With reference to the standard Android app permissions or Manifest.permissions,
these permissions can have serious data access impact.
- What permissions does the app currently have, can you please list them?
Please develop your app gdpr compliant way. Meaning no more permissions than Needed for the app to function properly
a example: 0box is not a phone app therefore it should not come with a permission to make phone calls.
Please tell the responsible developer team to minimise data access as required by gdpr and stick only to permissions needed for the app to work, to prevent any potential of unwanted data access without user consent.