User Data FAQ
Branding Guidelines | Rating Guidelines | Program Policies | User Data FAQ | Terms of Service
1. My Product doesn’t handle personal or sensitive user data, how do I disclose my privacy practices?
You can describe how you collect, use, and share user data in any way users could easily find when installing or using your Product. For example, you could describe them in the Chrome Web Store description or via your Product’s interface. You could also choose to include a link to a privacy policy on your Product’s listing.
2. What are some examples of “personally identifiable information”?
Examples of personally identifiable information include: a person’s name, address, telephone number, email address, and username. It also includes any type of identification number, such as a government issued number, driver’s license number, or account number.
3. What are some common ways a Product handles sensitive or personal user data?
Generally, by “handle” we mean collecting, transmitting, using, or sharing user data. Here are some examples of functionality that handle sensitive or personal user data:
- Having login functionality (even if you use a third-party system, like Google authentication)
- Having a form that collects any type of personally identifiable information (see the answer to question #2 for more information)
- Clipping or scraping content from a website that the user visits, such as taking screenshots or capturing data from a web page
- Collecting data obtained from web requests, such as a background activity that accesses contacts, emails, files or other data from a user’s cloud service
- Collecting web browsing activity and any information about the website content or resources a user requests or interacts with, including the domains or URLs the browser interacts with, the content of the HTTP requests and responses, and data in a website’s browser storage (like cookies)
4. What does “web browsing activity” mean?
Web browsing activity means any information about the websites or other web resources a user requests or interacts with, including the domains or URLs the browser interacts with.
5. Does all user data need to be encrypted?
While we strongly recommend you encrypt all transmissions facilitated by your Product (see our Google I/O 2014 talk on HTTPS Everywhere, this policy establishes a minimum requirement of encrypting transmissions of all personal or sensitive user data.
6. What type of encryption does the User Data Policy require?
Your Product may use any type of modern cryptography, such as free and commercially available TLS implementations and ciphers, but you should not use any cipher suite blacklisted by IETF. Our requirements may change over time.
7. When does the prominent disclosure requirement apply?
The prominent disclosure applies when both:
- the Product handles personal or sensitive user data AND
- the handling of that personal or sensitive user data is not closely related to functionality described prominently in the Product’s Chrome Web Store page and user interface.
Here are a few examples:
| Description | Prominent Disclosure Required? |
| An extension whose sole marketed purpose is to sync a user’s browser history to a central service. | Prominent Disclosure not Required (a) Sensitive Data? Sensitive (web browsing activity) (b) Relation to Described Functionality? Related (the marketed purpose was to sync the history) |
| An extension, app, or hosted app collects and transmits anonymous usage information about how frequently users click on or see various user interface elements of the Product. | Prominent Disclosure not Required (a) Sensitive Data? Not Sensitive (this type of anonymous usage data is not personal or sensitive) (b) Relation to Described Functionality? Unrelated (usage collection statistics aren’t usually disclosed so prominently and aren’t closely related to user functionality) |
| An extension whose sole marketed purpose is add themes to popular social media sites, but also scrapes the number of friends a user has, on anonymous basis, for sale or research purposes. | Prominent Disclosure Required (a) Sensitive Data? Sensitive (website content or resources) (b) Relation to Described Functionality? Unrelated (not closely related to a described functionality) |
| An extension, app, or hosted app that handles an email address for login purposes and also provides that email address to others for the other’s marketing purposes. | Prominent Disclosure Required (a) Sensitive Data? Sensitive (personally identifiable information) (b) Relation to Described Functionality? Unrelated (while the use for authentication is closely related to the user functionality, the transfer to others for marketing purposes is not) |
8. How do I satisfy the prominent disclosure requirement?
The disclosure must describe the types of sensitive or personal user data to be collected and how they will be used. You must present the disclosure in a prominent way, so that the user sees it prior to agreeing. The disclosure, however, must not be located only in a privacy policy, terms of service, or similar document.
9. Can an extension collect web browsing activity for ad targeting or other monetization purposes?
No. The Other Requirements section states that an extension can only collect and transmit web browsing activity to the extent required for a user-facing feature that is prominently described in the Chrome Web Store page and user interface. Ad targeting or other monetization of this data isn’t for a user-facing feature. And, even if a user-facing feature required collection of this data, its use for ad targeting or any other monetization of the data wouldn’t be permitted because the Product is only permitted to use the data for the user-facing feature.
10. My extension or app handles personal or sensitive user data, but only stores information locally (or only uses Chrome Storage Sync API), do I still need to post a privacy policy?
Yes: this policy requires all items that handle sensitive user information to post a privacy policy. Users may not be easily able to tell which apps or extensions save information locally or transmit it back to their servers. Your privacy policy, however, may not need to be long or complicated. It just needs to describe how the Product collects, uses and shares user data.