Chrome extension end user privacy policy when using Firebase authentication
75 views
Skip to first unread message
Igor Lebedev
Jan 1, 2023, 8:42:20 PM1/1/23
to Firebase Google Group
Hello!
In my chrome extension, I use user authentication through Firebase, while in the users table, users' e-mails in clear text become available to me. Therefore, Ily indirectly collect personal data. When publishing an extension to the Open Chrome Web Store, I will be required to provide a privacy policy related to the processing of personal data.
I have studied:
Privacy and Security in Firebase:
https://firebase.google.com/support/privacy#examples-end-user-data-processed-by-firebase
Storing privacy settings with Firebase:
https://firebase.google.com/support/privacy/storing-privacy-settings?hl=en
Firebase Data Processing and Security Terms:
https://firebase.google.com/terms/data-processing-terms
And this discussion:
https://groups.google.com/g/firebase-talk/c/dcjfZEz9-ec/m/eXwh0fF-CAAJ
I realized that before registering (with Google or Email and password ) the user should be able to read the privacy policy and click the consent button. Nevertheless, I still couldn’t figure out what exactly the text of the privacy policy should be in my case, is there a ready-made template without errors so that the extension can be published without additional claims from the reviewers or blocked in the future?
I believe that the developer is completely uninterested in the e-mails and phones of users in the clear. It would be great if it were possible to hide from the developer (at his choice) the personal data of registered users, because the developer is only interested in the authorization and password reset service that the authentication service can produce without the need to show the developer personal data. Then there would be no problems with the protection of personal data and compiling complex controversial policies.
Thank you in advance!
In my chrome extension, I use user authentication through Firebase, while in the users table, users' e-mails in clear text become available to me. Therefore, Ily indirectly collect personal data. When publishing an extension to the Open Chrome Web Store, I will be required to provide a privacy policy related to the processing of personal data.
I have studied:
Privacy and Security in Firebase:
https://firebase.google.com/support/privacy#examples-end-user-data-processed-by-firebase
Storing privacy settings with Firebase:
https://firebase.google.com/support/privacy/storing-privacy-settings?hl=en
Firebase Data Processing and Security Terms:
https://firebase.google.com/terms/data-processing-terms
And this discussion:
https://groups.google.com/g/firebase-talk/c/dcjfZEz9-ec/m/eXwh0fF-CAAJ
I realized that before registering (with Google or Email and password ) the user should be able to read the privacy policy and click the consent button. Nevertheless, I still couldn’t figure out what exactly the text of the privacy policy should be in my case, is there a ready-made template without errors so that the extension can be published without additional claims from the reviewers or blocked in the future?
I believe that the developer is completely uninterested in the e-mails and phones of users in the clear. It would be great if it were possible to hide from the developer (at his choice) the personal data of registered users, because the developer is only interested in the authorization and password reset service that the authentication service can produce without the need to show the developer personal data. Then there would be no problems with the protection of personal data and compiling complex controversial policies.
Thank you in advance!
Igor Lebedev
Jan 4, 2023, 6:55:43 PM1/4/23
to Firebase Google Group
I'm downvoting the question because I found a great example of a privacy policy that works well for me. Perhaps someone will also find it useful what helped me:
privacy policy example
general guidelines Privacy Policy for Firebase
privacy policy example
general guidelines Privacy Policy for Firebase
Nevertheless, he became even more firmly convinced that in order to increase security and simplify the privacy policy and for the peace of mind of end users, it would be reasonable to hide personal data of users from the developer of his choice.
понедельник, 2 января 2023 г. в 06:42:20 UTC+5, Igor Lebedev:
Reply all
Reply to author
Forward
0 new messages