Google Ads Privacy Policy Requirements

by | Feb 22, 2024

If you’re trying to figure out what to put in your Privacy Policy as a Google advertiser, you’ve come to the right place. Google Ads has a variety of policy documents that state all sorts of requirements. In this post, we’ll summarize the key requirements Google has of your website privacy policy for implementing the most common programs that ecommerce advertisers use on the Google Ads platform. You can use this as a quick reference to find the real requirements and make sure you’re in compliance with them.

The main privacy policy issues for most ecommerce sites relate to the following programs:

  1. Remarketing Ads
  2. Customer Match Audiences
  3. Enhanced Conversion Tracking
  4. Google Analytics
  5. Google Signals (used for Analytics Audiences)

Remarketing Ads

Remarketing requirements are here:

https://support.google.com/google-ads/answer/2549063

The privacy policy requirements for Google Ads Remarketing are:

“When you use your data segments in your website or your app, you’re required to have the following information in your privacy policy:

  1. An appropriate description of how you’re using your data to advertise online.
  2. A message about how third-party vendors, including Google, show your ads on sites across the Internet.
  3. A message about how third-party vendors, including Google, use cookies and/or device identifiers to serve ads based on someone’s past visits to your website or use of your app.
  4. Information about how your visitors can opt out of Google’s use of cookies or device identifiers by visiting Google’s Ads Settings. Alternatively, you can point your visitors to opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt-out page or control the use of device identifiers by using their device’s settings.”

Customer Match Audiences

Customer Match requirements are here:

https://support.google.com/adspolicy/answer/6299717

The privacy policy requirement for Google Ads Customer Match audiences is:

  1. “Ensure that your privacy policy discloses that you share customer data with third parties to perform services on your behalf.”

Enhanced Conversion Tracking

Enhanced Conversion Tracking requirements are here:

https://support.google.com/adspolicy/answer/7475709?hl=en

The privacy policy requirement for Google Ads Enhanced Conversion Tracking is:

  1. “Ensure that you disclose to customers (for example, in your privacy policy) that you share their information with third parties to perform ad measurement services on your behalf…”

Google Analytics

Google Analytics requirements are here:

https://marketingplatform.google.com/about/analytics/terms/us/

The privacy policy requirement is:

  1. “You must disclose the use of Google Analytics, and how it collects and processes data. This can be done by displaying a prominent link to the site “How Google uses data when you use our partners’ sites or apps”, (located at www.google.com/policies/privacy/partners/)…”

Google Signals

Google Signals (for using GA4 audiences in Google Ads) requirements are here:

https://support.google.com/analytics/answer/2700409?hl=en&utm_id=ad

The privacy policy requirement for GA4 Audiences used in Google Ads is:

“If you’ve enabled any Google Analytics Advertising features, you are required to notify your visitors by disclosing the following information in your privacy policy:

  1. The Google Analytics Advertising Features you’ve implemented.
  2. How you and third-party vendors use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together.
  3. How visitors can opt-out of the Google Analytics Advertising Features you use, including through Ads Settings, Ad Settings for mobile apps, or any other available means (for example, the NAI’s consumer opt-out).”

Other Considerations

For many of these requirements, Google tells you the precise wording you must use in your privacy policy. A few of them have more vague requirements that you must disclose how you’re using certain information in your advertising. But it’s easy to stay in compliance. Just remember that explaining things in plain language to your users and to potential policy reviewers at Google is probably your best bet. Write in common English and make it easy to understand. And you only need to do what is required. There is no requirement to “over share” at all.

Federal, state, and local privacy policy requirements are obviously in addition to these. And this post merely summarizes the most common Google Ads requirements. Other ad platforms may have additional requirements. So, this is by no means comprehensive. But hopefully this will help you with a quick “cheat sheet” as you’re auditing your website privacy policy to ensure you conform to the basics of what Google requires.

Tags: Google Ads | Privacy

Let's Work Together!

Contact Us

  • Tags

  • Ad Strength (1) AI (2) Amazon (1) Attribution (2) Bidding Strategies (3) Brand Terms (3) Budgeting (1) Campaign Structure (5) Development (9) Ecommerce (22) Feeds (5) GMC (1) Google (4) Google Ads (39) Google Merchant Center (1) Integrations (1) Magento (23) Mobile (1) PageSpeed (2) Performance Max (6) PPC (9) Privacy (2) Profit (8) Remarketing (2) Reporting (1) Reviews (1) ROAS (12) ROI (6) Security (2) SEO (3) Smart Bidding (1) Social Media (1) Tariffs (1) YouTube (2) Zombie SKU (4)

    • Get the Latest Insights

    If you'd like to receive an email when we post new articles, sign up for our email list. We promise not to blow up your inbox.

    You have Successfully Subscribed!