Skip to content
GBPHive
Start free trial
§ Legal Google API Services User Data Policy disclosure

Google API Services User Data Policy disclosure

Last updated April 9, 2026

GBPHive's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. This page exists to make that disclosure visible and to satisfy the disclosure requirement of the Google OAuth verification process.

1. Which Google APIs we use

  • Google Business Profile API — to read and edit the business profiles you connect to GBPHive.
  • Google Search Console API — to read search performance data for the properties you connect.
  • Google Analytics Data API (GA4) — to read traffic and conversion data for the properties you connect.
  • Google OAuth 2.0 — to authenticate the user and to refresh access tokens for the above APIs.

2. What data we receive

We receive the data exposed by the APIs above for the resources (business profiles, properties) that the authenticated user explicitly grants access to, and only for the duration the user remains connected.

3. How we use this data

Strictly to provide and improve the user-facing features of GBPHive: showing the user their own business profile data, drafting replies to reviews on the user's behalf, computing rank baselines, generating reports, and surfacing insights to the user.

4. Limited Use

GBPHive's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We do not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for GBPHive's internal operations and even then only when the data have been aggregated and anonymized.
  • We do not use this data for serving advertisements, including retargeting, personalized, or interest-based advertising.
  • We do not transfer this data to third parties except as necessary to provide or improve user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with prior notice to users.
  • We do not sell this data.

5. AI / large language model usage

GBPHive uses third-party AI models (Anthropic's Claude as the primary model, OpenAI as a backup) to draft review replies, posts, and AI assistant responses on behalf of the authenticated user. Data sent to these models is sent under contractual terms that prohibit the model providers from using customer data to train their models. Google API data accessed through the Limited Use scope is never used to train any AI model, including our own.

6. Data retention and deletion

You can disconnect a Google account from GBPHive at any time inside the application. On disconnection, we revoke our OAuth token and delete the cached data for that source within 30 days. You can also request immediate deletion at [email protected].

7. Contact

Privacy and data protection questions: [email protected].