We're working on a website that we're slowly rolling out to customers (free and paid). We're not "testing" or "staging" because we're doing a slow rollout and we want our customers to be able to have anyone at their companies create accounts with us (so we can't maintain a list of "testing" emails). Our root domain "www.example.com" is a basic page with a waitlist because we're not yet ready to announce our company widely. Our homepage that we've submitted to the Google Verification Process ("www.example.com/search") has a lot more content, links to our privacy policy and terms of service, and has a link to a login form. Anyone on the internet can navigate to both pages. When we do a press announcement, we plan to redirect our current homepage ("www.example.com/search") to our root domain ("www.example.com"). We just got the following message from Google:

Your app homepage must meet the following requirements: 

• Accurate, inclusive, and easily accessible to all users.
• Clearly explain what your app will do with user data.
• Represents your brand and clearly describes the app you are submitting.

1. What is the definition of "homepage"?
2. Does Google allow you to enter any homepage link you want, or are they only looking at your root domain?
3. If we can provide any homepage URL, can we just make our Privacy Policy the "homepage" since it clearly explains what our app will do with user data? I rarely see homepages that persistently list what they do with user data.
4. Can we do this with a 1-time pop-up / cookie acknowledgement?

Any other advice? We're so confused and trying to do the right thing.