We are committed to complying with applicable data protection laws
We are always working to stay compliant, which helps make compliance easier for your business. We are audited regularly by third parties, maintain certifications, provide industry-standard contractual protections and share tools and information you can use to strengthen your business’ compliance.
Our commitment to user privacy
Keeping users’ information safe, secure and private is among our highest priorities at Google. Over the years, we have worked closely with data protection authorities around the world and have implemented strong privacy protections that reflect their guidance.
Robust safeguards
We are well placed to meet the security requirements of the applicable data protection laws. Our services are backed by robust, state-of-the-art technical and organizational safeguards, dedicated security and privacy teams and our program is reviewed annually by third-party auditors.
Incident response
We will promptly inform you of incidents involving your customer data in line with the data incident terms in our agreements with you. We maintain and continue to invest in advanced threat detection and avoidance technologies, as well as a rigorous 24/7 incident management program to help you identify and respond to security or privacy events without delay and with available information.
User transparency
We provide transparency about how data is used in our ads products. We ask users for permission to use data to personalize ads and provide transparency into how the data is used in real time via the “Why this ad” feature. We provide detailed explanations on how we use data on safety.google.com and in our Privacy Policy. We also provide transparency to users on what data Google saves about them in their Google Account, where users can view and manage their data, privacy, and security settings. Users can go to their Ad Settings to control the use of data for ads personalization and for all ads shown by Google, including on our Google Marketing Platform products. As part of our continued commitment to give users controls to manage their privacy, we have updated our account creation experience to give users more options on what data they choose to save in their account.
Privacy practices
We already have processes to build privacy into our products from the very earliest stages, and we are continually evolving our practices, including Data Protection Impact Assessments, to meet worldwide changing requirements including those in the GDPR around Privacy by Design and Privacy by Default.
Ads data retention policies
We update our ads data retention policies whenever necessary and have made changes to our products to unify retention practices.
Digital Markets Act Raising Issues with Public Authorities
Google does not interpret any provisions, including confidentiality provisions, in its contracts or terms of service that are in scope of the Digital Markets Act, as preventing counterparties from raising any issue of non-compliance with the law or with any relevant public authority. This is without prejudice to the operation of lawful complaints-handling mechanisms that are laid down in agreements with business users, as defined by the Digital Markets Act.
Our commitment to data protection laws
Privacy regulation is changing. We know you need to select products that are both compliant with all applicable data protection laws, and use personal data in ways that are compliant. Learn more about how Google is complying with specific privacy laws below.
Audits and certifications
Any data you share with Google is protected. Our products’ security controls are regularly audited in line with international standards to ensure all personal information is handled safely and responsibly. In addition, the effectiveness of our controls is reviewed by an independent third party every two years, at least.
