|
| 1 | +# Account Deletion Request URL |
| 2 | + |
| 3 | +Use this handoff when creating the public account deletion request URL required |
| 4 | +for Google Play. This issue is not complete until the final hosted URL works, |
| 5 | +is entered in Play Console, and is recorded below. |
| 6 | + |
| 7 | +Issue: #440 |
| 8 | +Parent track: #464 |
| 9 | +Status: externally blocked until a web/backend owner hosts the page and a Play |
| 10 | +Console owner enters the URL. |
| 11 | + |
| 12 | +## Policy Source |
| 13 | + |
| 14 | +- Google Play Console Help: [Understanding Google Play's app account deletion |
| 15 | + requirements](https://support.google.com/googleplay/android-developer/answer/13327111?hl=en) |
| 16 | + (checked 2026-05-10). |
| 17 | + |
| 18 | +## Required Outcome |
| 19 | + |
| 20 | +- The URL loads over public HTTPS without login, app install, or geofencing. |
| 21 | +- The page references the OnTime app or the developer name used in Google Play. |
| 22 | +- The account deletion request path is prominent and easy to find. |
| 23 | +- Users can request account deletion without being sent back to the app. |
| 24 | +- The page explains what account data is deleted and what may be retained. |
| 25 | +- The URL is entered in Play Console's account deletion or Data safety field. |
| 26 | +- The final URL and evidence are recorded in this document. |
| 27 | + |
| 28 | +## Final URL Record |
| 29 | + |
| 30 | +- Final account deletion request URL: `TODO` |
| 31 | +- Hosting owner: `TODO` |
| 32 | +- Backend/privacy owner confirming deletion and retention behavior: `TODO` |
| 33 | +- Play Console owner who entered the URL: `TODO` |
| 34 | +- Date verified: `TODO` |
| 35 | +- Evidence location: `TODO` |
| 36 | + |
| 37 | +## Dependencies Before Publishing |
| 38 | + |
| 39 | +- #439 must confirm backend account and data deletion behavior by provider and |
| 40 | + data type. |
| 41 | +- #434 must approve privacy policy language so this page and the policy use the |
| 42 | + same deletion and retention claims. |
| 43 | +- The support inbox, form backend, or request handling workflow must have an |
| 44 | + owner who can receive and fulfill deletion requests. |
| 45 | + |
| 46 | +## Page Content Template |
| 47 | + |
| 48 | +Replace every `TODO` before publishing. |
| 49 | + |
| 50 | +```text |
| 51 | +Title: Delete your OnTime account |
| 52 | +
|
| 53 | +OnTime users can request deletion of their app account and associated data from |
| 54 | +this page. You do not need to install or open the OnTime app to submit a |
| 55 | +request. |
| 56 | +
|
| 57 | +What we delete |
| 58 | +- TODO: List account identity data deleted after #439 confirms server behavior. |
| 59 | +- TODO: List schedule, preparation, notification, feedback, or profile data |
| 60 | + deleted after #439 confirms server behavior. |
| 61 | +
|
| 62 | +What we may retain |
| 63 | +- TODO: List any data retained for legal, security, fraud prevention, |
| 64 | + regulatory, or operational reasons. |
| 65 | +- TODO: State the retention period or review process for each retained data |
| 66 | + type. |
| 67 | +
|
| 68 | +How to request deletion |
| 69 | +Option A: Submit the deletion request form below. |
| 70 | +Option B: Email TODO_SUPPORT_EMAIL with the subject "OnTime account deletion". |
| 71 | +
|
| 72 | +Required information |
| 73 | +- The email address or login provider used for the OnTime account. |
| 74 | +- Any additional information required to verify the account owner. |
| 75 | +
|
| 76 | +What happens next |
| 77 | +- We will verify account ownership before deleting the account. |
| 78 | +- We will delete the account and associated data according to the privacy policy. |
| 79 | +- TODO: State expected completion timing after owner/legal review. |
| 80 | +- TODO: State whether the user receives a confirmation email. |
| 81 | +
|
| 82 | +Privacy policy |
| 83 | +TODO_PRIVACY_POLICY_URL |
| 84 | +
|
| 85 | +Contact |
| 86 | +TODO_SUPPORT_EMAIL |
| 87 | +``` |
| 88 | + |
| 89 | +## Implementation Options |
| 90 | + |
| 91 | +- Hosted form: preferred if the team has an existing website or backend form |
| 92 | + handler. The form must submit to an owned support or backend workflow. |
| 93 | +- Support email page: acceptable if the page clearly shows the support email and |
| 94 | + deletion request instructions. The inbox must be monitored. |
| 95 | +- Privacy policy anchor: acceptable only if the deletion section is prominent, |
| 96 | + directly linked, and provides a clear way to request deletion. |
| 97 | + |
| 98 | +Do not use a PDF, login-only page, app deep link, editable public document, or |
| 99 | +page that only tells users to reinstall/open the app. |
| 100 | + |
| 101 | +## Verification Checklist |
| 102 | + |
| 103 | +- [ ] Open the URL in a private/incognito browser while signed out. |
| 104 | +- [ ] Confirm the URL uses HTTPS and does not redirect to login. |
| 105 | +- [ ] Confirm the page references OnTime or the Google Play developer name. |
| 106 | +- [ ] Confirm the deletion request path is visible without searching through |
| 107 | + unrelated content. |
| 108 | +- [ ] Submit a test request using a test account or staging support workflow. |
| 109 | +- [ ] Confirm the request reaches the responsible owner or backend system. |
| 110 | +- [ ] Confirm the page deletion/retention text matches #439 and #434. |
| 111 | +- [ ] Enter the URL in Play Console. |
| 112 | +- [ ] Save a screenshot or note showing the Play Console field value. |
| 113 | +- [ ] Replace the `TODO` values in the final URL record above. |
| 114 | + |
| 115 | +## Human Tasks Remaining |
| 116 | + |
| 117 | +1. Backend/privacy owner: complete #439 and provide final deletion and retention |
| 118 | + language. |
| 119 | +2. Product/legal owner: approve privacy policy text in #434. |
| 120 | +3. Web/backend owner: host a public HTTPS deletion request page or form using |
| 121 | + the approved language. |
| 122 | +4. Support owner: confirm the receiving workflow is monitored and deletion |
| 123 | + requests can be fulfilled. |
| 124 | +5. Play Console owner: enter the final URL in the required account deletion or |
| 125 | + Data safety field. |
| 126 | +6. Release owner: update the final URL record and attach evidence before |
| 127 | + closing #440. |
0 commit comments