Google Cloud and Common Privacy Principles

Our shared responsibility for privacy compliance

Folder security icon

Our Joint Privacy Journey

While direct responsibilities change based on the services you use, privacy controls are always in your hands and Google is always responsible for protecting our infrastructure. We strive to operate in a shared-fate model for privacy and security management. We believe in actively partnering to help you deploy workloads and operate in a privacy-compliant manner, providing you with products & solutions. This also shifts a portion of the cost of privacy and compliance onto Google Cloud and away from customers.

Security compliance report icon

Data Controllers and Data Processors

Under many common privacy regulations, the extent of responsibility is determined by whether the entity is acting as a data controller vs. a data processor. The exact definition varies by regulation but broadly speaking, the controller role determines the purpose and means of processing, while the processor performs processing according to controller's instructions.

This page describes some of the common privacy principles applicable to customers (typically, acting as data controllers) and Google Cloud (most commonly, as a data processor).

Key Common Privacy Principles for Data Processors

The following sections describe Google Cloud's adherence to common privacy principles applicable to data processors

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Need help getting started?
Work with a trusted partner
Continue browsing

Take the next step

Start your next project, explore interactive tutorials, and manage your account.

Need help getting started?
Work with a trusted partner
Get tips & best practices