Privacy Policy does't meet Google's requirements

Hi,

I created a Google Console app for Discourse login using this tutorial: Configuring Google login for Discourse

Google has sent me this email:

I think the possible reason is point 3: the privacy policy is accessible from the app’s home page.

How should I fix it? My homepage shows the latest posts. Should I pin privacy policy? Or is there any way to add privacy policy link to the hamburger menu?

You can add extra hamburger links using the Custom Hamburger Menu Links theme component if that helps?

3 Likes

Thank you. I was able to add Privacy Policy link to the hamburger menu.

I’ve a question: is it necessary to get the app verified by Google?

I’ve seen other tutorials on the web and most of them do not suggest the idea of getting the app verified.

What will be the limitations if I don’t get it verified?

IIRC Google wants it to be accessible in one click, so I assume this would be out of the question.

Unless you need sensitive or restricted scopes (which aren’t needed for discourse), no. Although users with higher security settings may potentially run into problems signing in, but I expect this to be rare.

No they want. It is rarely behind one click because of menus. They want a direct link. Different thing.

Most sites have a link in the footer, which is what I assume they were after.

When I tried the custom hamburger menu links component, I was told that the privacy policy was still not compliant (their email specifically said accessible in one click - the joys of undocumented guidelines). They only stopped giving me grief after I added a link in the footer.

That said Google is not known for consistent enforcement so it may have been an overzealous reviewer for my case.

Yeah I’m aware the guidelines only say it must he “accessible”, but they can and have been obnoxious because they deemed it “not prominent enough”.

There are other theme components that would allow people to put it somewhere else if needed? eg Custom Header Links The preview for that has a privacy link as an example. I’ve not gone through the Google review myself though, so I don’t know the intricacies of exactly what they want.

It’s more of it must be somewhat obvious to the user where it is, so I imagine the custom header links would be fine.

1 Like

Thanks for confirming. I guess I will skip the verification. I don’t have any custom settings. I just followed the official guidelines shared on Meta.

Another question, does meta use a verified app?

If it doesn’t, I guess it’s safe for my small community to stay away from the hassle of getting the app verified.

Isn’t there a way to provide the link in the head? Something like <link rel="privacy" href="/privacy-policy">?