Terms of Service and data safety
Stay organized with collections
Save and categorize content based on your preferences.
Before you use or access the Play Integrity API, do the following:
- Read the Play Integrity API Terms of Service.
- Understand how the API handles data.
Terms of Service
Last modified: May 20, 2024
- By using the Play Integrity API, you agree to these terms in addition to the
Google APIs Terms of Service
("API ToS"). The Play Integrity API is provided to protect app security and
to mitigate abuse, fraud, and unauthorized access.
- By using the Play Integrity API, your app or SDK will have access to certain
features and be granted quota limits based on the eligibility criteria
described in the Play Integrity API
documentation. Eligibility criteria are
subject to change.
- Google Play reserves the right to remove feature access and reduce quota
if your app or SDK does not meet, or stops meeting, the eligibility
criteria.
- The approval of additional features or increased quota is
non-transferable and will only apply to the specified app or SDK.
- You may not use the Play Integrity API to fingerprint or track individual users or devices.
- Google may make changes to these terms at any time with notice and the
opportunity to decline further use of the Play Integrity API. Google will
post notice of modifications to the terms at
https://developer.android.com/google/play/integrity/terms#tos.
Changes will not be retroactive.
Data safety
Google Play has a data safety
section for developers
to disclose their apps' data collection, sharing, and security practices. To
help you complete the data safety section requirements, you can use the
information below on how the Play Integrity API handles data.
The Play Integrity API is a runtime interface with the Google Play Store. As
such, when you use Play Integrity in your app, the Play Store runs its own
processes, which include handling data as governed by the Google Play Terms of
Service. The
information below describes how the Play Integrity API handles data to process
specific requests from your app.
Data collected on usage |
Always collected:
- App-provided information in the request including the
requestHash and nonce fields
- App metadata including package name, version number, and signing
certificate
- The app's
Google Play
license status for the signed in user accounts on the device
- Device information including a key attestation certificate and a device
attestation token generated by Google Play services
Only collected when the requesting app is opted in to receiving
environment
details:
- App activity information used to determine if apps are running that can
capture the screen or control the device
- Device information used to determine the status of Google Play
Protect
|
Purpose of data collection |
The data collected is used to verify the application integrity, the
licensing status, environment details, and the device integrity. |
Data encryption |
Data is encrypted. |
Data sharing |
Data is not transferred to any third parties. |
Data deletion |
Data is deleted following a fixed retention period. |
While we aim to be as transparent as possible, you are solely responsible for
deciding how to respond to
Google Play's data safety section form
regarding your app's user data collection, sharing, and security practices.
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2025-07-24 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-24 UTC."],[],[],null,["# Terms of Service and data safety\n\nBefore you use or access the Play Integrity API, do the following:\n\n1. Read the [Play Integrity API Terms of Service](#tos).\n2. Understand [how the API handles data](#data-safety).\n\nTerms of Service\n----------------\n\nLast modified: May 20, 2024\n\n1. By using the Play Integrity API, you agree to these terms in addition to the [Google APIs Terms of Service](https://developers.google.com/terms) (\"API ToS\"). The Play Integrity API is provided to protect app security and to mitigate abuse, fraud, and unauthorized access.\n2. By using the Play Integrity API, your app or SDK will have access to certain features and be granted quota limits based on the eligibility criteria described in the [Play Integrity API\n documentation](http://g.co/play/integrityapi). Eligibility criteria are subject to change.\n 1. Google Play reserves the right to remove feature access and reduce quota if your app or SDK does not meet, or stops meeting, the eligibility criteria.\n 2. The approval of additional features or increased quota is non-transferable and will only apply to the specified app or SDK.\n3. You may not use the Play Integrity API to fingerprint or track individual users or devices.\n4. Google may make changes to these terms at any time with notice and the opportunity to decline further use of the Play Integrity API. Google will post notice of modifications to the terms at `https://developer.android.com/google/play/integrity/terms#tos`. Changes will not be retroactive.\n\nData safety\n-----------\n\nGoogle Play has a [data safety\nsection](https://support.google.com/googleplay/answer/11416267) for developers\nto disclose their apps' data collection, sharing, and security practices. To\nhelp you complete the data safety section requirements, you can use the\ninformation below on how the Play Integrity API handles data.\n\nThe Play Integrity API is a runtime interface with the Google Play Store. As\nsuch, when you use Play Integrity in your app, the Play Store runs its own\nprocesses, which include handling data as governed by the [Google Play Terms of\nService](https://play.google.com/intl/en-US_us/about/play-terms/index.html). The\ninformation below describes how the Play Integrity API handles data to process\nspecific requests from your app.\n\n|----------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| Data collected on usage | Always collected: - App-provided information in the request including the `requestHash` and `nonce` fields - App metadata including package name, version number, and signing certificate - The app's [Google Play license status](/google/play/integrity/verdicts#account-details-field) for the signed in user accounts on the device - Device information including a key attestation certificate and a device attestation token generated by Google Play services Only collected when the requesting app is opted in to receiving [environment details](/google/play/integrity/verdicts#environment-details-field): - App activity information used to determine if apps are running that can capture the screen or control the device - Device information used to determine the status of Google Play Protect |\n| Purpose of data collection | The data collected is used to verify the application integrity, the licensing status, environment details, and the device integrity. |\n| Data encryption | Data is encrypted. |\n| Data sharing | Data is not transferred to any third parties. |\n| Data deletion | Data is deleted following a fixed retention period. |\n\nWhile we aim to be as transparent as possible, you are solely responsible for\ndeciding how to respond to\n[Google Play's data safety section form](https://support.google.com/googleplay/android-developer/answer/10787469)\nregarding your app's user data collection, sharing, and security practices."]]
