LeadProspecting AI LeadProspecting AI

How We Integrate With Google

Last updated: May 21, 2026

A plain-language explanation of how LeadProspecting AI uses Google APIs, what data we access, and how to revoke our access.

This page explains, in plain language, how LeadProspecting AI ("LPAI") integrates with Google APIs — specifically the Google Business Profile API. It's intended for customers who want to understand exactly what we access and why, and for anyone evaluating our compliance with Google's data policies.

For the legally binding version, see our Privacy Policy (Section 7) and Terms of Service (Section 9).

1. What the integration does

LPAI integrates with Google Business Profile so our customers can manage their profile from the same dashboard they use for the rest of their marketing. There are three customer-authorized features:

  • Social Scheduler publishing. Customers schedule and publish Updates, Offers, and Events to their authorized Google Business Profile locations through our content calendar, alongside Facebook, Instagram, and LinkedIn.
  • Review management in the CRM inbox. Customers view and respond to Google reviews from within the same unified inbox that handles their texts, emails, and social messages.
  • Performance reporting. Customers see Google Business Profile metrics — calls, direction requests, profile views, and post views — on their marketing dashboard alongside metrics from other channels.

2. How authorization works

Customers connect their own verified Google Business Profile to LPAI through Google OAuth 2.0 using the business.manage scope.

LPAI never accesses Google Business Profile data without explicit customer authorization. We don't pull data from profiles that haven't been connected to a customer account, and we don't extend our access beyond the locations the customer has chosen to manage through LPAI.

Customers can revoke our access at any time through Google Account permissions at myaccount.google.com/permissions, or from within LPAI under Settings → Integrations.

3. What data we access

The data we access is limited to what's required to operate the features each customer has activated. For Google Business Profile, this includes:

  • Account ID, account name, and customer's role on the account
  • Location IDs, business name, address, hours, categories, attributes, and photos
  • Posts the customer creates through our Social Scheduler
  • Reviews (text, ratings, reviewer name, response history), questions, and answers
  • Performance metrics: calls, direction requests, profile views, and post views

When a customer signs in to LPAI using Google, we also receive basic profile information (name, email, profile picture) from the OAuth provider for authentication purposes.

Full details, including how each data field is used and stored, are in Privacy Policy Section 1.5 and Section 7.

4. Limited Use compliance

LPAI's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

This means:

  • We use Google user data only to provide and improve the user-facing features customers have explicitly authorized.
  • We do not transfer Google user data to others except as necessary to provide those features, comply with applicable law, or as part of a merger or acquisition with customer notice.
  • We do not use Google user data for serving advertisements.
  • We do not allow humans to read Google user data, except with the customer's affirmative agreement for specific messages, when necessary for security purposes, to comply with applicable law, or when the data has been aggregated and anonymized for internal operations.

5. What we do not do

To be unambiguous about the boundary between our products:

  • ×We do not sell Google user data. Ever.
  • ×We do not use Google user data to train AI or machine learning models. Customer GBP data stays inside the customer's account.
  • ×We do not use Google Business Profile API data in our Lead Finder product. Our Lead Finder uses public business directory data licensed from third-party providers; it is a separate product with a separate data pipeline. The two products do not share data.
  • ×We do not access Google Business Profile data without customer OAuth authorization. No scraping, no back-channel access, no shared credentials.
  • ×We do not retain data after a customer disconnects the integration. See data retention below.

6. Data storage and security

  • Data is encrypted in transit using TLS 1.2 or higher.
  • Data is encrypted at rest using industry-standard symmetric encryption.
  • OAuth access tokens and refresh tokens are encrypted at rest with separate key management.
  • Database access is restricted to authorized personnel and audited.
  • We undergo regular security reviews and apply updates promptly.

Our full security posture is summarized in Privacy Policy Section 8.

7. Revoking access and deleting data

Customers can revoke our access two ways:

Through Google

Visit myaccount.google.com/permissions, find "LeadProspecting AI," and click Remove Access. This immediately invalidates our access tokens.

Through LPAI

Sign in to LPAI, navigate to Settings → Integrations, and click Disconnect next to Google Business Profile. This also revokes our access tokens with Google.

Either method works. Once access is revoked, we delete the associated Google Business Profile data from our systems within 30 days. To request deletion of any data already stored — including after account closure — follow the steps on our Data Deletion Instructions page.

8. Contact

Questions about our Google integration or data handling? We'll answer them.