Privacy Policy for Google Ads for Remarketing

Many companies use Google Ads to target audiences based on their preferences, demographic information, or online activities. Businesses that use Google Ads for remarketing/retargeting (displaying ads to users based on their previous website or app visits) should have a Privacy Policy that contains essential information required by Google.

This article explains what Google Ads is, how remarketing works, why businesses that use Google ads for remarketing need a Privacy Policy, what to include in a Privacy Policy for Google Ads for remarketing, and where to display your Privacy Policy.

What is Google Ads?

Google Ads is Google's digital advertising platform. It enables website owners to create ad campaigns that target specific types of customers.

With Google Ads, users can create goal-specific ads that help drive traffic to their websites or brick-and-mortar stores, use keywords to attract customers searching for similar terms, and target audiences based on demographic information or online behavior.

Google Ads has a "set up your first campaign" page explains that users can choose to display their ads within its Google Search Network and/or its Google Display Network:

What is Remarketing/Retargeting?

Remarketing/retargeting is when you display ads to customers who have visited your website or used your app in the past. Google Ads allows you to use either standard remarketing or dynamic remarketing, which is showing ads for products or services customers have previously viewed on your website.

Remarketing uses data segments (demographic or behavioral information about your audience) to add the people who are most likely to be interested in a particular product or service to remarketing lists. Website owners can then create ads targeting those lists.

You can set up Google Ads remarketing by creating remarketing lists based on web page URLs or custom parameters and putting a remarketing tag on your website. If you already have Remarketing Lists for Search Ads on your website, you can simply continue to use the same tag.

Here's how Google details the benefits of remarketing, including creating targeted ads based on website visitors' browsing and shopping activities:

Note that Google Ads now refers to remarketing as "your data." Google Ads' Updates to Audience terms and phrases page lists its upcoming changes in terminology:

What is a Privacy Policy?

A Privacy Policy is a legal document that explains how you collect and process (use) consumers' personal information. Personal information includes any data that can be used to identify an individual.

Privacy laws around the world require businesses to maintain a Privacy Policy if they collect or process users' personal information.

Privacy Policies typically include the following clauses:

• The types of personal information the organization collects or processes
• What the organization does with the information it collects or processes
• A list of third parties the organization shares personal information with
• The types of personal information the organization shares with third parties
• How the organization keeps the personal information it collects or processes secure
• How consumers can exercise their privacy rights (including how they can opt out of certain data processing activities)
• The organization's contact information

Google has its own Privacy Policy requirements for anyone who uses Google Ads for remarketing purposes, which we will take a look at next.

What are the Google Ads for Remarketing Privacy Policy Requirements?

Google requires anyone who uses Google Ads for remarketing purposes to maintain a Privacy Policy on their website or app that includes specific information, including an explanation of how they use remarketing and how third parties show their ads on the Internet.

If you use Google Ads for remarketing purposes, your Privacy Policy should contain the following information:

• How you use remarketing to advertise online
• How third-party vendors (including Google) show your ads on different websites
• How third-party vendors (including Google) use cookies and/or device identifiers (technology that shows websites what devices users are accessing services from) to display ads based on a user's past visits to your website or app
• A description of how users can opt out of Google's use of cookies or device identifiers via Google's Ad Settings or how users can opt out of a third-party vendor's use of cookies via the Network Advertising Initiative opt-out page or adjust their device's settings to control how device identifiers are used

Alternatively, website owners who use Google Marketing Platform's pixels for their data segments can include a section within their Privacy Policies that explains that users can opt out of Google Marketing Platform's use of cookies via its opt-out page or the Network Advertising Initiative opt-out page.

Google explains that website owners who use Google Ads for remarketing must include certain information in their Privacy Policies, including an explanation of how they use remarketing for advertising purposes and information about how visitors can opt out of Google's use of cookies:

How to Write a Privacy Policy for Google Ads for Remarketing

Your Privacy Policy for Google Ads for remarketing should be clearly written, regularly updated, and easily accessible. It should include the clauses required by Google, as well as clauses that are relevant to your unique business.

Let's look at the essential clauses your Privacy Policy for Google Ads for remarketing should contain.

How You Use Remarketing for Advertising

This section of your Privacy Policy should explain how you use remarketing to advertise on your website or app.

DigitalMarketer's Privacy Policy explains that it uses remarketing to create ads based on users' past visits:

The Types of Personal Information You Process

This part of your Privacy Policy discloses what types of personal information you collect or process. Be as specific and informative as possible here.

Target's Privacy Policy contains a list of the types of personal information it collects, including names, addresses, phone numbers, and financial transaction data:

Your Reasons for Processing Personal Information

If you use personal information for any other reasons, such as communication or order fulfillment purposes, you should list them here.

Spotify's Privacy Policy lists its reasons for processing different categories of personal data, including to provide services and diagnose and fix service performance issues, and for marketing purposes:

Third-Party Vendor Information

Businesses that use Google Ads for remarketing need to include third-party vendor information in their Privacy Policies.

This clause should describe:

• How third-party vendors (including Google) show your ads across the Internet and
• How third-party vendors use cookies and/or device identifiers to show users ads based on their previous visits to your website or app

Meta's Privacy Policy explains that it shares users' personal information (including device identifiers) with marketing vendors that serve ads across the Internet, track users' online activities, and provide Meta with information about how users interact with ads:

Microsoft's Privacy Statement explains that third-party cookies may be used to show users ads based on their activities on its websites:

microsoft-privacy-statement-cookies-similar-technologies-clause
Microsoft Privacy Statement: Cookies and Similar Technologies clause

Users can access Microsoft's Third Party cookie inventory page from its Privacy Statement. This page informs users that Microsoft and third parties use advertising cookies to show them ads based on their interests, browsing history, and ads they've already seen:

By scrolling down on this page, users can find information about Google's advertising cookie and a link to Google's Privacy Policy:

Third Parties You Share Personal Information With

You can use this clause to list any other third parties you share personal information with, as well as the categories of personal information you share with them.

KitchenAid's Privacy Notice lists the third parties it may share personal information with, including affiliates, service providers, and advertising partners:

How Users Can Opt Out of Cookies or Device Identifiers

If you use Google Ads for remarketing then you need to make sure your Privacy Policy describes how users can opt out of the use of cookies and/or device identifiers.

This cause should explain:

• How users can opt out of Google's use of cookies or device identifiers via Google's Ad Settings
• How users can opt out of a third-party vendor's use of cookies via the Network Advertising Initiative opt-out page
• How users can adjust their device's settings to control the use of device identifiers

If you use Google Marketing Platform's pixels for data segments you can instead include information in your Privacy Policy about how users can opt out of Google Marketing Platform's use of cookies via its opt-out page or the Network Advertising Initiative opt-out page.

The New York Times' Privacy Policy explains that it uses Google to serve ads and that Google uses cookies or device identifiers to show users ads based on their previous visits. It lets users know that they can opt out of Google cookies by clicking on the link to Google's Privacy Policy:

Meta's Privacy Policy explains how users can opt out of customized ads via the Digital Advertising Alliance's cookie-based opt-out platform, by changing their mobile device settings, or through the Network Advertising Initiative's Consumer Opt Out page:

Converlens' Privacy Policy explains that users can opt out of Google Marketing Platform's cookies through its opt-out page or via the Network Advertising Initiative's opt-out pages:

How Users Can Exercise Their Rights Regarding Their Personal Information

This clause explains what rights users have under applicable laws (such as the right to access or delete their data or opt out of certain data processing activities) and how they can exercise their rights.

Chick-fil-A's Privacy Policy lets users know how they can access, update, or delete their personal information, including via their mobile devices or by submitting a privacy rights request form:

How You Keep Personal Information Safe

You should explain the steps you take to keep visitors' personal information secure, such as using encryption or implementing administrative, physical, and technological safety measures.

Installation Made Easy's Privacy Policy describes how it keeps users' personal information safe by using encryption and by complying with data security rules used by major credit card companies:

Your Contact Information

This clause should contain your contact information and ideally include a way for users to get in touch with you.

Marshalls' Privacy Statement includes an email address where users can send privacy concerns and a link to its privacy choices request form:

Where to Display a Privacy Policy for Google Ads for Remarketing

You should display your Privacy Policy where users can easily find it.

Let's take a look at some common places to display a link to your Privacy Policy.

Website Footer

Your website footer is a good place to link your Privacy Policy as many users know to scroll to the bottom of a web page to find links to legal documents, and users can access your Privacy Policy no matter what page they are on.

The NBA puts a link to its Privacy Policy along with links to location-specific Privacy Statements in its website footer:

Checkout Page

Placing a link to your Privacy Policy on your checkout page helps ensure users have a chance to read it before they submit sensitive financial information.

Here's an example of this:

Account Creation/Login Page

If you allow users to sign up for an account you can include a link to your Privacy Policy on your account creation/login page.

Users must tick a box indicating that they have read and agree to Acer's Privacy Policy before creating an account:

Newsletter Sign-Up Form

You should give users the opportunity to read your Privacy Policy when they sign up to receive your newsletter or join your email list.

Seventeen presents users with a link to its Privacy Notice when they subscribe to its newsletter:

In-App Menus

It's important to give app users a way to read your Privacy Policy, either from within your app or via a link that takes users to an external Privacy Policy page.

SimpliSafe includes a link to its Privacy Policy within its app's Help and Support menu:

How to Get Agreement to Your Privacy Policy for Google Ads for Remarketing

To get agreement to your Privacy Policy, present users with a box to check or click that's next to a statement explaining that checking the box shows agreement.

Here's an example:

Here's another example of how to effectively use an "I Agree" checkbox:

Summary

Google Ads is an advertising platform that can help businesses create ads that target specific audiences.

Remarketing is when you display ads to users that are based on their previous visits to your website or app.

A Privacy Policy is a legal document that explains how you collect and process users' personal information and how they can exercise their privacy rights.

Google Ads has special Privacy Policy requirements for businesses that use remarketing.

Privacy Policies for Google Ads for remarketing must include the following information:

• An explanation of how you use remarketing for advertising purposes
• How third-party vendors (including Google) show your ads on websites
• How third-party vendors (including Google) use cookies and/or device identifiers to display ads to users that are based on their past visits to your website or app
• How users can opt out of Google's use of cookies or device identifiers via Google's Ad Settings or via the Network Advertising Initiative opt-out page, or how users can adjust their device's settings to control how device identifiers are used

Alternatively, website owners who use Google Marketing Platform's pixels for their data segments can use their Privacy Policies to explain how users can opt out of Google Marketing Platform's use of cookies through its opt-out page or via the Network Advertising Initiative opt-out page.

A Privacy Policy for Google Ads for remarketing should contain the following clauses:

• How you use remarketing to advertise online
• The types of personal information you process
• Your reasons for processing personal information
• How third-party vendors (including Google) show ads to users and how they use cookies or device identifiers to show ads to users based on previous visits to your website or app
• Third parties you share personal information with
• How users can opt out of or control Google's (and other third-party vendors') use of cookies and/or device identifiers
• How users can exercise their privacy rights
• How you keep users' personal information safe
• Your contact information

Once you have your Privacy Policy written, you should display it where users can easily find it.

Common places to put a link to your Privacy Policy include:

• Website footer
• Checkout page
• Account creation/login page
• Email sign-up area
• In-app menu

Implement an "I Agree" checkbox to get users to agree to your Privacy Policy.