Question 1

What permissions does GA4 Audits need?

Accepted Answer

We request one read-only OAuth scope: https://www.googleapis.com/auth/analytics.readonly. It lets us read GA4 property settings and aggregated reporting data, but it cannot create, change, or delete anything.

Question 2

Can GA4 Audits modify my GA4 property or settings?

Accepted Answer

No. GA4 Audits runs in read-only mode. It cannot change property settings, create or delete events, modify audiences, update streams, or change user access.

Question 3

How do I revoke access?

Accepted Answer

Disconnect in GA4 Audits settings or remove access at myaccount.google.com/permissions. Tokens are deleted immediately.

Question 4

What GA4 account roles are required?

Accepted Answer

Viewer access is enough for most checks. Editor or Administrator access unlocks some property configuration checks.

Question 5

Can I audit properties I don't own?

Accepted Answer

Yes. Agencies commonly audit client properties. The property owner does not need a GA4 Audits account.

Question 6

How is my data stored and protected?

Accepted Answer

OAuth tokens are encrypted at rest with Fernet and stored in Supabase with row-level security. We persist audit results only. Raw GA4 data is queried on demand and never stored.

Question 7

Does GA4 Audits store my analytics data?

Accepted Answer

No. Raw data is queried on demand and discarded. Only audit results and scores are stored. Visitor-level data never leaves Google.

Question 8

Is GA4 Audits SOC 2 compliant?

Accepted Answer

No. Current controls include Cloud Run isolation, Supabase row-level security, Fernet-encrypted tokens, and HTTPS-only transport. We do not claim certifications we do not hold.

Question 9

What exactly does the audit check?

Accepted Answer

The audit covers property configuration, tag and consent validation, UTM integrity, data quality, and ecommerce tracking.

Question 10

Does the audit check consent mode implementation?

Accepted Answer

Yes. Playwright crawls the live site, detects the CMP, simulates consent interaction, and checks GA4 behavior before and after consent changes.

Question 11

How long does an audit take?

Accepted Answer

Most audits finish in under 10 minutes. Timing depends on site size, crawl depth, and GA4 data volume.

Question 12

What report formats are available?

Accepted Answer

PDF, PPTX, and Excel. Each includes severity, remediation steps, and the overall audit score.

Question 13

Can I white-label the reports?

Accepted Answer

Yes, but it is a managed setup rather than a self-serve toggle. Contact us to confirm scope and format.

Question 14

My connection failed. What should I do?

Accepted Answer

First, confirm the Google account has at least Viewer access to the GA4 property. Then check the consent screen and try reconnecting. If it still fails, contact support@ga4audits.com.

Question 15

Why are some checks showing as skipped?

Accepted Answer

They are not applicable to your property. For example, ecommerce checks skip if no purchase events are detected.

Everything you need to know

Still have questions?