Standards, Regulations & Certifications

To help you with compliance and reporting, we share information, best practices, and easy access to documentation. Our products regularly undergo independent verification of security, privacy, and compliance controls, achieving certifications against global standards to earn your trust. We’re constantly working to expand our coverage.

ISO 27018

Protecting personal data.

The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.

ISO 27018 relates to the protection of personally identifiable information (PII), and as such, deals with one of the most critical components of the cloud—privacy. This standard is primarily focused on security controls for public-cloud service providers acting as PII processors. ISO 27018 works in two ways:

  • Builds off of existing ISO 27002 controls with specific items for cloud privacy
  • Provides completely new security controls for personal data

Google Cloud Platform and G Suite are are certified as ISO 27018 compliant.

Google Cloud services that are in scope for ISO 27018:

Google Cloud Platform:
G Suite:
Additional Google Products:
Google Product APIs:
G Suite Admin SDK:
Service / Dependency :
  • Gmail Delivery
  • Gmail Frontend / Middleware
  • Gmail Medley
  • Gmail Spam