Storing privacy settings with Firebase

Firebase makes it straightforward to gather and track users' preferences around collection and processing data:
  1. Set up privacy settings
  2. Update your app to use privacy settings
  3. Track changes in privacy settings

Set up privacy settings

To gather and store privacy settings you'll need two things: UI to prompt users for their privacy settings and a way to store those settings.

Creating a privacy settings UI

The format of a privacy settings UI is up to you. Here are a few things to think about while you build your UI:

Understand the data you collect

Take some time to catalog the user data that your app stores or processes. Be sure to include data that your app collects directly and data collected by services your app uses. For Firebase services, it might help to check the examples of end-user data processed by Firebase.

Design your UI to help users

Try to describe the types of data you collect in concise, user-friendly terms, including how the collected data helps your app or will be used.

If there's certain data that your app needs to function properly, you can avoid errors by disabling the submit button on your UI until a user selects the options needed for your app to work. Think about what your app's flow should be for users that enable some kinds of data collections and not others.

Submit button disabled until user agrees to privacy policy Submit button disabled until user agrees to privacy policy

Storing privacy settings

Where and how you store your users' privacy settings is also up to you. You can use any reliable identifier that can associate a user with the selections they make in your privacy settings UI.

One common approach is to use the identifier as a key to store preferences in the data store you use in your app. For example, you could use Firebase Auth UIDs as a key in a Realtime Database instance or use a Firebase Instance ID to organize collections of Firestore documents.

Example: Storing user preferences with Auth UIDs and Realtime Database

Consider a social media app which uses Firebase Auth UIDs andFirebase Realtime Database to store user preferences.

To ensure that users' data stays secure and private, the app saves their preferences to a separate part of the database with restrictive security rules that only let that user read or write. The app also validates that the expected values are only booleans, and that it doesn't accept unexpected values:

"privacy": {
  "$uid": {
    ".write": "auth.uid === $uid",
    ".read": "auth.uid === $uid",
    "data_processing": {
      ".validate": "newData.isBoolean()"
    },
    "content": {
      ".validate": "newData.isBoolean()"
    },
    "social": {
      ".validate": "newData.isBoolean()"
    },
    "$other": {
      ".validate": "false"
    }
  }
}

Update your app to use privacy settings

Once you have users' privacy settings available in your app, you can turn on specific features for users that enabled specific settings. Have your app check the settings before loading features that collect data or use collected data. In the case of a feature, think about what the best experience would be without that feature. For example, if the app is a microblogging platform, and a user has disabled the app from storing their posts, the best user experience may be to remove the option of creating a post.

Track changes in privacy settings

After a user grants permission to collect data, they could change their mind. Add a button or link to your profile or settings screen where they can update their privacy settings.

The The "Privacy settings" link brings up the settings dialog box to let users update their settings

You can also decide how your app should handle when a user decides to disable data collection. For example, you can offer the user the option to delete the collected data or do it automatically. Consider using Cloud Functions for Firebase to delete the data, as, depending on the amount of data that needs to be deleted, the operation could take a few minutes. See the guide to removing and exporting user data for more on this.

Store an audit log of your users' privacy settings separately

Some app developers may wish to keep a record of changes to privacy settings. This can be done using Realtime Database or Firestore by creating a new section of the database to be an audit log of privacy changes, structured under the user's unique identifier, and including the new privacy settings and timestamp. When a user updates their privacy settings, make two writes, one to the user's privacy settings, and one to the audit log. It's important to make this a separate section so that you can create more restrictive Security Rules. For Firestore users, enforce that documents in the audit log are not editable using granular rules:

match /audit_log/{uid} {
   allow create: if uid = request.auth.uid;
   allow update: if false;
   allow delete: if false;
 }

With those four steps, understanding your data, gathering preferences, storing preferences, and tracking changes it's straightforward to make sure your app respects your users' privacy.