Basic web stats reports. Checking that you're getting the geotargeting you paid for when you advertise. Preventing credit card fraud (billing address in one country, user located in another, detecting open proxies, etc). Lots of reasons geolocation has been used since long before browsers had a mobile-style API for it on the client side.
And if the user withdraws their consent (clicking "No", DNT headers, etc.) that should be the end of it. Don't locate, don't track, don't subvert user's consent.
Just flag it as "no location information available" if you need to use it for an access control/fraud prevention mechanism and be aware that determined bad guys can spoof almost every signal you receive from them.
