Google Business Profile API Compliance
Our commitment to maintaining full compliance with Google Business Profile API policies and standards
Content
Our Commitment to Google's Standards
TrueStars is fully committed to maintaining compliance with Google Business Profile API policies. We've built our platform to work with Google's systems, not against them, ensuring authentic customer experiences and protecting business integrity.
How We Ensure Compliance
1. User Consent First
Google Requirement:
All automated actions require prior, specific, and express user consent.
Our Implementation:
- πNo automatic redirects β customers must actively consent before accessing Google Reviews
- π±Clear consent interface β customers see exactly what they're agreeing to
- β°Timestamped consent β we log when consent was given (without storing personal data)
- π«Withdrawal option β customers can change their mind at any time
2. Authentic Reviews Only
Google Requirement:
Prohibit fake content creation and manipulation.
Our Implementation:
- π₯Real customers only β NFC cards are given only to genuine visitors
- π«No automated posting β we never write reviews for customers
- πStaff verification β restaurant staff confirm customer authenticity
- πNo rating incentives β we don't encourage specific star ratings
3. Independent Business Authentication
Google Requirement:
Each business must use their own Google credentials.
Our Implementation:
- πIndividual Google accounts β each restaurant connects their own Google Business Profile
- π«No shared API keys β we don't use our credentials for client businesses
- πSecure OAuth integration β proper authentication through Google's official channels
- πAccount verification β we verify ownership before service activation
4. Transparent Data Handling
Google Requirement:
No interference with Google's monitoring and maintain cache limits.
Our Implementation:
- π€Direct redirects β customers go straight to Google's platform
- π«No content caching β we don't store or cache review content
- πFull transparency β Google can monitor all our API interactions
- πAudit trail β complete logs available for compliance verification
What We DON'T Do
Prohibited Activities We Actively Prevent:
- βCreate fake reviews or automated content
- βCache review data beyond Google's 30-day limit
- βShare API credentials between different businesses
- βModify or hide Google branding and attribution
- βInterfere with Google's monitoring systems
- βAutomatically revert changes made by Google
- βEncourage specific ratings or incentivize reviews
Transparency Report
Monthly Compliance Metrics:
- Consent Rate: 94.2% of NFC interactions include explicit user consent
- Authentication: 100% of partner restaurants use independent Google accounts
- Response Time: Average 2.3 seconds from consent to Google Reviews page
- Audit Compliance: Zero violations in last 12 months
Our Process:
- 1. Customer visits restaurant β genuine service experience
- 2. Staff offers NFC card β only to satisfied customers
- 3. Customer taps card β redirected to consent page
- 4. Customer gives consent β directed to Google Reviews
- 5. Customer writes review β authentic feedback on Google's platform
Third-Party Responsibilities
For Restaurant Partners:
- β Verify customer authenticity before offering NFC cards
- β Maintain Google Business Profile ownership
- β Inform customers about the review process
- β Report any suspicious activity to TrueStars immediately
For Customers:
- β Provide honest feedback based on genuine experience
- β Understand consent before proceeding to Google Reviews
- β Report inappropriate usage if you encounter it
Technical Compliance
API Integration Standards:
- OAuth 2.0 Authentication: Each business maintains independent access
- Rate Limiting: We respect Google's API quotas and limitations
- Error Handling: Proper handling of API responses and failures
- Security: Encrypted communications and secure credential storage
Data Minimization:
- No personal data storage beyond necessary service delivery
- Consent timestamps only β no customer personal information
- Automatic data purging after service completion
- GDPR compliance for EU customers
Compliance Support
Report Compliance Issues:
For Businesses:
- β’ Pre-integration compliance review
- β’ Ongoing monitoring and reporting
- β’ Staff training on Google policies
- β’ Regular compliance updates
For Customers:
- β’ Easy consent withdrawal process
- β’ Direct contact for concerns
- β’ Transparent complaint resolution
- β’ Integration with Google's own support
Regular Updates
Policy Review Schedule:
- Monthly: Technical compliance verification
- Quarterly: Policy alignment with Google updates
- Annually: Comprehensive audit and documentation update
Change Notification:
- Partners receive 48-hour advance notice of policy changes
- Material changes require re-consent from affected users
- All updates logged and documented for audit purposes
Compliance Statement
TrueStars.ai operates in full compliance with Google Business Profile API policies as of June 2025. We are committed to maintaining these standards and continuously improving our compliance measures. Any concerns about our compliance can be reported directly to our compliance team or to Google through their official channels.
This page demonstrates our commitment to working within Google's ecosystem responsibly and ethically. For technical questions about our implementation, please contact our development team atsa@truestars.ai