Terms of Service (Draft) – GA4 Auditor / GA4 Check
Status: 2025-12-17
1) Scope and Definitions
These Terms of Service (“Terms”) govern the use of the web application GA4 Auditor (“App”, “Service”) by users (“User”).
If an organization (e.g., company/agency) uses the app, an administrator can manage multiple users within an organization.
2) Provider (Imprint Light) / Contact / Support
Provider / Contracting Party:
- Company/Name: Bernhard Prange, Webmasterei Prange
- Address: Weg in der Aue 3, 34128 Kassel, Germany
- Contact: bernhard@webmasterei-prange.de
- Support Email: bernhard@webmasterei-prange.de
3) Description of Services
The app supports the analysis of Google Analytics 4 setups and data quality.
Depending on the activated functions, the app accesses Google services – after user consent:
- Google OAuth Login (Identification/Authentication)
- GA4 Admin API (Configuration/Setup Data)
- GA4 Data API (Reporting/Realtime Data)
- BigQuery (optional) for executing queries on the existing GA4 BigQuery Export (Dataset
analytics_<PROPERTY_ID>)
The app makes no changes to GA4 configurations and writes no data to GA4 or BigQuery.
4) Access, Accounts, and Organizations
- Use requires a Google account.
- Authentication is done via Google OAuth (Google Sign-In).
- Users are obligated to protect their Google account credentials and prevent unauthorized use.
4.1 Roles, Invitations
The app can be used on an organizational basis. There are roles (e.g., admin/member) that control permissions within the organization.
Invitations can be sent via email and are time-limited.
5) Permitted and Prohibited Use
Users undertake in particular:
- to use the app only within the framework of applicable laws and these terms,
- to only access those GA4/BigQuery resources for which they are authorized,
- not to violate the rights of third parties,
- not to bypass or impair any security mechanisms.
Specifically prohibited is:
- abusive or excessive use, e.g., automated mass access, scraping, load tests without approval, denial-of-service,
- reverse engineering, decompilation, or attempting to extract source code, proprietary logic, or security mechanisms (to the extent prohibited by law),
- introducing malicious code, exploiting vulnerabilities, or circumventing access restrictions,
- using the app to process or transmit illegal content.
The provider may use technical measures (e.g., rate limits) to protect the service.
6) Google Data & OAuth (Scope-related) / Revocation
6.1 Which Google data is used and for what?
The app processes Google data exclusively to provide the functions requested by users (GA4 checks/audits, display of results).
Typical data categories (depending on the permissions/scopes granted) are:
- Profile/account data from login (e.g., email, name, profile picture URL)
- GA4 configuration data (Admin API; e.g., properties/streams/links/key events/audiences/settings)
- GA4 reporting/realtime data (Data API; e.g., aggregated metrics/dimensions for data quality checking)
- BigQuery data (optional; queries on GA4 export tables
events_*/events_intraday_*for creating quality checks)
Note on Scopes: The specifically requested OAuth scopes are displayed transparently in the Google Consent Screen.
Examples (placeholder – please adapt to your actual scopes):
openid,email,profile[GA4 Admin API Scope, z.B. analytics.readonly][GA4 Data API Scope, z.B. analytics.readonly][BigQuery Scope, z.B. bigquery.readonly]
6.2 Revoke Access
Users can revoke the app’s access to their Google account at any time (e.g., via the Google account settings “Security” → “Third-party access” or “Apps with account access”).
6.3 Google API Services User Data Policy (Limited Use)
If the app accesses data via Google APIs, the following applies:
- Google data will not be sold.
- Google data will not be used for personalized advertising/retargeting.
Our use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the requirements zur Limited Use.
7) Data Protection
Information on the processing of personal data can be found in the Privacy Policy.
8) Optional Integrations
Depending on the configuration of the organization, optional integrations can be activated, e.g.:
- Brevo: Contact Sync (email + technical usage attributes such as login count/property count/last login). Users can (depending on the app setting) object to the marketing sync.
- Tracking/Analytics: An admin can store a tracking snippet (e.g., Google Tag Manager). The app sends events according to the principle of data minimization.
9) Availability, Maintenance, and Changes to the Service
The provider strives for high availability but – unless otherwise agreed – does not owe uninterrupted availability. Maintenance work, security updates, and malfunctions can lead to interruptions.
The provider can adapt, further develop, or discontinue functions, provided that this is reasonable (especially considering the legitimate interests of the users).
10) Prices / Payment / Contract Period
- Cost model: free
- Payment: not applicable
- Term/Termination: Users can discontinue use at any time; the revocation of Google permissions is possible at any time (see section 6.2).
- Refund: not applicable
11) Intellectual Property / Usage Rights
All rights to the app (software, trademarks, content) remain with the provider or rights holders. Users receive a simple, non-transferable, revocable right to use the app to the agreed extent.
12) Warranty and Liability
The app provides analysis and test results that depend, among other things, on data quality, configuration, and permissions. The service is provided “as is” to the extent permitted by law. A guarantee for completeness/correctness can – as far as legally permissible – be excluded or limited.
13) Blocking / Termination / Ending
The provider can block or delete accounts/organizations if:
- these terms of use are violated,
- there is abusive use or security risks,
- legal obligations require this.
Users can revoke access to Google permissions at any time (see section 6.2).
14) Changes to these Terms of Service
The provider can adapt these terms of use if this is necessary for legal/technical reasons. Information about significant changes will be provided in a suitable manner. The current version with the version date is decisive.
15) Final Provisions (Placeholder)
- Applicable Law: Federal Republic of Germany
- Jurisdiction: Kassel (as far as legally permissible)
Should individual provisions of these terms of use be or become wholly or partially ineffective, void, or unenforceable, the effectiveness of the remaining provisions shall remain unaffected. In place of the ineffective, void, or unenforceable provision, that effective and enforceable regulation shall be deemed agreed which comes closest to the economic purpose of the original provision. The same applies in the event of a regulatory gap.
