Privacy policy clauses for Google Maps
Google Maps is an embedded mapping service that displays interactive maps and location information on web pages. Websites use Google Maps to help users find physical locations, view directions, explore neighborhoods, and access business information without leaving the site.
Free scan · No signup · Results in 60 seconds
What data Google Maps collects
Your privacy policy must disclose each of the following data types when you use Google Maps.
When does Google Maps trigger privacy obligations?
Installation triggers immediate data flows
The moment Google Maps is embedded on your site or app—even before a user interacts with it—Google LLC begins collecting IP address from every visitor. This happens server-side during the map tile request. If you enable location services (geolocation API), Google also collects precise location data with user permission. Map interaction data (pans, zooms, searches, marker clicks) flows to Google for analytics and service improvement.
GDPR applies if you have EU visitors
If your site is accessible to EU residents, GDPR Article 6 requires a lawful basis for processing IP addresses and location data. Most teams rely on legitimate interest (Article 6(1)(f)) or consent (Article 6(1)(a)). GDPR Article 13/14 mandates you disclose to users that Google LLC processes their data—specifically naming Google as a processor or joint controller. GDPR Article 28 requires a Data Processing Agreement (DPA) with Google; Google's standard terms (via their service agreement) typically qualify, but you must verify this applies to your use case.
