Products and Services Relevant to Data Controllers

The following privacy principles are relevant to conduct of data controllers that place their data into the cloud, and apply to many jurisdictions around the world

Privacy Principles and Our Capabilities

An illustrative list of Google Cloud's capabilities to help data controllers comply with Common Privacy Principles
PRINCIPLE

Control

Product

Overview

Data Minimization

  • Data Discovery

  • Google Cloud's Data Loss Prevention (DLP) helps you discover and classify data at scale. Data such as payment card numbers, national identification numbers, protected health information, and other types of PII can be identified and tagged.

    Once discovered, DLP allows customers to minimize processing of PII through de-identification (e.g. tokenization) or automatic purging of unneeded data

    Learn more about how DLP can help you

  • Data Management

Integrity and Confidentiality (some examples, for a full list see Security Products)

  • User Access Management

  • Secure Processing

  • Transparency

  • Maintain visibility of insider access to your data through near real-time logs from  Access Transparency

  • Encryption

  • Google Cloud supports both Customer-Supplied and Customer-Managed encryption keys

Storage Limitation

  • Data Retention Monitoring

  • Data Catalog offers a programmatic, scalable mechanism to associate data with meaningful tags. Tagged data can be collected in a dashboard to help a Controller’s retention team identify when records are approaching retention thresholds and need to be purged

  • Data Residency

  • Maintain control over data residency requirements through Cloud's data regions

Purpose Limitation

  • Cloud Identity and Access Management (IAM) can be used for multiple types of identities (Employees, Partners, Workloads and End Users) to restrict access to roles more aligned with the dataset’s purpose

  • IAM Recommender can help to define custom roles for more granular access control

  • VPC Service Controls enforces policies to isolate services and enable context aware access which can take into account the user’s identity and location before allowing access.

Explore all our privacy and security products

Learn more about Cloud Privacy and Security products

Check out all relevant products that Google Cloud offers