Standards, regulations & certifications

To help you with compliance and reporting, we share information, best practices, and easy access to documentation. Our products regularly undergo independent verification of security, privacy, and compliance controls, achieving certifications against global standards to earn your trust. We're constantly working to expand our coverage.

This site contains information about Google's certifications and compliance standards it satisfies as well as general information about certain region or sector-specific regulations.

ISO 27018

Protecting personal data.

The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.

ISO 27018 relates to the protection of personally identifiable information (PII), and as such, deals with one of the most critical components of the cloud—privacy. This standard is primarily focused on security controls for public-cloud service providers acting as PII processors. ISO 27018 works in two ways:

  • Builds off of existing ISO 27002 controls with specific items for cloud privacy
  • Provides completely new security controls for personal data

Google Cloud Platform, G Suite, and Chrome are certified as ISO 27018 compliant.

Google Cloud services that are in scope for ISO 27018:

Google Cloud Platform:
G Suite:
  • Chrome Services
    • Chrome Education
    • Chrome Enterprise
    • Chrome Kiosk
    • Chrome nonprofit
  • Chrome Sync