Compliance resource center

Google Cloud’s industry-leading security, third-party audits and certifications, documentation, and legal commitments help support your compliance.

Google Cloud compliance

Our products regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations, and audit reports to demonstrate compliance. We’ve also created resource documents and mappings for compliance support when formal certifications or attestations may not be required or applied.

Download reports directly via our Compliance Reports Manager

Learn about:

  • Google Cloud certifications and the compliance standards that we satisfy
  • General information about regional and sector-specific regulations
  • The latest industry news and best practices updates
  • Documentation to aid your own reporting and compliance efforts

Compliance offerings by region

We continually expand our coverage against the most important global standards.

Canada

USA

Latin America

EMEA

Asia Pacific

See offerings for all regions
Map of the world showing five regions: Canada, USA, Latin American, EMEA, Asia Pacific

Compliance offerings by category

Laws / regulations

Cloud service providers can’t provide formal certification of our customers’ compliance with these laws and regulations. But we work hard, via our products, technical capabilities, guidance documents and legal commitments, to make the compliance process as easy as possible for your organization.

ACPR (France)Act on the Protection of Personal Information (Japan) | APRA Prudential Standard CPS 234 | PDPL (Argentina)APPs (Australia) | BaFin Cloud Outsourcing Guidance | Banco de EspañaBanco de Portugal | Bank Negara (Malaysia)Bank of Italy | Bank of Thailand (BOT)BCRA (Argentina)BRSA (Turkey) | BSP (Philippines) | BWG (Austria)California Consumer Privacy Act (CCPA) | Central Bank of Brazil (Brazil) | Central Bank of Ireland (Ireland) | CNBV (Mexico) | CNSF (Mexico)  | CMF (Chile)COPPA (U.S.) | CSSF (Luxembourg)De Nederlandsche Bank (the Netherlands) | DSA (Bangladesh) | ESMA (EU)EU Standard Contractual Clauses | Export Administration Regulations (EAR) | FDIC (US)FERPA (U.S.) | FG16/5 - FCA | FINMA (Switzerland) | Financial Superintendence of Colombia | FSA (Denmark)FSC Insurance Outsourcing Directions | FSC Banking Outsourcing Regulations | GDPR | GR 95/2018 guidelines | GxP | HIPAA | IA (Hong Kong) | HKMA (Hong Kong) | MAMPU (Malaysia) | PDPO (Hong Kong) | Indonesia Government Regulation No. 71 (GR 71) | IRDAI (India)IRS 1075 | International Traffic in Arms Regulations (ITAR) | KNF (Poland) | FSC (Korea)Lei Geral de Proteção de Dados (LGPD) | MaRisk AT 9 Outsourcing | MAS TRM Guidelines | NERC CIPOJK Circular 21 of 2017 (SEOJK 21) | OJK Regulation No. 38 of 2016 (POJK 38)  | OSFI (Canada) | PDPA (Malaysia) | PDPA (Philippines) | PDPA (Taiwan) | PIPA (Korea) | PHIPA (Canada) | PRA (UK) | RBI (India) | Reserve Bank of New Zealand (New Zealand) | revFADP (Switzerland) | SEC (US) | Securities and Exchange Board of India (SEBI) | SFSA (Sweden) | PDPA (Singapore) | South Africa POPI | State Bank of Vietnam | Superintendencia de Banca (Peru)SYSC 8 Outsourcing - FCA Handbook | The Privacy Act (New Zealand) | PIPEDA (Canada) | VAG (Austria)

Alignments / frameworks

Our products, technical capabilities, guidance documents, and legal commitments help our customers map to these frameworks and alignments. These offerings may not require formal certification or attestation, though we may rely on our certifications, attestations, and reports to help our customers map to these frameworks and alignments.