# ZevGuard Google Play Data Safety draft

Stato: bozza interna. Compilare Play Console solo dopo verifica del codice finale, SDK finali e backend finali.

Fonti operative:

- Google Play User Data policy.
- Google Play Data safety section guidance.
- Google Play Subscriptions policy.
- Google Play sensitive permissions policy.

## Data categories likely collected

| Categoria | Esempi ZevGuard | Scopo | Upload | Note |
| --- | --- | --- | --- | --- |
| Account identifiers | email, UID, provider login | account, auth, recovery | yes | Firebase/Auth backend |
| App info and performance | crash/bug details if sent | support, quality | optional | only if enabled/sent |
| Device or other IDs | Android ID-derived stable fingerprint | entitlement, integrity, anti abuse | yes | avoid raw Android ID where possible |
| App activity | scan sessions, verdicts, settings | security functionality | local/cloud optional | cloud learning opt-in |
| Installed apps | package/hash, signer, installer, version | antivirus/security detection | local/cloud optional | minimize, hash when possible |
| Web browsing/app web signals | normalized domain, URL hash, redirect chain | Web Shield/reputation | local/cloud optional | avoid full URLs unless needed |
| Purchases | product ID, purchase token, entitlement state | billing verification | yes | Google Play Billing/backend |
| User-generated content | AI prompts, support notes | AI/support | yes if used | do not include unnecessary sensitive data |

## Sharing disclosure draft

- Google/Firebase: authentication, backend, notifications/cloud functions.
- Google Play: billing, purchases, subscription management.
- ZevGuard backend: threat intelligence, reputation, entitlement verification, account recovery.
- AI provider: only if AI endpoint sends prompts to provider.
- Email provider: support and account recovery messages.

## Security practices draft

- Data encrypted in transit with HTTPS.
- Sensitive local tokens stored with Android secure storage where implemented.
- Optional cloud reputation uses minimized signals.
- No sale of personal data.
- User can request data/account deletion by email.

## High-risk review items

- Direct OpenRouter key in APK is not suitable for broad public distribution; use backend proxy before public release.
- Installed apps and security scans can be sensitive; require clear in-app disclosure and privacy policy.
- VPN/Web Shield requires clear explanation and user consent.
- Accessibility/Usage Access, if used, requires strong purpose explanation.
- Subscription screens must clearly disclose price, renewal and cancellation.