GDPR Art. 17 (right to erasure) and CCPA §1798.105 (right to delete) both create legal obligations for apps that collect personal data from users in the EU or California. Google Play Data Safety now explicitly asks whether users can request data deletion, and apps that answer 'yes' in the Data Safety form but provide no mechanism are flagged by reviewers. An 'account deletion' that only signs the user out — without deleting server-side records — is not deletion: it is de-authentication. If a user files a GDPR deletion request and your app's only mechanism is sign-out, you are non-compliant. The backend deletion must remove or anonymize all personal data: profile, activity logs, uploaded content, and third-party data processor records.
High because lacking a data deletion mechanism creates direct legal liability under GDPR Art. 17 and CCPA §1798.105, and Google Play Data Safety discrepancies can result in listing removal.
Implement a Delete Account flow that calls your backend deletion API and clears all local storage. Add it to your Settings screen and link to it from your privacy policy.
async function deleteUserAccount(userId: string) {
const confirmed = await showConfirmationDialog(
'Delete Account',
'This permanently deletes your account and all associated data. This cannot be undone.'
)
if (!confirmed) return
// 1. Delete server-side data
await api.delete(`/users/${userId}`)
// 2. Clear local secure storage
await SecureStore.deleteItemAsync('authToken')
await SecureStore.deleteItemAsync('refreshToken')
// 3. Clear non-sensitive local storage
await AsyncStorage.clear()
// 4. Navigate to logged-out state
navigateToWelcome()
}
For Google Play Data Safety, also provide a web-accessible deletion URL (https://yourapp.com/delete-account) so users can request deletion even after uninstalling the app — Play now requires this URL in the Data Safety form.
ID: mobile-permissions-privacy.privacy-compliance.data-deletion
Severity: high
What to look for: Search for "Delete Account", "Delete My Data", or similar UI elements in settings or account screens. Enumerate all deletion handler actions and check whether the handler includes at least 2 actions: backend API call to delete server-side data AND local storage clearing (AsyncStorage.clear(), SecureStore deletion, etc.).
Pass criteria: A user-initiated data deletion mechanism exists (in settings or account page) that performs at least 2 deletion steps: server-side data deletion via API and local data clearing. Confirmation dialog is shown before deletion.
Fail criteria: No data deletion mechanism is provided to users. OR "Delete Account" exists but does not actually delete user data (just signs out). Must not pass when only local data is cleared but server-side data remains.
Skip (N/A) when: App has no user accounts and stores no personal data (no auth, no profile, no PII).
Detail on fail: Quote the deletion handler code (or note its absence). "No account deletion option in settings" or "Delete Account button signs out but does not delete user data from backend"
Remediation: Provide users with a way to delete their account and data, as required by GDPR and many privacy regulations:
async function deleteUserAccount() {
const confirmed = await Alert.alert(
'Delete Account',
'This will permanently delete your account and all data. This cannot be undone.',
[
{ text: 'Cancel' },
{ text: 'Delete', onPress: async () => {
try {
// Call API to delete on backend
await api.delete('/user/account')
// Clear local data
await AsyncStorage.clear()
// Sign out and return to login
signOut()
} catch (error) {
Alert.alert('Error', 'Failed to delete account')
}
} }
]
)
}