Missing privacy section

[dotdoom]

This plugin covers integration with multiple platforms. Many integrations support (some of them by default) adding sensitive data to the report, such as "installation ID" and IP address (configurable in Web UI but is it actually not sent or just removed during report processing?).

For applications with more or less significant number of users, privacy has to be respected per GDPR and COPPA. Corresponding statements have to be made in privacy policy and the user (or parent) must be aware of what data they are exposing and how it's being used. Privacy policy is required by most high-tier login providers (e.g. Facebook) and application publishers, and Apple for example also now requires to fill in a privacy survey about an application.

Since error reporting is automated with this plugin on the platform side, it should list data privacy effects and PII reported, either in README or documentation. Otherwise users will have to examine each integration and fish out possible privacy implications. The corresponding article "Scrubbing Sensitive Data" does not even mention that integrations have to be considered at all.

[marandaneto]

@dotdoom thanks for raising the issue, we're aware of that and already tracking it here getsentry/sentry-docs#3344

installation Id is a randomly generated value, if you uninstall and install the App, it also changes.
IP Address isn't sent by default, unless you enable https://docs.sentry.io/platforms/flutter/configuration/options/#send-default-pii which is disabled by default (we send metadata {{auto}} so the server infers it from the request)

Closing this one in favour of our docs issue, please subscribe it there for updates, thanks :)