Former civil litigation attorney. Content legal strategist at TermsFeed.
On this page
- 1. General Requirements
- 2. Google Analytics
- 2.1. Required Policies
- 2.2. Examples
- 3. Google AdSense
- 3.1. Needed Policies
- 3.2. Examples
- 4. AdMob
- 4.1. Needed Policies
- 4.2. Examples
- 5. Google AdWords
- 5.1. Needed Policies
- 5.2. Examples
- 6. Google reCAPTCHA
- 6.1. Needed Policies
- 6.2. Examples
- 7. Google Play Store
- 7.1. Needed Policies
- 7.2. Examples
These days, it's somewhat difficult to find websites and apps that don't use Google tools and services. While these Google resources are helpful for gaining visibility and sharing your message or brand, they also trigger legal questions.
Google places requirements on its developers in order to protect itself from liability. These requirements also protect you.
Here's an overview of popular Google tools and services and the online agreements you need if you use them.
What customers say about TermsFeed:
This really is the most incredible service that most website owners should consider using.
Easy to generate custom policies in minutes & having the peace of mind & protection these policies can offer is priceless. Will definitely recommend it to others. Thank you.
- Bluesky's review for TermsFeed. Read all our testimonials here.
With TermsFeed, you can generate:
All Google tools and services are subject to the general Google Terms of Service. While each product may have its own agreements, this one is the basis of your commitments when you use Google products.
When you use any Google tool or service, you must:
- Follow policies specific to services
- Never misuse services or commit illegal acts
- Avoid infringing on intellectual property including brands, logos, or code, whether it belongs to Google or your users, and
- Follow international law
Google will also put you on notice that you may have access to content that does not belong to Google. If that content is useless for your purposes or even offensive, Google cannot be held responsible. That content is the responsibility of the entity or individual providing the content and Google waives any liability associated with it.
When you start using Google tools and services, it's a good idea to review their terms and privacy policies to know what is expected of you as you take advantage of these resources.
Google Analytics is a collection of tools that provide data on web traffic. Using a code provided by Google, you can track data about metrics like website visits, purchases, and engagement. This information can help you improve your website or confirm that it generates the needed return on investment.
Analytics has its own Terms of Service where it outlines your duties and any policies required on your website.
Second, you must promise that neither you nor your visitors will use Analytics inappropriately. That would include making it part of information collection without a user's knowledge, especially if that includes names, street addresses, birth dates, and billing information.
Companies that use Google Analytics mention the product directly in their Privacy Policies. This strategy helps with legal compliance as well as meeting the requirements under the Analytics Terms of Service.
TriDef explains to users that it uses Analytics to collect data including how often the app is used:
Sierra Trading Post takes the same approach and explains to users how they can opt out of this tracking:
The content of this notice depends on how extensively you use Google Analytics. If you collect sensitive information on data including age and gender, you may want to take the detailed approach of Sierra Trading--including opt out information.
However, if you are more interested in using Analytics to track app use or website visits, you can make this section a little shorter, like TriDef did in its example.
AdSense creates targeted advertisements. If you agree to post advertisements on your website as a revenue generator, AdSense automatically analyzes user browser history and posts advertisements that may be of interest to the user.
Companies pay to have their advertisements filter through this service. As an incentive, website owners who join the AdSense program receive revenue when users click on an ad and engage with that company.
AdSense is an invasive service. This makes privacy protection a high priority. In fact, the Terms of Service require both privacy and cookie policies on websites that use its service:
There is further guidance in AdSense Help. Since user consent is important when it comes to privacy, it adds another safety mechanism called the DoubleClick cookie.
Basically, in order to visit a site advertised on an AdSense ad, a user must click twice. This assures assent and reduces automatic data collection that could be considered a problem. AdSense also gives users the ability to hide ads that block content or are irrelevant to them.
Here is an example of this from Airtable, a spreadsheet and data app. Highlighted in the upper right corner is an arrow and an "x." Users can hit the arrow to change ad choices and indicate an ad is not relevant to them. Or, they can hit the "x" and make the ad disappear:
This process is described in the AdSense Terms of Service:
If you use AdSense, Google wants you to explain its processes in detail. That includes how to opt-out or make the cookie drop the ad.
Welcome Home Blog is a site of videos for military homecomings. It has a large national presence in the U.S., with many regular viewers. AdSense is one of its revenue generators.
This policy starts by describing log files which track a user's website visits and history. AdSense will also gather general demographic information but it falls short on data that can identify individuals:
Welcome Home Blog also describes cookies in general:
DoubleClick Cookies have their own section. It uses the same language as the Terms of Service when describing them. The blog includes an explanation on opting out as well:
A good example of this banner is provided by BBC:
AdMob is basically AdSense for mobile devices. It works the same way as AdSense and also may be considered invasive by many users.
The drafting requirements for your policies are the same as if you were using AdSense. If you already have provisions that address AdSense, you only need to add a reference to AdMob.
It starts by stating that third parties will post ads and they will have their own Privacy Policies regarding the information collected from users:
While Bravolol mentions Google AdSense in the following section, there is no mention of AdMob - although Google uses Bravolol as a successful example in one of its case studies:
There does not seem to be a consistent pattern with how apps handle AdMob in their Privacy Policies. Since it's typically better to give too many details rather than not enough, mention AdMob specifically in yours when you address third parties and advertising. That way there is no question about whether you disclosed the use of AdMob to your users.
AdWords is the Google advertising system. It allows you to create graphic display ads and then bid on your location within Google search results. The service helps you promote your products and services through display, video, search, and app ads.
- Description of how you use remarketing or similar strategies to advertise online
- How third-party vendors, like Google, display your ads
- How visitors can opt out of Google's practices, and
- A link to the Network Advertising Initiative opt-out page
AdRoll is a service that helps companies use AdWords. It also uses AdWords itself.
It starts by describing targeted advertising and making it clear that it uses this tool. This leaves users with few doubts and provides notice:
When it describes the data collected and how it is used, most descriptions include references to advertisers:
The section on cookies explains them and identifies the specific one used by AdRoll:
Finally, there is a large section on opting out which includes a link to the Network Advertising Initiative:
reCAPTCHA defends websites against spam-producing bots. It is widely recognized by its dialog box where users must confirm they are human before moving forward:
reCAPTCHA is also part of an effort to digitize text, annotate images, and support machine learning. As the service continues to develop, Google anticipates better processes for developing AI when it comes to book preservation and maps.
Since reCAPTCHA presents only a checkbox, many developers assume it does not collect private information. However, that is not the case.
reCAPTCHA checks for Google cookies and will take a snapshot of the user's browser at the time of access. While doing this, it logs cookies for the past six months and the number of visits to sites.
reCAPTCHA also indicates this when you sign up for the service and accept its Terms of Service:
Google Play Store
Google Play Store is the distribution platform for Android Apps. If you use it, you are bound by its Developer Distribution Agreement which places specific requirements on developers.
You must also refrain from collecting more personal information than is necessary for the functioning of your app.
Generally, all developers using Google Play include the following in this agreement:
- A notice that you intend to collect personal information
- Why you require it
- How you collect it
- The use of the information, and
- Any information you share with third parties
In its section on information collected and how it's accessed, Mixesoft indicates they request names and email addresses. They also explain that they find the data through forms, registration processes, and cookies:
A separate section explains why they require this information:
There is a more detailed section on cookies since Mixesoft uses other Google products:
This is the section on information collected starts by listing the data provided by users during registration:
A separate section discusses information from third parties:
It also refers to information collected automatically and refers users to the section regarding cookies:
The section on the use of information is clear using plain language and italic headers:
The policy makes it clear that data is kept for a limited time, as required by the Google developer agreement:
There are two sections on security and data protection:
Google tools and services can revolutionize the efficiency of your apps and website. However, you must comply with their requirements and protect your users. Google offers considerable resources to assist you and it is a good idea to take advantage them.