LEGAL

Privacy Policy

Last updated: July 17, 2026

This Privacy Policy explains how Mapseo (“Mapseo”, “we”, “us”), operated at mapseo.app, collects, uses, stores, and protects information when you use our website and application (the “Service”). By using the Service you agree to this policy.

1. Information we collect

Account information

When you create an account we collect your email address, name (if provided), workspace name, and authentication credentials. If you sign in with Google, we receive your Google account email and basic profile information.

Google user data (Google Business Profile)

When you connect a Google account, you grant Mapseo access to your Google Business Profile data through the official Google Business Profile APIs, under the https://www.googleapis.com/auth/business.manage scope. This includes: your Business Profile accounts and locations (business name, address, phone, website, categories, hours, attributes, verification state), posts, customer reviews and your review replies, photos, and profile performance metrics. We access only the data needed to provide the features you enable.

Billing information

Payments are processed by Stripe. We never store your full card number; we retain only your billing status, plan, and Stripe customer reference.

Usage information

We collect standard technical logs (IP address, browser type, pages visited) and product events (features used, errors) to operate and improve the Service.

2. How we use your information

  • To operate the features you enable: creating and scheduling Google Business Profile posts, drafting and publishing review replies, monitoring your profiles for changes and suspensions, tracking keyword rankings, and generating reports.
  • To authenticate you and secure your account.
  • To bill you and manage your subscription.
  • To send you service notifications you have requested (e.g. suspension alerts, approval requests).
  • To provide support and improve the Service.

Content generated by our AI features (post drafts, review reply drafts) is produced from the business context and settings you provide. Your Google user data is not used to train generalized artificial-intelligence or machine-learning models.

3. Google API Services User Data Policy — Limited Use

Mapseo’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google user data to provide and improve the user-facing features of Mapseo described above.
  • We do not transfer Google user data to third parties except as necessary to provide the Service, to comply with applicable law, or as part of a merger or acquisition with prior notice to you.
  • We do not use Google user data for advertising, and we never sell it.
  • Humans do not read your Google user data except with your explicit permission (e.g. a support request), where required for security or legal compliance, or where the data is aggregated and anonymized.
  • Google user data is not used to train generalized AI/ML models.

See our dedicated Google API Disclosure for a plain-language breakdown of exactly what we access and why.

4. How we store and protect data

  • All data is encrypted in transit (TLS) and at rest.
  • Google OAuth refresh tokens are additionally encrypted at the application layer before storage.
  • Access to production systems is restricted, logged, and protected by multi-factor authentication.
  • Every customer workspace is isolated with database-level row security.

5. Sharing and subprocessors

We share data only with the service providers required to run Mapseo: Supabase (database and authentication), Vercel (hosting), Stripe (payments), Google (the APIs you connect), Anthropic (AI text generation), and our transactional email provider. Each processes data only on our instructions. We never sell personal data.

6. Data retention and deletion

We retain your data while your account is active. You can delete your data at any time — see Data Deletion Instructions. When you disconnect your Google account or delete your Mapseo account, we delete the associated Google user data, including stored tokens, within 30 days, except where retention is required by law.

7. Your rights and controls

  • You can revoke Mapseo’s access to your Google account at any time from your Google Account security settings.
  • You can disconnect a Google connection from Settings inside the app.
  • You may request access to, correction of, or deletion of your personal data by emailing us.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies.

9. Children

The Service is for businesses and is not directed to children under 16.

10. Changes

We will post any changes to this policy on this page and update the date above. Material changes will be announced by email.

11. Contact

Questions or requests: support@mapseo.app