Privacy policy, play store and godot
Update: Fixing godot games published in google play | godot official blog
Recently my stupidgameaboutconnectingcoloredlines was removed from Google Play because, as the kindly mail I receive stated, it violates play store's "personal and sensitive information policy". If you are a member of the godot facebook page, you probably have seen that this had happen to many developers already.
If you use any version prior to godot 2.1.5 or godot 3.0.x your app will be removed even if your app doesn't collect any data (as in my case), that's because godot use placeholder1s within AndroidManifest.xml which can be potentially detected as permissions. There are differente approaches currently being discussed2 to fix this problem.
So if you find yourself in this situation there are at least three solutions to the problem, use the more convenient one.
Generate a privacy policy
This is the solution many have used. You have to link to your privacy policy directly from your app Play listing, you can place it in your personal webpage or any other accessible url.
There are several privacy policy generators, as an example:
Many have opted to only link that privacy policy in the google Play listing and the app have been reaccepted, but reading through google's policy that shouldn't be enough as that privacy policy should be included in you app as well.3
Use Apktool
Apktool is tool for reverse enigneering android apk files.
In this case you need android-sdk
and apktool
installed.
- Export your app through godot.
-
Decode your app with
apktool
4sh apktool decode your_app.apk
-
Go to the new created folder and modify
AndroidManifest.xml
removing any unused permissions. -
Build your app again with
apktool
5.sh apktool build your_app your_app_unaligned_unsigned.apk
-
Align and sign your app before submitting again.6
sh cd your_app/dist zipalign -v -p 4 your_app_unaligned_unsigned.apk your_app_unsigned.apk apksigner sign --ks your_key.keystore --out your_app.apk your_app_unsigned.apk
-
Release the new version and under store listing in the play console you should resubmit your app.
Compile the templates
This is probably the least straight forward approach.
You need to compile the android templates, but modifying godot/platform/android/AndroidManifest.xml
and deleting the unused permissions before compiling the templates.
I will not go into the details on how to compile templates as you can check the documentation on building export templates.
-
"Must be within the app itself, not only in the Play listing or a website" https://play.google.com/about/privacy-security-deception/personal-sensitive/ ↩
-
https://ibotpeaches.github.io/Apktool/documentation/#decoding ↩
-
https://ibotpeaches.github.io/Apktool/documentation/#building ↩
-
https://developer.android.com/studio/publish/app-signing#signing-manually ↩