If your app using Maps APIs processes personal data (like user location), you must follow privacy laws and tell users about it — Google's data processing agreement also applies to how Google handles data from your API calls.
When you use an app that relies on Google Maps, your location searches and map interactions may be transmitted to Google's servers — developers are legally required to disclose this in their privacy policies, but enforcement depends on the developer's compliance.
How other platforms handle this
We may share your personal information with our business partners and other third parties as required or permitted by law, including for joint marketing purposes with financial companies.
For users who are under 18, Gemini Apps Activity is saved for 18 months by default and can only be changed to 3 months. Conversations with Gemini apps from users under 13 are not saved to their Google Account by default.
We may share your information with third parties to support, improve, promote, and secure the Services; process payments; or fulfill orders. These service providers only have access to the information necessary to perform specified functions on our behalf. We require them to protect and secure your ...
Developers are responsible for obtaining proper consent and providing disclosures to their end users about location data collection that occurs through Maps API calls, and they must separately review and comply with Google's Data Processing Addendum.
(1) REGULATORY FRAMEWORK: Processing personal data via Maps APIs implicates GDPR Art. 6 (lawful basis), Art. 13/14 (transparency obligations), Art. 28 (processor agreements), and Art. 46 (international transfers via SCCs). CCPA §1798.100 and CPRA §1798.140 apply to California residents' personal information including precise geolocation data. COPPA (15 U.S.C. § 6501) applies if the Maps implementation collects location data from users under 13. The FTC Act Section 5 governs deceptive privacy practices. Primary enforcers include national EU DPAs, the CPPA, and the FTC. (2)
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.