Privacy Policies are used to notify and obtain consent from users of the collection of their personal data by the company's website or app. These disclosures are a way to protect an individual's rights in their data and prevent potential future legal issues.
- Answer a few questions about your business:
- Enter the country and click on the "Next Step" button:
- 1. What is Firebase?
- 2.1. Your Use of Firebase Google Analytics
- 2.2.1. Cookies
- 2.2.2. Identifiers for Mobile Devices
- 2.2.3. Third-Party Vendors
- 2.3. How a User May Opt-Out of Firebase Analytics
- 3. What to Remember Going Forward
What is Firebase?
Firebase is Google's web and app application that provides analytics, software, messaging, and crash reports for your website or app. Firebase is a massive platform that covers all areas of your company to help with speed, analyzing usage by visitors, storage, and driving growth to your site.
Firebase is the umbrella term for Google's many software platforms that include:
- Google Analytics
- Cloud Firestore
- Test Lab
- ML Kit
- Your use of Firebase Google Analytics
- How a user may opt-out of Firebase Analytics
Here is the section that notes these requirements:
Without including these disclosures you may run afoul of Google and not be able to use Firebase and its analytical tools.
Your Use of Firebase Google Analytics
If you use Firebase you must disclose that you use Firebase and any of its services. The main Firebase service to pay attention to is Google Analytics. Google Analytics is the main service on Firebase and what is required to use Google Analytics is required to use Firebase.
Google Analytics is a web service that analyzes your site's performance and visitors' activity. From this analysis, companies are able to see a full report on how their site is performing.
The provided link takes a user directly to Google's page explaining how Google uses data from websites or apps that use one of its platforms.
On the other hand, you don't have to include the link and can instead just state that your site uses Google Analytics and how it uses the service.
To comply with the User Consent Policy you must:
- Retain records of consent
- Describe the procedure of how to revoke consent
- Hold third parties that use the collected data to standards
Cookies are used by websites and apps to store the data related to their users. The stored data in the cookies help websites improve functionality, advertise, and performance.
Another option is creating a separate Cookies Policy. A separate Cookies Policy is not required by U.S. law or Firebase, but is a requirement for businesses that fall under the scope of the EU's Cookie Law, or the ePrivacy Directive.
Identifiers for Mobile Devices
Identifiers for mobile devices, commonly called IDs, are strings of letters and numbers that are connected to a specific cell phone or tablet. IDs are like cookies in that they store specific information from the user, but are different in key ways.
IDs can only be collected by a downloaded app, such as UberEats, but not a website. IDs also track a user's action for a longer period of time than cookies.
Apps collect the IDs from a user's specific tablet or phone and can use the data to identify the user and send them specific advertisements based on that data.
There are two main types of IDs, depending on the operating system a phone uses. They are:
- iOS - Identify for Advertisers (IDFA)
- Android - Google Advertising ID (GAID)
It is not required to state which ID is used. Just noting the use of them is enough.
WhatsApp includes a clause that lets users know it collects device-specific information during installation and use. It lists the information it collects including IP addresses, device identifiers and location features when enabled:
Third-party vendors are used to help improve the services of the sites and their functionality. These vendors can be used to help with troubleshooting to storing data on a cloud. No matter what they do, users must be notified of the relationship between your site and third parties.
How a User May Opt-Out of Firebase Analytics
Google Analytics and other Firebase Analytics can only be used once explicit consent has been obtained as these services collect and store sensitive information. Hence why users must be able to opt out of any Firebase Analytics used, including Google Analytics or device advertising settings.
Google does not allow sensitive information to be transferred to third parties without consent and requires companies to protect the information along with ensuring an individual's rights to the information is maintained:
Embed provides users with an Opt-Out link in its general Google Analytics section to opt-out of the service. It also includes an opt-out link for each specific technology it uses to collect and store information including Google Analytics Doubleclick:
The opt-out link takes a user to Google's general page of how to block ads, save settings in Google, and control ads on websites that partner with Google:
Another way to offer users to opt-out of the service is by providing procedures or pages specific to the company on how to opt-out of the services.
What to Remember Going Forward
However, if you fail to comply with Firebase's Terms of Service and its required clauses, you may lose the ability to use all of Firebase's many platforms and could face potential legal issues.