Menu
ENFR
[Contacts]

© 2026 Shuhai Marketing

Tous droits réservés

Politique de confidentialitéPolitique de cookiesAPI Usage

How Shuhai Marketing Uses Google APIs

Shuhai Marketing is a Calgary-based digital marketing agency that manages Google Ads campaigns, Google Business Profiles, and search performance for small and medium businesses across Canada. Our internal agency tools integrate with the Google Ads API and several related Google APIs so we can operate dozens of client accounts under our manager account at the quality our clients expect. This page documents the APIs we use, the specific use cases, the scopes we request, our Google Cloud project, and how we protect the data — for our clients, for Google reviewers, and for the public record.

Who We Serve

We manage advertising campaigns and online business presence on behalf of small and medium businesses across Canada. Current and recent clients include AppFix (appliance repair, Ontario), Norden Seal (windows & doors, Calgary), Sunbusters Window Cleaning (Calgary), Genesis Dental Centre (Calgary), AlphaTech Windows (Calgary), YOHO Gift, Prozoryy Office Advokata (Ukraine), and Three Hills Dental (Alberta). Every integration is performed under explicit client authorization — clients add their accounts to our manager profiles, and they retain ownership and the ability to revoke access at any time.

Google APIs We Use

Google Ads API

Business context: Shuhai Marketing is a digital marketing agency operating Google Ads campaigns on behalf of paying clients. All client ad accounts are linked as children of our Google Ads manager account (MCC 765-153-5142), and we manage them under the standard agency model — clients own their accounts, we operate them. Current managed accounts include AppFix, Norden Seal, Sunbusters Window Cleaning, Genesis Dental Centre, AlphaTech Windows, YOHO Gift, Prozoryy Office Advokata, Magic Move, and Three Hills Dental.

What our internal tools do with the Ads API:

  • Negative-keyword audits. We pull search-terms reports from production client accounts, run them through an AI-assisted heuristic to surface negative-keyword candidates, then route the candidates to a human approver (the account strategist) via Telegram. Nothing is mutated on a client account without explicit human approval.
  • Monthly client performance reports. We pull spend, conversions, CTR, top creatives, and campaign-level metrics, then render a branded PDF report in our agency template for each client every month.
  • Campaign health monitoring. Spend pacing against budget, anomaly detection on CPC / CPL, alerts to our internal Telegram channel when something deviates from baseline.
  • Reporting dashboards. Live dashboards for select clients (Norden Seal, Prozoryy) that surface lead-volume and cost metrics in the client's own subdomain.

Scope requested: https://www.googleapis.com/auth/adwords

Access level requested — Basic, and why we need it: the Test Account access level (the default at signup) only works against test accounts and cannot query production client accounts. Every use case above runs against live production data on real client MCC sub-accounts, which requires Basic access at minimum. The 15,000-operations-per-day cap that Basic provides is well above our current and projected load — we operate ~10 client accounts, with each monthly report cycle generating on the order of a few hundred operations per account.

Google Business Profile APIs

Why: several of our clients ask us to maintain their Google Business Profile alongside ads work. Local SEO and reputation management is a meaningful share of how small businesses get found, and manual handling across multiple locations is error-prone.

What our tools do:

  • Monitor incoming reviews and draft response suggestions in the client's voice; the client (or their designated point of contact) reviews and approves the response before it is posted.
  • Schedule and publish profile posts (offers, events, updates) per a content calendar agreed with the client.
  • Pull weekly and monthly performance metrics — calls, direction requests, website clicks, search/maps impressions — for reporting.
  • Audit location information (NAP consistency, hours, attributes, photos) across all managed locations.

Scope requested: https://www.googleapis.com/auth/business.manage

APIs in use: Business Profile Performance API, My Business Business Information API, My Business Account Management API.

Google Search Console API

Why: SEO performance reporting for clients whose websites we audit and improve (Genesis Dental, AppFix, Shuhai's own site, and others).

What our tools do: read-only retrieval of query, page, and country dimensions for performance reports. We do not modify properties via the API.

Scope requested: https://www.googleapis.com/auth/webmasters.readonly

Google Sheets API

Why: client content calendars, lead intake logs, and reporting dashboards live in Google Sheets that we own or that clients explicitly share with us.

What our tools do: read calendar rows and write status / output back to the same sheet. No access to spreadsheets not explicitly shared with us.

Scope requested: https://www.googleapis.com/auth/spreadsheets

Authorization & Access Model

Shuhai Marketing operates these integrations under our agency's own Google identity. Clients do not go through an OAuth consent flow with us — instead, they grant access through Google's native management mechanisms:

  • Google Ads — clients link their ad account to our manager account (MCC 765-153-5142) via the standard Google Ads "Link request" / "Account access" flow. Our tools call the Google Ads API using a single developer token tied to our MCC, under our operator login. We do not request OAuth scopes from individual client end-users.
  • Google Business Profile — clients add our Business Profile Manager account as a Manager on their location via business.google.com. Our tools call the Business Profile APIs under our operator's authorized credentials. We do not request OAuth scopes from individual client end-users.
  • Search Console & Sheets — accessed under our own operator account, which has been granted property / file access by clients through Google's standard sharing UI (Search Console "Users and permissions" / Sheets "Share").

Because the only OAuth-authenticated identity is Shuhai's operator account, our OAuth consent screen serves a single internal user and is not used for public-facing end-user authorization. Clients retain ownership of their accounts and may revoke our manager access at any time through the same native Google UI used to grant it.

How We Protect the Data

  • Limited Use compliance. Our use of data received from Google APIs follows the Google API Services User Data Policy, including its Limited Use requirements: we use the data only for the agency services described above, we don't sell it, we don't use it for advertising, and humans don't read it except for the narrow exceptions the policy permits (consent, security investigation, legal compliance, or aggregated/anonymized form).
  • Least-privilege access. Tokens are stored in encrypted secret stores on a single hardened production server (UFW + fail2ban + key-only SSH). Service accounts are scoped to the minimum required by each tool.
  • No third-party transfer. Client data is not sent to any third party except providers strictly necessary to deliver our services (hosting, transactional email), each under a data-processing agreement.
  • Retention. Raw API data is retained only as long as needed to fulfil the request. Aggregated reports may be retained longer, in client-account-scoped form, for trend analysis.
  • Revocation. Clients can revoke our access to their Google account at any time at myaccount.google.com/permissions; our tools handle revocation gracefully and stop further requests.

Tool Identity & Technical Setup

Tool name
Shuhai Marketing — Agency Tools
Operator
Shuhai Marketing (Calgary, Alberta, Canada)
Primary domain
shuhaimarketing.com
Google Ads Manager (MCC)
765-153-5142 — Shuhai Marketing manager account; all client ad accounts are linked as children
Google Cloud project
Project number 1078833271957 — used for the Google Ads API, Google Business Profile APIs, Search Console API, and Sheets API
OAuth consent screen
Internal use only — single operator account; no end-user OAuth consent flow is exposed to clients or the public
API contact email
jack@shuhaimarketing.com (regularly monitored; replies to compliance correspondence are sent the same business day)
Privacy Policy
shuhaimarketing.com/privacyPolicy

Changes

This page is updated whenever we add or remove a Google API integration, change the scopes we request, or substantially change how data is used. Material changes are reflected here and in our Privacy Policy.

Last updated: May 21, 2026.