Google Maps and GDPR. What you should know.

As we explained in the article about the Google Fonts API, Google’s API (or deprecated iFrames) will at least collect your IP address while loading Google Fonts and Maps on your website. How the personal data is later processed or how long it will be stored is not clear when reading Google’s privacy policy. See our sources below for more information and reading material!

Google changed to a Cloud API for Google Maps in 2018 and since then terms and privacy policies have changed, but for GDPR there has not been a solution yet, without blocking the API before loading.

Google Maps and WordPress

Most Google Maps plugins for WordPress, and themes, have included the new API and removed the implementation of an iFrame. Blocking the implementation of an iFrame is much easier than blocking the implementation with an API. The iFrames were mostly universal and easily recognized. Blocking an API and adding a placeholder is a bit trickier.

One of the most popular Google Maps plugins is WP Google Maps.

It’s also one of the few which added their own GDPR settings. Complianz adds compatibility to WP Google Maps by controlling the GDPR settings and adding a placeholder.

Example of WP Google Maps and Complianz

The below map is added by WP Google Maps using the API by Google Cloud Platform. The placeholder and consent management is Complianz’ improvement on the plugins GDPR settings:

Still using an iFrame?

iFrames are still popular, especially as they are free to use and easy for anyone to embed. Although not supported by most themes and plugins, they most likely outweigh the Google API for the next years. We added a custom placeholder (how? read this article) for the below iFrame. The iFrame will be blocked until consent. If you consented above maps. This map will be visible also.


Sources

We collect information about the apps, browsers, and devices you use to access Google services, which helps us provide features like automatic product updates and dimming your screen if your battery runs low.

The information we collect includes unique identifiers, browser type and settings, device type and settings, operating system, mobile network information including carrier name and phone number, and application version number. We also collect information about the interaction of your apps, browsers, and devices with our services, including IP address, crash reports, system activity, and the date, time, and referrer URL of your request.

We collect this information when a Google service on your device contacts our servers — for example, when you install an app from the Play Store or when a service checks for automatic updates. If you’re using an Android device with Google apps, your device periodically contacts Google servers to provide information about your device and connection to our services. This information includes things like your device type, carrier name, crash reports, and which apps you’ve installed.

Source: https://policies.google.com/privacy?hl=en-US#intro

(a) Terms of Service and Privacy Policy. The Customer Application’s terms of service will (A) notify users that the Customer Application includes Google Maps features and content; and (B) state that use of Google Maps features and content is subject to the then-current versions of the: (1) Google Maps/Google Earth Additional Terms of Service at https://maps.google.com/help/terms_maps.html; and (2) Google Privacy Policy at https://www.google.com/policies/privacy/. If the Customer Application allows users to include the Google Maps Core Services in Downstream Products, then Customer will contractually require that all Downstream Products’ terms of service satisfy the same notice and flow-down requirements that apply to the Customer Application under Section 3.2.3(a)(Terms of Service and Privacy Policy). If users of the Customer Application (and Downstream Products, if any) fail to comply with applicable terms of the Google Maps/Google Earth Additional Terms of Service, then Customer will take appropriate enforcement action, including suspending or terminating those users’ use of Google Maps features and content in the Customer Application or Downstream Products.

Join 1M+ users and install The Privacy Suite for WordPress locally, automated or fully customized, and access our awesome support if you need any help!

Complianz has received its Google CMP Certification to conform to requirements for publishers using Google advertising products.