Include Data Safety info required for Play Store

[doug-textnow]

General information

• SDK/Library version: all
• Environment: Production
• Android Version and Device: All

Issue description

Developers who publish apps to the Google Play Store are required to disclose whether their app collects or shares a variety of types of data (see: https://support.google.com/googleplay/android-developer/answer/10787469) This includes data that is collected or shared by embedded 3rd-party SDKs such as Braintree. It is difficult and time-consuming to have every app author conduct their own investigation to determine which of the designated categories of data Braintree collects, and it is impossible for app authors to give authoritative answers with regard to the purposes associated with the data Braintree collects, so this really is info that Braintree must provide to Android developers who wish to integrate Braintree into their apps.

Suggested solution: Taking a similar approach to license files, include the Play Store Data Safety info in a csv or markdown file in the repo, or link to it from the repo.

[hollabaq86]

👋 @doug-textnow thanks for reaching out, and the suggestion. I'm going to leave this open while we decide the best way to make this info available (and that info entirely depends on a merchant's integration with us, since we're using CardinalCommerce's SDK for 3D Secure as an example). But in the meantime, if you need assistance completing this information, please contact Support.

[hollabaq86]

for internal reference, ticket 1715

[gomera]

hi @hollabaq86 any news about providing that document? We are really close to the final day (20th of July) and we still don't have this data. For example, something like Branch or Firebase does:

• https://help.branch.io/using-branch/docs/answering-the-google-play-store-privacy-questions
• https://firebase.google.com/docs/android/play-data-disclosure

[sshropshire]

@gomera at the moment we do not have an update. We're still prioritizing the effort and coordinating with our 3rd party MPI Cardinal. As @hollabaq86 mentioned our Support team will be a great resource for more information going forward.

[marxhendrik]

It seems that CardinalCommerce Claims this is fixed in their newest version, but apps receive the warning despite of that. See new Issue: https://github.com/braintree/braintree_android/issues/629

CC changelog: https://cardinaldocs.atlassian.net/wiki/spaces/CMSDK/pages/11862033/Cardinal+Mobile+SDK+-+Android

@sshropshire is there any way for you clarify this with CardinalCommerce as it seems partners are on a deadline now and CardinalCommerce provided the wrong information to google as we are using the version they mentioned to google.

[sshropshire]

@marxhendrik thanks for notifying us. We're investigating the issue and we hope to report back here soon with more information.

[saraXX]

2023 still no answer!?