Google Play Data Safety
Data disclosure guide for publishers using the Oprello SDK
Overview
Google Play requires all apps to declare the data they collect and share in the Data Safety section of their store listing. If your app integrates the Oprello Ads SDK, you must disclose the data types that the SDK collects and shares with third parties (advertising demand partners).
This guide maps each data type the Oprello SDK handles to the corresponding Google Play Data Safety checkboxes. Use it as a reference when filling out the Data Safety form in the Google Play Console.
This guide covers data handled by the Oprello SDK only. You must also declare any data your own app collects independently of the SDK.
Data Types Summary
| Data Type | Collected | Shared | Purpose | Notes |
|---|---|---|---|---|
| Approximate location | Advertising | Only if ACCESS_COARSE_LOCATION is granted; used for geo-targeted ads | ||
| Precise location | - | SDK reads last known location but does not request fine location | ||
| Advertising ID (GAID) | Advertising | Suppressed when user opts out of ad personalization or under GDPR/COPPA | ||
| Other device identifiers | - | Android ID sent as fallback IDFV only when GAID is unavailable | ||
| Name | - | |||
| Email address | - | |||
| Phone number | - | |||
| Personal identifiers | - | |||
| Financial info | - | |||
| Health info | - | |||
| Messages | - | |||
| Photos or videos | - | |||
| Audio files | - | |||
| Contacts | - | |||
| Calendar | - | |||
| App activity | - | No in-app activity is tracked | ||
| Web browsing history | - | |||
| Crash logs | - | SDK does not collect crash logs | ||
| Diagnostics | - | SDK does not report diagnostics data |
Detailed Disclosure Guide
Below is a step-by-step guide for each section of the Google Play Data Safety form.
Location
Approximate location: Yes, collected and shared
The SDK reads the device's last known location (via LocationManager.getLastKnownLocation()) if the app has ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION permission granted. The location is included in ad requests to enable geo-targeted advertising. Location data older than 30 minutes is discarded.
Select: Collected, Shared with third parties, Purpose: Advertising or marketing.
Precise location: No
The SDK does not request location permissions on its own. It only reads cached location if the host app already has permission. Under COPPA, all location data is suppressed.
Device or Other IDs
Device or other IDs: Yes, collected and shared
The SDK collects the Google Advertising ID (GAID) via the Google Play Services Ads Identifier library (if available). The GAID is sent with ad requests to enable frequency capping and attribution by demand partners.
When the user has opted out of ad personalization (isLimitAdTrackingEnabled = true), the GAID is suppressed. Under GDPR without Purpose 1 consent, the GAID is also suppressed. Under COPPA, no device identifiers are sent.
Select: Collected, Shared with third parties, Purpose: Advertising or marketing.
App Info and Performance
Crash logs: Not collected
The Oprello SDK does not collect or transmit crash logs.
Diagnostics: Not collected
The SDK does not collect performance diagnostics, battery usage, or other telemetry data.
Other Data Sent in Ad Requests
The following device metadata is included in OpenRTB bid requests for ad targeting. This data is standard for advertising SDKs and does not fall under personal data categories in the Data Safety form:
- Device make, model, and OS version (
Build.MANUFACTURER,Build.MODEL) - Screen dimensions and pixel density
- Network connection type (Wi-Fi, cellular generation)
- Device language and carrier name
- User-Agent string (
WebSettings.getDefaultUserAgent()) - App bundle ID and version
Privacy Compliance Features
The Oprello SDK includes built-in privacy controls that automatically adjust data collection:
- COPPA: When enabled, all personal identifiers (GAID, Android ID) and location data are suppressed.
- GDPR/TCF: The SDK reads IAB TCF v2 SharedPreferences and suppresses GAID when Purpose 1 consent is not granted.
- CCPA/US Privacy: When the user opts out of sale, GAID is suppressed and IP addresses are truncated.
- GPP: Global Privacy Platform signals are forwarded to demand partners and opt-out is enforced.
- Limit Ad Tracking: The SDK respects the device-level ad personalization opt-out setting.
Quick Checklist
When filling out the Data Safety form for an app using the Oprello SDK, check the following: