the app. This may include a set of core features, which must all be prominently documented and promoted in the app’s description. Without the core feature(s), the app is “broken” or rendered unusable. The transfer, sharing, or licensed use of this data must only be for providing core features or services within the app, and its use may not be extended for any other purpose (e.g., improving other apps or services, advertising, or marketing purposes). You may not use alternative methods (including other permissions, APIs, or third-party sources) to derive data attributed to Call Log or SMS related permissions. Location PermissionsDevice location is regarded as personal and sensitive user data subject to the Personal and Sensitive Information policy and the Background Location policy, and the following requirements:
Apps are allowed to access location using foreground service (when the app only has foreground access e.g., "while in use") permission if the use:
Apps designed specifically for children must comply with the Designed for Families policy. For more information on the policy requirements, please see this help article. All Files Access PermissionFiles and directory attributes on a user’s device are regarded as personal and sensitive user data subject to the Personal and Sensitive Information policy and the following requirements:
Package (App) Visibility PermissionThe inventory of installed apps queried from a device are regarded as personal and sensitive user data subject to the Personal and Sensitive Information policy, and the following requirements: Apps that have a core purpose to launch, search, or interoperate with other apps on the device, may obtain scope-appropriate visibility to other installed apps on the device as outlined below:
App inventory data queried from Play-distributed apps may never be sold nor shared for analytics or ads monetization purposes. Accessibility APIThe Accessibility API cannot be used to:
The Accessibility API is not designed and cannot be requested for remote call audio recording. The use of the Accessibility API must be documented in the Google Play listing. Guidelines for IsAccessibilityToolApps with a core functionality intended to directly support people with disabilities are eligible to use the IsAccessibilityTool to appropriately publicly designate themselves as an accessibility app. Apps not eligible for IsAccessibilityTool may not use the flag and must meet prominent disclosure and consent requirements as outlined in the User Data policy as the accessibility related functionality is not obvious to the user. Please refer to the AccessibilityService API help center article for more information. Apps must use more narrowly scoped APIs and permissions in lieu of the Accessibility API when possible to achieve the desired functionality. Request Install Packages PermissionThe REQUEST_INSTALL_PACKAGES permission allows an application to request the installation of app packages. To use this permission, your app’s core functionality must include:
Permitted functionalities include:
Core functionality is defined as the main purpose of the app. The core functionality, as well as any core features that comprise this core functionality, must all be prominently documented and promoted in the app's description. The REQUEST_INSTALL_PACKAGES permission may not be used to perform self updates, modifications, or the bundling of other APKs in the asset file unless for device management purposes. All updates or installing of packages must abide by Google Play’s Device and Network Abuse policy and must be initiated and driven by the user.Health Connect by Android PermissionsData accessed through Health Connect Permissions is regarded as personal and sensitive user data subject to the User Data policy, and the following additional requirements: Appropriate Access to and Use of Health ConnectRequests to access data through Health Connect must be clear and understandable. Health Connect may only be used in accordance with the applicable policies, terms and conditions, and for approved use cases as set forth in this policy. This means you may only request access to permissions when your application or service meets one of the approved use cases. Approved use cases for access to Health Connect Permissions are:
Health Connect is a general purpose data storage and sharing platform that allows users to aggregate health and fitness data from various sources on their Android device and share it with third parties at their election. The data may originate from various sources as determined by the users. Developers must assess whether Health Connect is appropriate for their intended use and to investigate and vet the source and quality of any data from Health Connect in connection with any purpose, and, in particular, for research, health, or medical uses.
Limited UseUpon using Health Connect for an appropriate use, your use of the data accessed through Health Connect must also comply with the below requirements. These requirements apply to the raw data obtained from Health Connect, and data aggregated, de-identified, or derived from the raw data.
All other transfers, uses, or sale of Health Connect data is prohibited, including:
Access to Health Connect may not be used in violation of this policy or other applicable Health Connect terms and conditions or policies, including for the following purposes:
An affirmative statement that your use of Health Connect data complies with Limited Use restrictions must be disclosed in your application or on a website belonging to your web-service or application; for example, a link on a homepage to a dedicated page or privacy policy noting: “The use of information received from Health Connect will adhere to the Health Connect Permissions policy, including the Limited Use requirements.” Minimum ScopeYou may only request access to permissions that are critical to implementing your application or service's functionality. This means:
Transparent and Accurate Notice and ControlHealth Connect handles health and fitness data, which includes personal and sensitive information. All applications and services must contain a privacy policy, which must comprehensively disclose how your application or service collects, uses, and shares user data. This includes the types of parties to which any user data is shared, how you use the data, how you store and secure the data, and what happens to the data when an account is deactivated and/or deleted. In addition to the requirements under applicable law, you must also adhere to the following requirements:
Secure Data HandlingYou must handle all user data securely. Take reasonable and appropriate steps to protect all applications or systems that make use of Health Connect against unauthorized or unlawful access, use, destruction, loss, alteration, or disclosure. Recommended security practices include implementing and maintaining an Information Security Management System such as outlined in ISO/IEC 27001 and ensuring your application or web service is robust and free from common security issues as set out by the OWASP Top 10. Depending on the API being accessed and number of user grants or users, we will require that your application or service undergo a periodic security assessment and obtain a Letter of Assessment from a designated third party if your product transfers data off the user's own device. For more information on requirements for apps connecting to Health Connect, please see this help article.VPN ServiceThe VpnService is a base class for applications to extend and build their own VPN solutions. Only apps that use the VpnService and have VPN as their core functionality can create a secure device-level tunnel to a remote server. Exceptions include apps that require a remote server for core functionality such as:
The VpnService cannot be used to:
Apps that use the VpnService must:
Effective July 31, 2023 Exact Alarm PermissionA new permission, USE_EXACT_ALARM, will be introduced that will grant access to exact alarm functionality in apps starting with Android 13 (API target level 33). USE_EXACT_ALARM is a restricted permission and apps must only declare this permission if their core functionality supports the need for an exact alarm. Apps that request this restricted permission are subject to review, and those that do not meet the acceptable use case criteria will be disallowed from publishing on Google Play. Acceptable use cases for using the Exact Alarm Permission Your app must use the USE_EXACT_ALARM functionality only when your app’s core, user facing functionality requires precisely-timed actions, such as:
If you have a use case for exact alarm functionality that’s not covered above, you should evaluate if using SCHEDULE_EXACT_ALARM as an alternative is an option. For more information on exact alarm functionality, please see this developer guidance.Device and Network AbuseWe don’t allow apps that interfere with, disrupt, damage, or access in an unauthorized manner the user’s device, other devices or computers, servers, networks, application programming interfaces (APIs), or services, including but not limited to other apps on the device, any Google service, or an authorized carrier’s network. Apps on Google Play must comply with the default Android system optimization requirements documented in the Core App Quality guidelines for Google Play. An app distributed via Google Play may not modify, replace, or update itself using any method other than Google Play's update mechanism. Likewise, an app may not download executable code (e.g., dex, JAR, .so files) from a source other than Google Play. This restriction does not apply to code that runs in a virtual machine or an interpreter where either provides indirect access to Android APIs (such as JavaScript in a webview or browser). Apps or third-party code (e.g., SDKs) with interpreted languages (JavaScript, Python, Lua, etc.) loaded at run time (e.g., not packaged with the app) must not allow potential violations of Google Play policies. We don’t allow code that introduces or exploits security vulnerabilities. Check out the App Security Improvement Program to find out about the most recent security issues flagged to developers. Flag Secure RequirementsFLAG_SECURE is a display flag declared in an app’s code to indicate that its UI contains sensitive data intended to be limited to a secure surface while using the app. This flag is designed to prevent the data from appearing in screenshots or from being viewed on non-secure displays. Developers declare this flag when the app’s content should not be broadcast, viewed, or otherwise transmitted outside of the app or users’ device. For security and privacy purposes, all apps distributed on Google Play are required to respect the FLAG_SECURE declaration of other apps. Meaning, apps must not facilitate or create workarounds to bypass the FLAG_SECURE settings in other apps. Apps that qualify as an Accessibility Tool are exempt from this requirement, as long as they do not transmit, save, or cache FLAG_SECURE protected content for access outside of the user's device.Here are some examples of common violations:
Deceptive BehaviorWe don't allow apps that attempt to deceive users or enable dishonest behavior including but not limited to apps which are determined to be functionally impossible. Apps must provide an accurate disclosure, description and images/video of their functionality in all parts of the metadata. Apps must not attempt to mimic functionality or warnings from the operating system or other apps. Any changes to device settings must be made with the user's knowledge and consent and be reversible by the user. Misleading ClaimsWe don’t allow apps that contain false or misleading information or claims, including in the description, title, icon, and screenshots. Here are some examples of common violations:
(1) This app features medical or health-related claims (Cure Cancer) that is misleading. Deceptive Device Settings ChangesWe don’t allow apps that make changes to the user’s device settings or features outside of the app without the user’s knowledge and consent. Device settings and features include system and browser settings, bookmarks, shortcuts, icons, widgets, and the presentation of apps on the homescreen. Additionally, we do not allow:
Enabling Dishonest BehaviorWe don't allow apps that help users to mislead others or are functionally deceptive in any way, including, but not limited to: apps that generate or facilitate the generation of ID cards, social security numbers, passports, diplomas, credit cards, bank accounts, and driver's licenses. Apps must provide accurate disclosures, titles, descriptions, and images/video regarding the app's functionality and/or content and should perform as reasonably and accurately expected by the user. Additional app resources (for example, game assets) may only be downloaded if they are necessary for the users' use of the app. Downloaded resources must be compliant with all Google Play policies, and before beginning the download, the app should prompt users and clearly disclose the download size. Any claim that an app is a "prank", "for entertainment purposes" (or other synonym) does not exempt an app from application of our policies. Here are some examples of common violations:
Manipulated MediaWe don't allow apps that promote or help create false or misleading information or claims conveyed through imagery, videos and/or text. We disallow apps determined to promote or perpetuate demonstrably misleading or deceptive imagery, videos and/or text, which may cause harm pertaining to a sensitive event, politics, social issues, or other matters of public concern. Apps that manipulate or alter media, beyond conventional and editorially acceptable adjustments for clarity or quality, must prominently disclose or watermark altered media when it may not be clear to the average person that the media has been altered. Exceptions may be provided for public interest or obvious satire or parody. Here are some examples of common violations:
MisrepresentationWe do not allow apps or developer accounts that:
Google Play's Target API Level PolicyTo provide users with a safe and secure experience, Google Play requires the following target API levels for all apps: New apps and app updates MUST target an Android API level within one year of the latest major Android version release. New apps and app updates that fail to meet this requirement will be prevented from app submission in Play Console. Existing Google Play apps that are not updated and that do not target an API level within two years of the latest major Android version release, will not be available to new users with devices running newer versions of Android OS. Users who have previously installed the app from Google Play will continue to be able to discover, re-install, and use the app on any Android OS version that the app supports. For technical advice on how to meet the target API level requirement, please consult the migration guide. For exact timelines and exceptions, please refer to this Help Center article.MalwareOur Malware policy is simple, the Android ecosystem including the Google Play Store, and user devices should be free from malicious behaviors (i.e. malware). Through this fundamental principle we strive to provide a safe Android ecosystem for our users and their Android devices. Malware is any code that could put a user, a user's data, or a device at risk. Malware includes, but is not limited to, Potentially Harmful Applications (PHAs), binaries, or framework modifications, consisting of categories such as trojans, phishing, and spyware apps, and we are continuously updating and adding new categories. Though varied in type and capabilities, malware usually has one of the following objectives:
An app, binary, or framework modification can be potentially harmful, and therefore can generate malicious behavior, even if wasn't intended to be harmful. This is because apps, binaries, or framework modifications can function differently depending on a variety of variables. Therefore, what is harmful to one Android device might not pose a risk at all to another Android device. For example, a device running the latest version of Android is not affected by harmful apps which use deprecated APIs to perform malicious behavior but a device that is still running a very early version of Android might be at risk. Apps, binaries, or framework modifications are flagged as malware or PHA if they clearly pose a risk to some or all Android devices and users. The malware categories, below, reflect our foundational belief that users should understand how their device is being leveraged and promote a secure ecosystem that enables robust innovation and a trusted user experience. Visit Google Play Protect for more information. BackdoorsCode that allows the execution of unwanted, potentially harmful, remote-controlled operations on a device. These operations may include behavior that would place the app, binary, or framework modification into one of the other malware categories if executed automatically. In general, backdoor is a description of how a potentially harmful operation can occur on a device and is therefore not completely aligned with categories like billing fraud or commercial spyware. As a result, a subset of backdoors, under some circumstances, are treated by Google Play Protect as a vulnerability. Billing FraudCode that automatically charges the user in an intentionally deceptive way. Mobile billing fraud is divided into SMS fraud, Call fraud, and Toll fraud. SMS Fraud Some code, even though they technically disclose SMS sending behavior, introduce additional behavior that accommodates SMS fraud. Examples include hiding parts of a disclosure agreement from the user, making them unreadable, and conditionally suppressing SMS messages from the mobile operator informing the user of charges or confirming a subscription. Call Fraud Toll Fraud Toll Fraud includes any type of billing except premium SMS and premium calls. Examples of this include direct carrier billing, wireless access point (WAP), and mobile airtime transfer. WAP fraud is one of the most prevalent types of Toll fraud. WAP fraud can include tricking users to click a button on a silently loaded, transparent WebView. Upon performing the action, a recurring subscription is initiated, and the confirmation SMS or email is often hijacked to prevent users from noticing the financial transaction. Effective February 15, 2023 StalkerwareCode that collects personal or sensitive user data from a device and transmits the data to a third party (enterprise or another individual) for monitoring purposes. Apps must provide adequate prominent disclosure and obtain consent as required by the User Data policy. Guidelines for Monitoring Applications Apps exclusively designed and marketed for monitoring another individual, for example parents to monitor their children or enterprise management for the monitoring of individual employees, provided they fully comply with the requirements described below are the only acceptable monitoring apps. These apps cannot be used to track anyone else (a spouse, for example) even with their knowledge and permission, regardless if persistent notification is displayed. These apps must use the IsMonitoringTool metadata flag in their manifest file to appropriately designate themselves as monitoring apps. Monitoring apps must comply with these requirements:
Denial of Service (DoS)Code that, without the knowledge of the user, executes a denial-of-service (DoS) attack or is a part of a distributed DoS attack against other systems and resources. For example, this can happen by sending a high volume of HTTP requests to produce excessive load on remote servers. Hostile DownloadersCode that isn't in itself potentially harmful, but downloads other PHAs. Code may be a hostile downloader if:
Major browsers and file-sharing apps aren't considered hostile downloaders as long as:
Non-Android ThreatCode that contains non-Android threats. These apps can't cause harm to the Android user or device, but contain components that are potentially harmful to other platforms. PhishingCode that pretends to come from a trustworthy source, requests a user's authentication credentials or billing information, and sends the data to a third-party. This category also applies to code that intercept the transmission of user credentials in transit. Common targets of phishing include banking credentials, credit card numbers, and online account credentials for social networks and games. Elevated Privilege AbuseCode that compromises the integrity of the system by breaking the app sandbox, gaining elevated privileges, or changing or disabling access to core security-related functions. Examples include:
Privilege escalation apps that root devices without user permission are classified as rooting apps. RansomwareCode that takes partial or extensive control of a device or data on a device and demands that the user make a payment or perform an action to release control. Some ransomware encrypts data on the device and demands payment to decrypt the data and/or leverage the device admin features so that it can't be removed by a typical user. Examples include:
Code distributed with the device whose primary purpose is for subsidized device management may be excluded from the ransomware category provided they successfully meet requirements for secure lock and management, and adequate user disclosure and consent requirements. RootingCode that roots the device. There's a difference between non-malicious and malicious rooting code. For example, non-malicious rooting apps let the user know in advance that they're going to root the device and they don't execute other potentially harmful actions that apply to other PHA categories. Malicious rooting apps don't inform the user that they're going to root the device, or they inform the user about the rooting in advance but also execute other actions that apply to other PHA categories. SpamCode that sends unsolicited messages to the user's contacts or uses the device as an email spam relay. SpywareCode that transmits personal data off the device without adequate notice or consent. For example, transmitting any of the following information without disclosures or in a manner that is unexpected to the user is sufficient to be considered spyware:
Behaviors that can be considered as spying on the user can also be flagged as spyware. For example, recording audio or recording calls made to the phone, or stealing app data. TrojanCode that appears to be benign, such as a game that claims only to be a game, but that performs undesirable actions against the user. This classification is usually used in combination with other PHA categories. A trojan has an innocuous component and a hidden harmful component. For example, a game that sends premium SMS messages from the user's device in the background and without the user’s knowledge. A Note on Uncommon AppsNew and rare apps can be classified as uncommon if Google Play Protect doesn't have enough information to clear them as safe. This doesn't mean the app is necessarily harmful, but without further review it can't be cleared as safe either. A Note on the Backdoor CategoryThe backdoor malware category classification relies on how the code acts. A necessary condition for any code to be classified as a backdoor is that it enables behavior that would place the code into one of the other malware categories if executed automatically. For example, if an app allows dynamic code loading and the dynamically loaded code is extracting text messages, it will be classified as a backdoor malware. However, if an app allows arbitrary code execution and we don’t have any reason to believe that this code execution was added to perform a malicious behaviour then the app will be treated as having a vulnerability, rather than being backdoor malware, and the developer will be asked to patch it. ImpersonationWe don’t allow apps that mislead users by impersonating someone else (for example, another developer, company, entity) or another app. Don’t imply that your app is related to or authorized by someone that it isn’t. Be careful not to use app icons, descriptions, titles, or in-app elements that could mislead users about your app’s relationship to someone else or another app. Here are some examples of common violations:
Mobile Unwanted SoftwareAt Google, we believe that if we focus on the user, all else will follow. In our Software Principles and the Unwanted Software Policy, we provide general recommendations for software that delivers a great user experience. This policy builds on the Google Unwanted Software Policy by outlining principles for the Android ecosystem and the Google Play Store. Software that violates these principles is potentially harmful to the user experience, and we will take steps to protect users from it. As mentioned in the Unwanted Software Policy, we’ve found that most unwanted software displays one or more of the same basic characteristics:
On mobile devices, software is code in the form of an app, binary, framework modification, etc. In order to prevent software that is harmful to the software ecosystem or disruptive to the user experience we will take action on code that violates these principles. Below, we build on the Unwanted Software Policy to extend its applicability to mobile software. As with that policy, we will continue to refine this Mobile Unwanted Software policy to address new types of abuse. Transparent behavior and clear disclosures All code should deliver on promises made to the user. Apps should provide all communicated functionality. Apps should not confuse users.
Example violations:
Protect user data Be clear and transparent about the access, use, collection, and sharing of personal and sensitive user data. Uses of user data in must adhere to all relevant User Data Policies, where applicable, and take all precautions to protect the data.
Example violations:
Example User Data Policies:
Do not harm the mobile experience The user experience should be straightforward, easy-to-understand, and based on clear choices made by the user. It should present a clear value proposition to the user and not disrupt the advertised or desired user experience.
Example violations:
Hostile DownloadersCode that isn't in itself unwanted software, but downloads other mobile unwanted software (MUwS). Code may be a hostile downloader if:
Major browsers and file-sharing apps aren't considered hostile downloaders as long as:
Ad FraudAd fraud is strictly prohibited. Ad interactions generated for the purpose of tricking an ad network into believing traffic is from authentic user interest is ad fraud, which is a form of invalid traffic. Ad fraud may be the byproduct of developers implementing ads in disallowed ways, such as showing hidden ads, automatically clicking ads, altering or modifying information and otherwise leveraging non-human actions (spiders, bots, etc.) or human activity designed to produce invalid ad traffic. Invalid traffic and ad fraud is harmful to advertisers, developers, and users, and leads to long-term loss of trust in the mobile Ads ecosystem. Here are some examples of common violations:
Unauthorized Use or Imitation of System FunctionalityWe don’t allow apps or ads that mimic or interfere with system functionality, such as notifications or warnings. System level notifications may only be used for an app’s integral features, such as an airline app that notifies users of special deals, or a game that notifies users of in-game promotions. Here are some examples of common violations:
For additional examples involving ads, please refer to the Ads policy.
Social EngineeringWe do not allow apps that pretend to be another app with the intention of deceiving users into performing actions that the user intended for the original trusted app. Monetization and AdsGoogle Play supports a variety of monetization strategies to benefit developers and users, including paid distribution, in-app products, subscriptions, and ad-based models. To ensure the best user experience, we require you to comply with these policies. Payments
Note: To view timelines and frequently asked questions regarding this policy, please visit our Help Center. AdsWe don’t allow apps that contain deceptive or disruptive ads. Ads must only be displayed within the app serving them. We consider ads and their associated offers served in your app as part of your app. The ads shown in your app must be compliant with all our policies. For policies on gambling ads, please click here. Use of Location Data for AdsApps that extend usage of permission based device location data for serving ads are subject to the Personal and Sensitive Information policy, and must also comply with the following requirements:
Effective January 31, 2023 Deceptive AdsAds must not simulate or impersonate the user interface of any app feature, such as notifications or warning elements of an operating system. It must be clear to the user which app is serving each ad. Here are some examples of common violations:
Lockscreen MonetizationUnless the exclusive purpose of the app is that of a lockscreen, apps may not introduce ads or features that monetize the locked display of a device. Disruptive AdsDisruptive ads are ads that are displayed to users in unexpected ways, that may result in inadvertent clicks, or impairing or interfering with the usability of device functions. Your app cannot force a user to click an ad or submit personal information for advertising purposes before they can fully use an app. Interstitial ads may only be displayed inside of the app serving them. If your app displays interstitial ads or other ads that interfere with normal use, they must be easily dismissible without penalty. Here are some examples of common violations:
Interfering with Apps, Third-party Ads, or Device FunctionalityAds associated with your app must not interfere with other apps, ads, or the operation of the device, including system or device buttons and ports. This includes overlays, companion functionality, and widgetized ad units. Ads must only be displayed within the app serving them. Here are some examples of common violations:
Inappropriate AdsThe ads and their associated offers (for example, the ad is promoting the download of another app) shown within your app must be appropriate for the content rating of your app, even if the content by itself is otherwise compliant with our policies. Here is an example of a common violation: ① This ad is inappropriate (Teen) for the content rating of the app (Everyone) Usage of Android Advertising IDGoogle Play Services version 4.0 introduced new APIs and an ID for use by advertising and analytics providers. Terms for the use of this ID are below.
Better Ads ExperiencesDevelopers are required to comply with the following ads guidelines to ensure high quality experiences for users when they are using Google Play apps. Your ads may not be shown in the following unexpected ways for users:
This policy does not apply to rewarded ads which are explicitly opted-in by users (for example, an ad that developers explicitly offer a user to watch in exchange for unlocking a specific game feature or a piece of content). This policy also does not apply to monetization and advertising that does not interfere with normal app use or game play (for example, video content with integrated ads, non-full screen banner ads). These guidelines are inspired by the Better Ads Standards - Mobile Apps Experiences guidelines. For more information on Better Ads Standards, please refer to Coalition of Better Ads.Here are some examples of common violations:
SubscriptionsYou, as a developer, must not mislead users about any subscription services or content you offer within your app. It is critical to communicate clearly in any in-app promotions or splash screens. We do not allow apps that subject users to deceptive or manipulative purchase experiences (including in-app purchases or subscriptions). You must be transparent about your offer. This includes being explicit about your offer terms, the cost of your subscription, the frequency of your billing cycle, and whether a subscription is required to use the app. Users should not have to perform any additional action to review the information. Subscriptions must provide sustained or recurring value to users throughout the life of the subscription, and may not be used to offer what are effectively one-time benefits to users (for example, SKUs that provide lump sum in-app credits/currency, or single-use game boosters). Your subscription may offer incentive or promotional bonuses, but these must be complementary to the sustained or recurring value provided throughout the life of the subscription. Products that do not offer sustained and recurring value must use an in-app product instead of a subscription product. You may not disguise or mischaracterize one-time benefits to users as subscriptions. This includes the modification of a subscription to turn it into a one-time offering (for example, canceling, deprecating, or minimizing recurring value) after the user has purchased the subscription. Here are some examples of common violations:
Example 1: ① Dismiss button is not clearly visible and users may not understand that they can access functionality without accepting the subscription offer. ② Offer only displays pricing in terms of monthly cost and users may not understand that they will be charged a six month price at the time they subscribe. ③ Offer only shows the introductory price and users may not understand what they will automatically be charged at the end of the introductory period. ④ Offer should be localized in the same language as the terms and conditions so that users can understand the entire offer.
Example 2: ① Recurring clicks in the same button area causes the user to inadvertently click the final “continue” button to subscribe. ② The amount that users will be charged at the end of the trial is hard to read, such that users may think the plan is free Free Trials & Introductory OffersBefore a user is enrolled in your subscription: You must clearly and accurately describe the terms of your offer, including the duration, pricing, and description of accessible content or services. Be sure to let your users know how and when a free trial will convert to a paid subscription, how much the paid subscription will cost, and that a user can cancel if they do not want to convert to a paid subscription. Here are some examples of common violations:
① Dismiss button is not clearly visible and users may not understand that they can access functionality without signing up for the free trial. ② Offer emphasizes the free trial and users may not understand that they will automatically be charged at the end of the trial. ③ Offer does not state a trial period and users may not understand how long their free access to subscription content will last. ④ Offer should be localized in the same language as the terms and conditions so that users can understand the entire offer. Subscription Management, Cancellation & RefundsIf you sell subscriptions in your app(s), you must ensure that your app(s) clearly disclose how a user can manage or cancel their subscription. You must also include in your app access to an easy-to-use, online method to cancel the subscription. In your app’s account settings (or equivalent page), you can satisfy this requirement by including:
If a user cancels a subscription purchased through Google Play’s billing system, our general policy is that the user will not receive a refund for the current billing period, but will continue to receive their subscription content for the remainder of the current billing period, regardless of the cancellation date. The user's cancellation goes into effect after the current billing period has passed. You (as the content or access provider) may implement a more flexible refund policy with your users directly. It is your responsibility to notify your users of any changes to your subscription, cancellation and refund policies and ensure that the policies comply with applicable law. Effective May 31, 2023 Families Self-Certified Ads SDK ProgramIf you serve ads in your app, and the target audience for your app only includes children as described in the Families Policy, then you must only use ads SDK versions that have self-certified compliance with Google Play policies, including the Families Self-Certified Ads SDK requirements below. If the target audience for your app includes both children and older users, you must make sure that ads shown to children come exclusively from one of these self-certified ads SDK versions (for example, through use of neutral age screening measures). Note that it is your responsibility to ensure that all SDK versions you implement in your app, including Self-Certified Ads SDK versions, are compliant with all applicable policies, local laws, and regulations. Google does not provide any representations or guarantees as to the accuracy of the information the ads SDKs provide during the self-certification process. The use of Families self-certified ads SDKs is only required if you are using ads SDKs to serve ads to children. The following are permitted without an ads SDK's self-certification with Google Play, however, you are still responsible for ensuring your ad content and data collection practices are compliant with Google Play's User Data Policy and Families Policy:
Families Self-Certified Ads SDK Requirements
Note: Families Self-Certified Ads SDKs must support ad serving that complies with all relevant statutes and regulations concerning children that may apply to their publishers. More information on watermarking ad creatives and providing a test app can be found here. Here are mediation requirements for serving platforms when serving ads to children:
Developers can find a list of Families Self-Certified Ads SDKs and can check which specific versions of those ads SDKs are self-certified for use in Families apps here. Also, developers can share this interest form with ads SDKs who wish to self-certify. Store Listing and PromotionThe promotion and visibility of your app dramatically affects store quality. Avoid spammy store listings, low quality promotion, and efforts to artificially boost app visibility on Google Play. App PromotionWe don’t allow apps that directly or indirectly engage in, or benefit from promotion practices (such as ads) that are deceptive or harmful to users or the developer ecosystem. Promotion practices are deceptive or harmful if their behavior or content violate our Developer Program Policies.
It is your responsibility to ensure that any ad networks, affiliates, or ads associated with your app comply with these policies. MetadataWe don't allow apps with misleading, improperly formatted, non-descriptive, irrelevant, excessive, or inappropriate metadata, including but not limited to the app's description, developer name, title, icon, screenshots, and promotional images. Developers must provide a clear and well-written description of their app. We also don't allow unattributed or anonymous user testimonials in the app's description. Your app title, icon, and developer name are particularly helpful for users to find and learn about your app. Don’t use emojis, emoticons, or repeated special characters in these metadata elements. Avoid ALL CAPS unless it is part of your brand name. Misleading symbols in app icons are not allowed, for example: new message dot indicator when there are no new messages and download/install symbols when the app is not related to downloading content. Your app title must be 30 characters or less. In addition to the requirements noted here, specific Google Play Developer Policies may require you to provide additional metadata information. Here are some examples of common violations: ① Unattributed or Anonymous User testimonials
① ALL CAPS although not part of brand name Here are some examples of inappropriate text, images, or videos within your listing:
Here are a few best practices:
User Ratings, Reviews, and InstallsDevelopers must not attempt to manipulate the placement of any apps on Google Play. This includes, but is not limited to, inflating product ratings, reviews, or install counts by illegitimate means, such as fraudulent or incentivized installs, reviews and ratings. Incentivized installs, reviews, and ratings include using text or images in your app title, icon, developer name that indicate price or other promotional information. Developers must not add text or images that indicate store performance or ranking, or suggest relations to existing Google Play programs in the app title, icon, or developer name. Here are some examples of common violations:
Ratings and reviews are benchmarks of app quality. Users depend on them to be authentic and relevant. Here are some best practices when responding to user reviews:
Here are some examples of common violations:
Content RatingsContent ratings on Google Play are provided by the International Age Rating Coalition (IARC) and are designed to help developers communicate locally relevant content ratings to users. Regional IARC authorities maintain guidelines which are used to determine the maturity level of the content in an app. We don’t allow apps without a content rating on Google Play. How content ratings are usedContent ratings are used to inform consumers, especially parents, of potentially objectionable content that exists within an app. They also help filter or block your content in certain territories or to specific users where required by law, and determine your app’s eligibility for special developer programs. How content ratings are assignedTo receive a content rating, you must fill out a rating questionnaire on the Play Console that asks about the nature of your apps’ content. Your app will be assigned a content rating from multiple rating authorities based on your questionnaire responses. Misrepresentation of your app’s content may result in removal or suspension, so it is important to provide accurate responses to the content rating questionnaire. To prevent your app from being listed as “Unrated”, you must complete the content rating questionnaire for each new app submitted to the Play Console, as well as for all existing apps that are active on Google Play. Apps without a content rating will be removed from the Play Store. If you make changes to your app content or features that affect the responses to the rating questionnaire, you must submit a new content rating questionnaire in the Play Console. Visit the Help Center to find more information on the different rating authorities and how to complete the content rating questionnaire. Rating appealsIf you do not agree with the rating assigned to your app, you can appeal directly to the IARC rating authority using the link provided in your certificate email. NewsA News app is an app that:
Examples of apps within the “News and Magazine” category that qualify as News apps:
However, if apps contain primarily user generated content (e.g., social media apps), they should not declare themselves as News apps, and are not considered to be News apps. News apps that require a user to purchase a membership must provide an in-app content preview for users prior to purchase. News apps must:
News apps must not:
Please note that News apps may use ads and other forms of marketing to monetize as long as the app’s primary purpose isn’t to sell products and services or generate advertising revenue. News apps that aggregate content from different publishing sources must be transparent about the publishing source of the content in the app and each of the sources must meet News policy requirements. Please consult this article for how best to provide required information. Spam and Minimum FunctionalityAt a minimum, apps should provide users with a basic degree of functionality and a respectful user experience. Apps that crash, exhibit other behavior that is not consistent with a functional user experience, or that serve only to spam users or Google Play are not apps that expand the catalog in a meaningful way. SpamWe don't allow apps that spam users or Google Play, such as apps that send users unsolicited messages or apps that are repetitive or low-quality. Message SpamWe don’t allow apps that send SMS, email, or other messages on behalf of the user without giving the user the ability to confirm the content and intended recipients. Here is an example of a common violation:
Webviews and Affiliate SpamWe don’t allow apps whose primary purpose is to drive affiliate traffic to a website or provide a webview of a website without permission from the website owner or administrator. Here are some examples of common violations:
Repetitive ContentWe don't allow apps that merely provide the same experience as other apps already on Google Play. Apps should provide value to users through the creation of unique content or services. Here are some examples of common violations:
Made for AdsWe don’t allow apps that display interstitial ads repeatedly to distract users from interacting with an app and performing in-app tasks. Here is an example of a common violation:
Minimum FunctionalityEnsure your app provides a stable, engaging, responsive user experience. Here is an example of a common violation:
Broken FunctionalityWe don’t allow apps that crash, force close, freeze, or otherwise function abnormally. Here are some examples of common violations:
Other ProgramsIn addition to compliance with the content policies set out elsewhere in this Policy Center, apps that are designed for other Android experiences and distributed via Google Play may also be subject to program-specific policy requirements. Be sure to review the list below to determine if any of these policies apply to your app. Android Instant AppsOur goal with Android Instant Apps is to create delightful, frictionless user experiences while also adhering to the highest standards of privacy and security. Our policies are designed to support that goal. Developers choosing to distribute Android Instant Apps through Google Play must adhere to the following policies, in addition to all other Google Play Developer Program Policies. IdentityFor instant apps that include login functionality, developers must integrate Smart Lock for Passwords. Link SupportAndroid Instant Apps developers are required to properly support links for other apps. If the developer’s instant app(s) or installed app(s) contains links that have the potential to resolve to an instant app, the developer must send users to that instant app, rather than, for example, capturing the links in a WebView. Technical SpecificationsDevelopers must comply with the Android Instant Apps technical specifications and requirements provided by Google, as may be amended from time to time, including those listed in our public documentation. Offering App InstallationThe instant app may offer the user the installable app, but this must not be the instant app's primary purpose. When offering installation, developers must:
Additional instant app details and UX guidelines can be found in the Best Practices for User Experience. Changing Device StateInstant apps must not make changes to the user’s device that persist longer than the instant app session. For example, instant apps may not change the user’s wallpaper or create a homescreen widget. App VisibilityDevelopers must ensure that instant apps are visible to the user, such that the user is aware at all times that the instant app is running on their device. Device IdentifiersInstant apps are prohibited from accessing device identifiers that both (1) persist after the instant app stops running and (2) are not resettable by the user. Examples include, but are not limited to:
Instant apps may access phone number if obtained using the runtime permission. The developer must not attempt to fingerprint the user using these identifiers or any other means. Network trafficNetwork traffic from inside the instant app must be encrypted using a TLS protocol like HTTPS. Android Emoji PolicyOur emoji policy is designed to promote an inclusive and consistent user experience. To accomplish that, all apps must support the latest version of Unicode Emoji when running on Android 12+. Apps that use default Android Emoji without any custom implementations already use the latest version of Unicode Emoji when running on Android 12+. Apps with custom emoji implementations, including those provided by third-party libraries, must fully support the latest Unicode version when running on Android 12+ within 4 months after new Unicode Emoji are released. Consult this guide to learn how to support modern emoji. Use the emoji examples below to test if your app is compliant with the latest Unicode Version: ExamplesUnicode Version🫠 🫱🏼🫲🏿 🫰🏽14.0😶🌫️ 🧔🏻♀️ 🧑🏿❤️🧑🏾13.1🥲 🥷🏿 🐻❄️13.0🧑🏻🦰 🧑🏿🦯 👩🏻🤝👩🏼12.1🦩 🦻🏿 👩🏼🤝👩🏻12.0FamiliesGoogle Play offers a rich platform for developers to showcase their high-quality, age appropriate content for the whole family. Before submitting an app to the Designed for Families program or submitting an app that targets children to the Google Play Store, you are responsible for ensuring your app is appropriate for children and compliant with all relevant laws. Learn about the families process and review the interactive checklist at Academy for App Success.Effective May 31, 2023 Google Play Families PoliciesThe use of technology as a tool for enriching families' lives continues to grow, and parents are looking for safe, high-quality content to share with their children. You may be designing your apps specifically for children or your app may just attract their attention. Google Play wants to help you make sure your app is safe for all users, including families. The word "children" can mean different things in different locales and in different contexts. It is important that you consult with your legal counsel to help determine what obligations and/or age-based restrictions may apply to your app. You know best how your app works so we are relying on you to help us make sure apps on Google Play are safe for families. All apps that comply with Google Play Families policies can opt in to be rated for the Teacher Approved program, but we cannot guarantee that your app will be included in the Teacher Approved program. Play Console RequirementsTarget Audience and Content In the Target Audience and Content section of the Google Play Console you must indicate the target audience for your app, prior to publishing, by selecting from the list of age groups provided. Regardless of what you identify in the Google Play Console, if you choose to include imagery and terminology in your app that could be considered targeting children, this may impact Google Play's assessment of your declared target audience. Google Play reserves the right to conduct its own review of the app information that you provide to determine whether the target audience that you disclose is accurate. If you select a target audience that only includes adults, but Google determines that this is inaccurate because your app is targeting both children and adults, you will have the option to make clear to users that your app is not targeting children by agreeing to carry a warning label. You should only select more than one age group for your app's target audience if you have designed your app for and ensured that your app is appropriate for users within the selected age group(s). For example, apps designed for babies, toddlers, and preschool children should only have the age group "Ages 5 & Under" selected as the age group target for those apps. If your app is designed for a specific level of school, choose the age group that best represents that school level. You should only select age groups that include both adults and children if you truly have designed your app for all ages. Updates to Target Audience and Content Section You can always update your app's information in the Target Audience and Content section in the Google Play Console. An app update is required before this information will be reflected on the Google Play store. However, any changes you make in this section of the Google Play Console may be reviewed for policy compliance even before an app update is submitted. We strongly recommend that you let your existing users know if you change the target age group for your app or start using ads or in-app purchases, either by using the "What's New" section of your app's store listing page or through in-app notifications. Misrepresentation in Play Console Misrepresentation of any information about your app in the Play Console, including in the Target Audience and Content section, may result in removal or suspension of your app, so it is important to provide accurate information. Families Policy RequirementsIf one of the target audiences for your app is children, you must comply with the following requirements. Failure to satisfy these requirements may result in app removal or suspension.
Here are some examples of common violations:
Ads and MonetizationIf you’re monetizing an app that targets children on Google Play, it’s important that your app follows the following Families Ads and Monetization Policy Requirements. The policies below apply to all monetization and advertising in your app, including ads, cross-promotions (for your apps and third party apps), offers for in-app purchases, or any other commercial content (such as paid product placement). All monetization and advertising in these apps must comply with all applicable laws and regulations (including any relevant self-regulatory or industry guidelines). Google Play reserves the right to reject, remove or suspend apps for overly aggressive commercial tactics. Ads requirements If your app displays ads to children or to users of unknown age, you must:
Ads Format requirements Monetization and advertising in your app must not have deceptive content or be designed in a way that will result in inadvertent clicks from child users. If the sole target audience for your app is children, the following are prohibited. If the target audiences of your app is children and older audiences, the following are prohibited when serving ads to children or users of unknown age:
Here are some examples of common ad format violations
Here are some examples of inappropriate ad content that should not be displayed to children.
In-app purchases Google Play will re-authenticate all users prior to any in-app purchases in apps solely targeted to children. This measure is to help ensure that the financially responsible party, and not children, are approving purchases. Ads SDKs If you serve ads in your app and your target audience only includes children, then you must use only Families self-certified ads SDK versions. If the target audience for your app includes both children and older users, you must implement age screening measures, such as a neutral age screen, and make sure that ads shown to children come exclusively from Google Play self-certified ads SDK versions. Please refer to the Families Self-Certified Ads SDK Program policy page for more details on these requirements and refer here to see the current list of Families Self-Certified ads SDK versions. If you use AdMob, refer to the AdMob Help Center for more details on their products. It is your responsibility to ensure your app satisfies all requirements concerning advertisements, in-app purchases, and commercial content. Contact your ads SDK provider(s) to learn more about their content policies and advertising practices. Effective May 31, 2023 Families Self-Certified Ads SDK PolicyGoogle Play is committed to building a safe experience for children and families. A key part of this is to help ensure children only see ads that are appropriate for their age and that their data is handled appropriately. To achieve this goal, we require ads SDKs and mediation platforms to self-certify that they are appropriate for children and compliant with Google Play Developer Program Policies and Google Play Families Policies, including Families Self-Certified Ads SDK Program Requirements. The Google Play Families Self-Certified Ads SDK Program is an important way for developers to identify which ads SDKs or mediation platforms have self-certified that they are appropriate for use in apps designed specifically for children. Misrepresentation of any information about your SDK, including in your interest form application, may result in removal or suspension of your SDK from the Families Self-Certified Ads SDK Program, so it is important to provide accurate information.Policy requirementsIf your SDK or mediation platform serves apps that are part of the Google Play Families Program, you must comply with all Google Play Developer Policies, including the following requirements. Failure to satisfy any policy requirements may result in removal or suspension from the Families Self-Certified Ads SDK Program. It is your responsibility to ensure that your SDK or mediation platform is compliant, so please be sure to review Google Play Developer Program Policies, Google Play Families Policies, and Families Self-Certified Ads SDK Program Requirements.
Please refer to the Families Self-Certified Ads SDK Program page for more details on Program requirements. EnforcementAvoiding a policy violation is always better than managing one, but when violations do occur, we’re committed to ensuring developers understand how they can bring their app into compliance. Please let us know if you see any violations or have any questions about managing a violation. Policy CoverageOur policies apply to any content your app displays or links to, including any ads it shows to users and any user-generated content it hosts or links to. Further, they apply to any content from your developer account which is publicly displayed in Google Play, including your developer name and the landing page of your listed developer website. We don't allow apps that let users install other apps to their devices. Apps that provide access to other apps, games, or software without installation, including features and experiences provided by third parties, must ensure that all the content they provide access to adheres to all Google Play policies and may also be subject to additional policy reviews. Defined terms used in these policies have the same meaning as in the Developer Distribution Agreement (DDA). In addition to complying with these policies and the DDA, the content of your app must be rated in accordance with our Content Rating Guidelines. We don’t allow apps or app content that undermine user trust in the Google Play ecosystem. In assessing whether to include or remove apps from Google Play, we consider a number of factors including, but not limited to, a pattern of harmful behavior or high risk of abuse. We identify risk of abuse including, but not limited to, items such as app- and developer-specific complaints, news reporting, previous violation history, user feedback, and use of popular brands, characters, and other assets. How Google Play Protect worksGoogle Play Protect checks apps when you install them. It also periodically scans your device. If it finds a potentially harmful app, it might:
How malware protection worksTo protect you against malicious third-party software, URLs and other security issues, Google may receive information about:
You may get a warning from Google about an app or URL that may be unsafe. The app or URL may be removed or blocked from installation by Google if it is known to be harmful to devices, data or users. You can choose to disable some of these protections in your device settings. But Google may continue to receive information about apps installed through Google Play, and apps installed on your device from other sources may continue to be checked for security issues without sending information to Google. How Privacy alerts workGoogle Play Protect will alert you if an app is removed from the Google Play Store because the app may access your personal information and you’ll have an option to uninstall the app. Enforcement ProcessIf your app violates any of our policies, we’ll take appropriate action as outlined below. In addition, we’ll provide you with relevant information about the action we’ve taken via email along with instructions on how to appeal if you believe we’ve taken action in error. Please note that removal or administrative notices may not indicate each and every policy violation present in your app or broader app catalog. Developers are responsible for addressing any policy issue and conducting extra due diligence to ensure that the remainder of their app is fully policy compliant. Failure to address policy violations in all of your apps may result in additional enforcement actions. Repeated or serious violations (such as malware, fraud, and apps that may cause user or device harm) of these policies or the Developer Distribution Agreement (DDA) will result in termination of individual or related Google Play Developer accounts. Enforcement ActionsDifferent enforcement actions can impact your app in different ways. The following section describes the various actions Google Play may take, and the impact to your app and / or your Google Play Developer account. This information is also explained in this video. Rejection
Note: Do not attempt to resubmit a rejected app until you’ve fixed all the policy violations. Removal
Note: Don't attempt to republish a removed app until you’ve fixed all policy violation. Suspension
Note: Don't attempt to republish a suspended app unless Google Play has explained that you may do so. Limited Visibility
Limited Regions
Account Termination
Note: Any new account that you try to open will be terminated as well (without a refund of the developer registration fee), so please do not attempt to register for a new Play Console account while one of your other accounts are terminated. Dormant AccountsDormant accounts are developer accounts that are inactive or abandoned. Dormant accounts are not in good standing as required by the Developer Distribution Agreement. Google Play Developer Accounts are intended for active developers who publish and actively maintain apps. To prevent abuse, we close accounts that are dormant or not used or otherwise significantly engaged (for example, for publishing and updating apps, accessing statistics, or managing store listings) on a regular basis. Dormant account closure will delete your account and any data associated with it. Your registration fee is not refundable and will be forfeited. Before we close your dormant account, we will notify you using the contact information you provided for that account. Closure of a dormant account will not limit your ability to create a new account in the future if you decide to publish on Google Play. You will not be able to reactivate your account and any previous apps or data will not be available on a new account. Managing and Reporting Policy ViolationsAppealing an Enforcement ActionWe will reinstate applications if an error was made, and we find that your application does not violate the Google Play Program Policies and Developer Distribution Agreement. If you’ve reviewed the policies carefully and feel that our decision may have been in error, please follow the instructions provided to you in the enforcement email notification to appeal our decision. Additional ResourcesIf you need more information regarding an enforcement action or a rating/comment from a user, you may refer to some of the resources below or contact us through the Google Play Help Center. We cannot, however, offer you legal advice. If you need legal advice, please consult your legal counsel.
Play Console RequirementsGoogle Play wants to provide safe and wonderful app experiences for our users and a great opportunity for all our developers to be successful. We strive to ensure that the process of making your app available to users goes as smoothly as possible. To help you avoid common violations that can slow down the review process or trigger a rejection, be sure to do the following when submitting information through Play Console. Before you submit your app, you must:
As always, you should make sure that your app provides a stable, engaging, responsive user experience; double check that everything in your app, including ad networks, analytics services, and third-party SDKs, complies with Google Play Developer Program Policies; and if your app target audience includes children, be sure to comply with our Families policy. Remember, it is your responsibility to review the Developer Distribution Agreement and all Developer Program Policies to ensure that your app fully complies. |