Documentation

Table of Contents

Privacy Policy for Google OAuth

OAuth is commonly used as a way for users to grant websites or applications access to their account information on other sites but without giving access to their passwords.

This mechanism is used by Google and other companies to allow users to share information about their accounts with third-party applications or websites. However, using this feature also comes with its specific privacy-related responsibilities.

Before your users log in to your web/mobile app with Google OAuth, you’ll need to configure the OAuth consent screen, which allows users to indicate whether or not they want to grant access to their private data and also provides a link to your privacy policy and terms of service document (also called terms and conditions).

Google OAuth consent screen

To protect you and your users, Google only allows applications that authenticate using OAuth to use authorized domains. Your application’s links – included the privacy policy link – must be hosted on a domain verified with Google (more on the Google Cloud Platform Console Help), as you can see on your Google Cloud Platform project dashboard > APIs & Services > Credentials > OAuth consent screen:

Google Cloud Platform - OAuth consent screen

How to create a privacy policy for your web/mobile app with Google OAuth

Because a valid privacy policy must always be up-to-date and specific to your own particular situation, it can be a both legally and technologically difficult to write a compliant policy yourself.

Here’s where our Privacy and Cookie Policy Generator comes in very handy: with 650+ available clauses, our privacy policies contain all elements commonly required across many regions and services (including Google products), while applying the strictest standards by default – giving you the option to fully customize as needed.

Our policies are created by lawyers, monitored by our lawyers and hosted on our servers to ensure that they are always up-to-date with the latest legal changes and third-party requirements.

Creating a privacy policy for your web/mobile app is straightforward and intuitive:

  • Enter the name of your website or app and start generating
  • Add any service you may be using. In this case, make sure to add the Google OAuth clause iubenda Privacy Policy - Google OAuth service
  • Fill out your web/app owner and contact details
  • Use the direct text embedding option (Pro License required) to embed the privacy policy into the body of one of your pages hosted on an authorized domain. You can copy and paste the JavaScript into your page, or call our API from your backend. The result will look as if it were natively a part of your own site. iubenda Privacy Policy - Direct Text Embedding
Note

When adding the Google OAuth clause, you’ll be asked to specify the place of processing:

  • If you or your users are based in the European Economic Area (EEA) or Switzerland consider to add Google Ireland Limited as the service provider.
  • If you or your users are based outside of the EEA, then add Google LLC.
  • If both of the above apply, then add both service providers.

For more information read Place of Processing Customisation for Google Services.

Create a privacy policy for your web/mobile app with Google OAuth

Start generating

See also

Still have questions?

Visit our support forum Email us