Comment by tranq_cassowary

Google Maps is sandboxed even on the stock Pixel OS. Sandboxing is part of the AOSP. GrapheneOS hardens the sandbox a bit, but it's not the most significant feature of the project. What isn't sandboxed on Android OSes that license Google Mobile Services (GMS) is Google Play (Play Store, Play Services and for older installs also Play Services Framework). On GrapheneOS Google Play is sandboxed as well, so it's treated as any other regular app, it's doesn't get priviliged exceptions.

Sandboxing isn't what would prevent an app from sending data. Sandboxing restricts what an app can access on your device because access is gated behind permissions and apps also can't peek into other apps. So it won't just be able to grab and send out data you don't give it access to, which is the most important of course.

You can install Google Maps and use a dedicated Google account for it with limited personal info. You can avoid giving your real name and also giving a phone number if you make your Google account from within the app and on a trusted network (not a VPN adress but public WiFi or cellular). It won't be able to identify your phone using hardware identifiers because non-system apps don't have access to those, the only regular app that might be able to acces such hardware identifiers is an app which is set as the default SMS app. See: https://grapheneos.org/faq#hardware-identifiers