LEGAL

Google API Disclosure

Last updated: July 17, 2026

This page explains, in plain language, what access Mapseo requests to your Google account, what we do with it, and how you stay in control. It supplements our Privacy Policy.

The scope we request

Mapseo requests a single sensitive OAuth scope: https://www.googleapis.com/auth/business.manage — the official scope for managing Google Business Profiles. We do not request access to your Gmail, Drive, Calendar, Contacts, or any other Google data.

What we access, and why

DataWhy we need it
Business accounts & locations (name, address, phone, categories, hours, website, verification state)To list your profiles, let you choose which to manage, and to monitor them for unwanted changes and suspensions.
Local postsTo create, schedule, and publish the posts you approve or automate.
Reviews and review repliesTo show reviews in your inbox, draft replies, and publish replies under the rules you set.
Photos / mediaTo attach images to posts and use your photo library when you choose.
Performance metrics (views, searches, calls, direction requests)To show your dashboard KPIs and build your monthly reports.

What we never do with your Google data

  • We never sell it.
  • We never use it for advertising.
  • We never transfer it to third parties except the subprocessors required to run the Service (listed in our Privacy Policy), as required by law, or in a merger/acquisition with prior notice.
  • We never use it to train generalized AI/ML models.
  • No human reads it except with your explicit permission (e.g. you ask support to look at something), for security incident investigation, or in anonymized aggregate.

Limited Use statement

Mapseo’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

How your tokens are protected

Your OAuth refresh token is encrypted at the application layer before being stored, on top of database-level encryption at rest. Tokens are used only by our servers to call Google’s APIs on your behalf and are never exposed to the browser or third parties.

Staying in control

Questions

support@mapseo.app