Google Play Data Safety Scraper avatar

Google Play Data Safety Scraper

Pricing

Pay per event

Go to Apify Store
Google Play Data Safety Scraper

Google Play Data Safety Scraper

🔐 Extract normalized Google Play Data Safety disclosures and monitor collection, sharing, security, deletion, privacy-policy, and disclosure changes across Android app portfolios.

Pricing

Pay per event

Rating

0.0

(0)

Developer

Stas Persiianenko

Stas Persiianenko

Maintained by Community

Actor stats

0

Bookmarked

2

Total users

1

Monthly active users

5 days ago

Last modified

Categories

Share

Extract structured Google Play Data Safety disclosures for Android apps. Monitor what apps say they collect and share, why they use it, and which security practices they declare—without manually opening every app page.

Provide package IDs, Google Play URLs, or an Apify dataset. The Actor returns one normalized record per app with nested disclosure entries, stable hashes, and optional change detection.

What does Google Play Data Safety Scraper do?

The Actor reads public /store/apps/datasafety pages and converts the disclosures into export-ready JSON.

It extracts:

  • app identity and source URLs;
  • data shared with other companies or organizations;
  • data collected by the app;
  • category, data type, purpose, and optional status;
  • encryption-in-transit declarations;
  • deletion-request availability;
  • independent security review declarations;
  • privacy-policy links;
  • stable disclosure hashes;
  • added and removed declarations compared with prior output.

Who is it for?

Privacy and compliance teams

Audit a mobile vendor portfolio and retain timestamped evidence of developer-declared practices.

Vendor-risk analysts

Screen Android apps for sensitive collection, sharing, deletion, and encryption signals.

App intelligence providers

Enrich app catalogs with normalized privacy fields rather than unstructured page text.

Agencies and researchers

Compare competitors, market segments, or cohorts of apps at scale.

Why use this Actor?

Google Play disclosures are readable by people but awkward to analyze in bulk. This Actor turns expandable page sections into consistent records.

  • Repeatable: schedule the same portfolio daily, weekly, or monthly.
  • Auditable: preserve source URLs, raw labels, timestamps, and hashes.
  • Monitoring-ready: compare against a previous dataset.
  • Exportable: use JSON, CSV, Excel, API, webhooks, or integrations.
  • Efficient: HTTP-first extraction avoids browser overhead.

Input options

Use one or combine several input methods.

FieldTypePurpose
appIdsstring[]Android package IDs
startUrlsURL[]Google Play details or Data Safety URLs
datasetIdstringDataset containing package IDs
datasetAppIdFieldstringPackage-ID column, default appId
priorDatasetIdstringEarlier Actor output for comparison
localestringGoogle Play language, default en
countrystringTwo-letter country, default US
useProxybooleanRotate Apify Proxy IP addresses

At least one valid app ID, URL, or dataset is required.

Quick start

  1. Open the Actor input page.
  2. Enter one or more package IDs.
  3. Keep language en for normalized extraction.
  4. Click Start.
  5. Open the dataset to inspect or export results.

Example:

{
"appIds": [
"com.spotify.music",
"com.whatsapp"
],
"locale": "en",
"country": "US",
"useProxy": false
}

Scrape Google Play URLs

Details-page and Data Safety URLs are both accepted. The Actor extracts the id query parameter and constructs a canonical Data Safety URL.

{
"startUrls": [
{ "url": "https://play.google.com/store/apps/details?id=com.google.android.youtube" },
{ "url": "https://play.google.com/store/apps/datasafety?id=com.android.chrome" }
]
}

Process an app portfolio dataset

Set datasetId to an Apify dataset ID and identify the package-ID column.

{
"datasetId": "YOUR_DATASET_ID",
"datasetAppIdField": "appId",
"locale": "en",
"country": "US"
}

The Actor reads up to 10,000 source rows in one run and deduplicates package IDs.

Output data

Each successful app produces one dataset item.

FieldDescription
appIdAndroid package ID
appUrlCanonical details URL
dataSafetyUrlFetched disclosure URL
titleApp title when exposed
developerDeveloper when exposed
dataSharedNormalized shared-data entries
dataCollectedNormalized collected-data entries
encryptedInTransitDeclared encryption status
deletionRequestAvailableDeclared deletion-request status
independentSecurityReviewIndependent-review declaration
privacyPolicyUrlDeveloper privacy-policy URL
securityPracticesTextNormalized source text used to detect security-practice wording changes
rawLabelsUnique source labels retained for audits
disclosureHashStable SHA-256 disclosure fingerprint
changesComparison with prior output
fetchedAtUTC extraction timestamp

Output example

{
"appId": "com.spotify.music",
"title": "Spotify: Music and Podcasts",
"locale": "en",
"country": "US",
"dataShared": [
{
"category": "Location",
"dataType": "Approximate location",
"purposes": ["Analytics", "Advertising or marketing"],
"optional": false,
"rawLabel": "Approximate location"
}
],
"encryptedInTransit": true,
"deletionRequestAvailable": true,
"disclosureHash": "…",
"fetchedAt": "2026-07-12T00:00:00.000Z"
}

Monitor disclosure changes

Run the Actor once and save its dataset ID. On a later run, pass that ID as priorDatasetId.

The changes object reports:

  • changed: whether the stable hash differs;
  • added: normalized declarations newly present;
  • removed: declarations no longer present;
  • previousHash: the earlier fingerprint.

This supports scheduled compliance alerts and evidence trails.

How much does it cost to scrape Google Play Data Safety disclosures?

The Actor uses pay-per-event pricing: a small run-start charge plus a charge for each saved app disclosure. Subscription tiers receive volume discounts.

Exact current prices appear in the Actor pricing tab before every run. Failed app IDs do not produce dataset items and are not charged as results.

HTTP extraction keeps compute requirements low. Test a representative portfolio to estimate your total before scheduling large recurring jobs.

Accuracy and raw labels

The Data Safety section is supplied by each app developer. The Actor reports those declarations; it does not independently verify actual application behavior.

Normalized fields make comparison easier, while rawLabel and rawLabels preserve source wording for traceability.

Language and country

Parsing is optimized for English (locale: "en"). Country selection can affect which store version Google serves.

Non-English pages may still be fetched, but headings and purpose labels may not normalize completely. For consistent cross-app comparisons, use one locale and country across runs.

Reliability tips

  • Begin without a proxy for small portfolios.
  • Enable useProxy if direct requests become rate-limited.
  • Keep package IDs in canonical dotted form.
  • Use English for normalized field extraction.
  • Schedule moderate batches rather than many overlapping runs.
  • Review logs for invalid or unavailable apps.

Invalid and unavailable apps

Malformed URLs and package IDs that do not resolve to a Data Safety page are logged and skipped. Other valid apps continue processing.

No placeholder dataset row is emitted for a failed app, which keeps exports clean and billing tied to usable output.

Integrations

Google Sheets and Excel

Export the default dataset directly for analyst review, filtering, and evidence retention.

Webhooks and Slack

Trigger a webhook after scheduled runs. Compare changes.changed and notify a compliance channel only when disclosures differ.

Make and Zapier

Start a run from a vendor onboarding workflow, then route results to risk-management or ticketing systems.

Cloud storage and databases

Use dataset API URLs to load normalized records into BigQuery, Snowflake, S3, or your own warehouse.

API usage

Use the Apify API from JavaScript, Python, or cURL to automate app privacy extraction.

Run with JavaScript

import { ApifyClient } from 'apify-client';
const client = new ApifyClient({ token: process.env.APIFY_TOKEN });
const run = await client.actor('automation-lab/google-play-data-safety-scraper').call({
appIds: ['com.spotify.music'],
locale: 'en',
country: 'US'
});
const { items } = await client.dataset(run.defaultDatasetId).listItems();
console.log(items);

Run with Python

from apify_client import ApifyClient
client = ApifyClient("YOUR_APIFY_TOKEN")
run = client.actor("automation-lab/google-play-data-safety-scraper").call(
run_input={"appIds": ["com.spotify.music"], "locale": "en", "country": "US"}
)
items = client.dataset(run["defaultDatasetId"]).list_items().items
print(items)

Run with cURL

curl -X POST \
"https://api.apify.com/v2/acts/automation-lab~google-play-data-safety-scraper/runs?token=$APIFY_TOKEN" \
-H "Content-Type: application/json" \
-d '{"appIds":["com.spotify.music"],"locale":"en","country":"US"}'

Use with Apify MCP

Connect AI assistants through Apify MCP. For Claude Code, run:

$claude mcp add --transport http apify https://mcp.apify.com/?tools=automation-lab/google-play-data-safety-scraper

For Claude Desktop, Cursor, or VS Code, add this remote server to the client's MCP JSON configuration:

{
"mcpServers": {
"apify": {
"url": "https://mcp.apify.com/?tools=automation-lab/google-play-data-safety-scraper"
}
}
}

Restart the client after saving the configuration, then authenticate with Apify when prompted.

Example prompts:

  • “Check the Data Safety disclosure for these Android package IDs.”
  • “Compare this app portfolio against last week's dataset.”
  • “List apps declaring location sharing for advertising.”

Scheduling a compliance monitor

  1. Create an Apify task with your portfolio input.
  2. Schedule it weekly or monthly.
  3. Store the latest successful dataset ID.
  4. Pass that ID as priorDatasetId on the next run.
  5. Route records where changes.changed is true to your review workflow.

Legality

Google Play Data Safety pages are public developer declarations. Use the Actor responsibly and comply with applicable terms, laws, and organizational policies.

Do not use the output as the sole basis for consequential decisions. Validate important findings against the live page and other security or privacy evidence.

The user is responsible for selecting lawful inputs, retention periods, and downstream processing.

Limitations

  • Google may change HTML structure or wording.
  • Developers may publish incomplete or inaccurate disclosures.
  • Apps can vary by country, version, use, region, and age.
  • English provides the strongest normalization.
  • Deleted, restricted, or unavailable apps may be skipped.
  • The Actor does not inspect APK code or network behavior.

Troubleshooting

“Provide at least one valid app ID”

Check that appIds contains package IDs, URLs contain an id parameter, or datasetId points to rows with the configured field.

An app was skipped

Open the run log. The package may not exist in the selected country, may lack an accessible disclosure page, or Google may have returned an unexpected response.

Large batches receive intermittent failures

Enable useProxy, reduce overlapping schedules, and retry failed package IDs in a later run.

Collected or shared arrays are empty

Some developers declare no sharing, and some pages vary by locale. Confirm the live English Data Safety page before treating an empty array as an extraction issue.

FAQ

Does this scrape app reviews or ratings?

No. It targets Data Safety declarations. Use a dedicated Google Play metadata or reviews Actor for reviews, ratings, installs, and broader app details.

Can I compare two runs?

Yes. Supply the earlier output dataset as priorDatasetId to receive a stable hash comparison and added/removed entries.

Is a Google account required?

No. The Actor accesses public disclosure pages anonymously.

Does it verify that an app truly follows the declaration?

No. It structures what the developer reports on Google Play.

Can I export CSV?

Yes. Open the dataset and choose CSV, Excel, JSON, XML, RSS, or another supported format.

Combine this Actor with Automation Lab tools for broader app intelligence:

Use Data Safety output as the privacy layer alongside product, publisher, and review datasets.

Support

If a page that works in an English browser is repeatedly skipped, open an Actor issue with the package ID, locale, country, and run ID. Do not include confidential portfolio information in a public report.