Ads transmiting list of installed apps? Warnings from GP Team

Hi there,

I’ve received warnings for all of my apps. They said that they violate GP Policy:

“The application transmits the list of installed apps on a user’s device to a server without conspicuous disclosure to the user that this is happening. This violates the Dangerous Products and Personal and Confidential provisions of the Google Play Content Policy”

My first idea is that it’s all about HeyZap ads which appear in all of my apps. All their ads say something like: “Hey dude, check X because you play V, Y and Z”. I wasn’t aware at all, that it may be violating GP Policy… or is it something else?

Anybody here uses Heyzap and got similar message?

hi, I also received the same letter from GP too. They uploaded a complete list of apps your device currently installed to help bring better ad performance, and I’ve asked them to explain about that in their privacy policy.

My suggestion is add the explanation in your own privacy policy if HeyZap updates its own policy on Privacy Policy. Or just remove HeyZap from your application.

I’ll also inform you if HeyZap made any response to this.

I got the very same email and I use HeyZap in all my apps. Looks like I will have to remove HeyZap… Any alternative network you guys might suggest?

have a try on AppLovin http://www.applovin.com/ then.

We at Heyzap are aware of the warning and are taking the necessary actions to ensure that we are compliant with the Google Play Content Policy. This has never been a problem before. A great user experience has always been our top priority, and will remain so going forward as we work on resolving the issue in a timely matter. There is a 14 day response window and we intend to have a solution (which may include an SDK update) within 4 days. We will post back here once we have a solution.

Gents… WATCH OUT!!! A LOT of advertizing SDK’s do this… Heyzap is just the tip of the iceberg!!!

isnt this the way to track download conversions for a lot of ad companies and their sdk’s ?

Er… yep… :slight_smile:

I guess at this point, we have several alternatives, including:

  1. Google is pissed about the NSA at the moment and ANY invasion of privacy is going to get STOMPED ON… HARD.
  2. Heyzap is doing something else too … and is being smacked for it.
  3. <insert your favorite conspiracy theory here>

Google? Defending privacy? Please. This is the same company that tracks every single thing you do online on Google’s services, aggressively building profiles of their users just to target better ads.

Isn’t AppBrain doing it? :frowning:

I’ve been wondering about that. I’m looking at the manifest changes that HeyZap requires compared to other networks.

One difference is that appbrain uses an INSTALL_REFERRER receiver:

<receiver android:exported="true" android:name="com.appbrain.ReferrerReceiver" >
    <intent-filter>
        <action android:name="com.android.vending.INSTALL_REFERRER" />
    </intent-filter>
</receiver>

and HeyZap uses PACKAGE_ADDED:
https://developers.heyzap.com/docs/android_sdk_adsproduct


<receiver android:name="com.heyzap.sdk.ads.PackageAddedReceiver">
    <intent-filter>
        <data android:scheme="package"/>
        <action android:name="android.intent.action.PACKAGE_ADDED"/>
    </intent-filter>
</receiver>

Some big games are using HeyZap as well:

Ruzzle
Cut the Rope
Lep’s World 2
Super Penguins
Rope’n’Fly - From Dusk

Hope it will be sorted soon…

How did you get notified? Email?

Maybe Google will ban Cut the Rope, that would be hilarious. Isn’t Candy Crush Saga also using it?

They got IAP only from what i know.

How did you get notified? Email?

Yep, one e-mail for every app.

So I am wondering why I did not receive any yet.

Google works in mysterious ways.

hey, everyone, they’d fixed this issue in the very new sdk 5.7.5 (can be found here https://developers.heyzap.com/docs) which had stopped tracking of all the installed apps.