Google Play rejected a recent version of my react native app. In their original message they mentioned:
We detected user data transmitted off device that you have not disclosed in your app’s Data safety form as user data collected.
We found an issue in the following area(s):
SPLIT_BUNDLE 21: Policy Declaration - Data Safety Section: Device Or Other IDs Data Type - Device Or Other IDs (some common examples may include Advertising ID, Android ID, IMEI, BSSID, MAC address)
When I asked for more information, they replied with:
For example, your app includes segment_analytics SDK or an SDK that one of your libraries depends on, which collects personal or sensitive data that includes but may not be limited to identifiers.
This is unsettling because I am not using segment analytics and am not sending any identifier off-device on purpose. I have literally tried to
grep -rn 'segment_analytics' .
all my local app directory and have found no trace of segment_analytics. I don't want to change the data safety section of my app because I am not collecting/using device identifiers. Besides, if any of the SDKs I use are using such identifiers, I would like to know.
This SO question mentions expo but I am not using expo and I am building on my machine so I assume my machine has all the files needed for the build. I followed the steps in this SO answer and found nothing related to analytics in the app.
Is there any other way that my app could be using other SDKs? How would I find out? Is it possible that this is just an error from Google Play Support?
