Do we have to disclose the data our product collects from the customer?

Not speaking as a contract lawyer -- which I am not -- but as a software engineer and consumer, disclosing what information you collect and how you use it is simply good practice. Have you observed the amount of public backlash against companies collecting information, especially in fitness devices and apps? Generally, your customers will find you untrustworthy with anything less than full disclosure, and ultimately it will be broadly visible and you will lose market share to others who either collect nothing or at least fully disclose what they collect and how it is used, or better yet offer opt-out capabilities for features that are not truly necessary to the operation of the device or app.

Consumers are becoming much more educated and aware of bad actors in this area, where "bad" equates to deceitful companies. If you are collecting data for a valid purpose, consumers will accept it to the degree that your product's use of that data supports their use of the app or product. "Free" apps or products get more dispensation because consumers understand nothing is really free, and the provider needs to make a living. But when a consumer purchases something, data collection becomes a much more significant issue -- I've paid you, so what are you doing monetizing my data after?

Best practice is first, don't collect beyond what you need for the product to function but at minimum fully disclose what and how it is used. What have you got to hide that you can't or don't want to disclose? I run for the hills from products that hide something.