PRELAUNCH CHECKLIST

Google Play Prelaunch Checklist (2026)

This checklist is written from a reviewer-verification perspective: not just “have the assets”, but “can a reviewer validate what you claim”. Align Data Safety, permissions (purpose & timing), privacy entry points, and reproducible login/subscription paths to reduce rejections and repeated clarification requests.

Send your app, get a risk checklist View the full publishing process
10 critical checks before submission

A practical rule: reviewers don’t reward long explanations. They reward fast validation. Keep store claims, in-app behavior, and a reviewer-verifiable path consistent.

1) Developer account & billing
Make sure identity, contact, and billing setup are complete; assign team roles with least-privilege permissions. New accounts should expect stricter checks and longer review timelines.
2) Build & version readiness
AAB/APK installs and runs correctly; versioning, package name, signing, and release track are consistent; target SDK and core dependencies are validated with regression testing.
3) Privacy policy URL
Privacy policy is accessible and matches actual data behavior; the in-app entry is easy to find and does not depend on unavailable accounts or regions.
4) Data Safety alignment (common: mismatch)
Make Data Safety match real collection, sharing, and storage behavior; keep account/data deletion paths reproducible; verify third-party SDK behavior does not contradict your declarations.
5) Permissions: minimal, justified, and timed
Remove non-essential permissions; align permission prompt timing, justification text, and actual usage; for sensitive permissions, prepare “trigger screen + purpose + evidence”.
6) Target audience & content rating
Audience settings and ratings match the app’s content; for UGC, social, or financial apps, provide clear compliance disclosures and moderation/controls.
7) Store listing truthfulness
Title, description, screenshots, and claims match real functionality; avoid exaggeration and misleading words, especially high-risk phrases that can trigger policy flags.
8) Login/subscription/payment verifiability
If core value requires login or subscription, provide working test credentials and the shortest validation path; ensure pricing, terms, and cancellation steps are consistent between listing and in-app flows.
9) External links & download behavior
Avoid external download prompts, payment circumvention, or aggressive redirection. If external links are necessary, explain the purpose clearly and prevent deceptive-behavior triggers.
10) Review Notes & evidence pack
Prepare Review Notes with test credentials, shortest steps, expected results, and any change summary. Make validation fast for reviewers.
If you’ve been rejected once, the second submission should focus on lowering reviewer verification cost. Short path, working credentials, clear expected results.
Copy-paste Review Notes template App name/version: [Your App] / vX.Y.Z / Production Test account: [email] / [password] (Region: [xx], 2FA: [yes/no]) Validation path: 1) Install → open app → [tap “…“] 2) Login with test account → [go to feature X] 3) Trigger permission [CAMERA/LOCATION] on [screen Y] → Expected: [purpose] Expected result: [what reviewer should see] Notes: - Privacy policy entry: Settings → Privacy Policy - Account/data deletion: Profile → Delete account → [steps] - If geo-limited: use [country] / [method]
Play Console routing (quick mapping)

This is the operator view: when a rejection email arrives, don’t “randomly tweak things”. First locate the corresponding Play Console section, then reconcile declarations with real in-app behavior and a reviewer-verifiable path.

Data Safety
Play Console → Policy and programs → App content → Data safety.
Account/data deletion
Play Console → App content related sections; ensure the in-app flow is reproducible and documented in Review Notes.
Privacy policy URL
Play Console → Store listing related sections; also provide an obvious in-app entry (commonly: Settings / Profile).
Permissions & sensitive access
App content and pre-release checks; permission prompt timing, purpose text, and actual usage must match.
Target audience & content rating
Play Console → App content → Target audience and content.
Store listing assets
Play Console → Store listing: screenshots, claims, and descriptions must reflect real behavior.
App access / unable to verify
Play Console → App content → App access (if applicable); provide working test credentials and a shortest validation path.
Read the rejection email for these 4 signals first
Unable to verify / Cannot access

This is a validation failure, not necessarily a functional bug. Provide test credentials, a shortest path, and clear expected results before changing core logic.

Data Safety mismatch

Reconcile declarations with actual SDK behavior and in-app flows. A common root cause is third-party SDK behavior contradicting your Data Safety answers.

Deceptive behavior / Misleading

Prioritize checking listing vs in-app mismatch: exaggerated claims, aggressive prompts, external download flows, payment circumvention, or screenshots not matching production.

Scope unclear

Write the trigger precisely: which screen, which button, which permission, which steps. Then provide a change summary and evidence so reviewers don’t need follow-up questions.

24-hour pre-submit sanity check (minimal actions)
Do a reviewer-style walkthrough

Start from install to core feature completion on the shortest path; verify login, payment/subscription, permission prompts, and critical UI interactions.

Validate every key store claim

Each key promise in the store listing should map to a real screen or feature entry in the app; screenshots must match current production behavior.

Reconcile Data Safety and permissions

Keep Data Safety, privacy policy, permission prompts, and actual behavior consistent. If something differs, fix the declaration or behavior before submission.

Prepare test credentials and notes template

Write credentials, region constraints, steps, and expected outcomes in a copy-paste format for Review Notes to reduce back-and-forth.

FAQ
What do teams most commonly miss before submission?+
Most common gaps are privacy policy URL not matching the in-app entry, Data Safety declarations not matching actual behavior, permission justification and timing mismatch, and reviewers being unable to reproduce key flows.
Why do apps get rejected again even after fixes?+
Many rejections are not about missing fixes but missing validation. Provide a short reviewer path, working test credentials, and clear expected results in Review Notes, and keep store metadata, in-app behavior, and declarations consistent.
Do I need to provide test accounts for review?+
If your core features require login, subscription, or specific permissions, provide working test credentials and a shortest validation path to reduce "unable to verify" rejections.