Last modified: January 26, 2021
These Service Specific Terms are incorporated into the agreement under which Google has agreed to provide Google Cloud Platform (as described at https://cloud.google.com/terms/services) to Customer (the “Agreement”). If the Agreement authorizes the resale or supply of Google Cloud Platform under a Google Cloud partner or reseller program, then all references to Customer in the Service Specific Terms mean Partner or Reseller (as applicable), and all references to Customer Data in the Service Specific Terms mean Partner Data. Capitalized terms used but not defined in the Service Specific Terms have the meaning given to them in the Agreement.
General Service Terms
- Data Location. Customer may configure the Services listed at https://cloud.google.com/terms/data-residency to store Customer Data in a specific Region/Multi-Region as detailed in the Cloud Locations Page, and Google will store that Customer Data at rest only in the selected Region/Multi-Region. The Services do not limit the locations from which Customer or Customer End Users may access Customer Data or to which they may move Customer Data. For clarity, Customer Data does not include resource identifiers, attributes, or other data labels.
- Operations of Communications Services. Notwithstanding any telecommunications restrictions in the Agreement, Customer may use the Services for hosting capacity in connection with Customer’s provision of telecommunications services to Customer End Users if (a) Customer obtains, maintains, and complies with all necessary regulatory licenses, registrations or other applicable requirements relating to such telecommunications services, and (b) Customer does not use or resell the Services to provide telecommunications connectivity, including for virtual private network services, network transport, or voice or data transmission.
General Software Terms. The following terms apply to all Software:
- License. Google grants Customer a royalty-free (unless otherwise stated by Google), non-exclusive, non-sublicensable, non-transferable license during the Term to reproduce and use the Software ordered by Customer on systems owned, operated, or managed by or on behalf of Customer in accordance with (i) the Agreement, and (ii) if applicable, the Scope of Use. Customer may authorize its and its Affiliates' employees, agents, and subcontractors (collectively, “Software Users”) to use the Software in accordance with this section (License), so long as Customer remains responsible. Customer may make a reasonable number of copies of the Software for back-up and archival purposes. For clarity, Software does not constitute Services.
- Documentation. Google may provide Documentation describing the appropriate operation of the Software, including a description of how Software is properly used, and whether and how the Software collects and processes data. Customer will comply with any restrictions in the Documentation regarding Software use.
- Compliance With Scope of Use. Within 30 days of Google’s reasonable written request, Customer will provide a sufficiently detailed written report describing its usage in accordance with the applicable Scope of Use of each Software product used by Customer and its Software Users during the requested period. If requested, Customer will provide reasonable assistance and access to information to verify the accuracy of Customer’s Software usage report(s).
- Other Warranties and Compliance. Each party represents and warrants that it will comply with all laws and regulations applicable to its provision or use of the Software, as applicable. Customer will: (i) ensure that Customer and its Software Users' use of the Software complies with the Agreement and the restrictions in the Agreement applying to Customer's use of the Services; (ii) use commercially reasonable efforts to prevent and terminate any unauthorized access to or use of the Software; and (iii) promptly notify Google of any unauthorized access to or use of the Software of which Customer becomes aware. If the Software contains open source or third-party components, those components may be subject to separate license agreements, which Google will make available to Customer. Customer is solely responsible for complying with the terms of any third-party sources from which Customer elects to migrate its workloads onto the Services, and represents and warrants that such third-party sources permit the use of Software to migrate applications away from such sources. If the Agreement terminates or expires, then Customer will stop using all Software and delete it from Customer's systems.
Premium Software Terms. The following terms apply only to Premium
- Introduction. Google makes certain Software available under the Agreement described as “Premium Software” at https://cloud.google.com/terms/services (“Premium Software”). Customer will pay applicable Fees for any Premium Software it obtains as described at the Fees URL. Premium Software is Google’s Confidential Information.
Software Warranty. Google warrants to Customer that for one year
from its delivery, Premium Software will perform in material conformance with the
applicable Documentation. This warranty will not apply if (i) Customer does not
notify Google of the non-conformity within 30 days after Customer first discovers
it, (ii) Customer modifies Premium Software or uses it in violation of the
Agreement, or (iii) the non-conformity is caused by any third-party hardware,
software, services, or other offerings or materials, in each case not provided by
If Google breaches this warranty, then Google will, in its discretion, repair or replace the impacted Premium Software at no additional charge. If Google does not believe that repairing or replacing would be commercially reasonable, then Google will notify Customer and (A) Customer will immediately cease use of the impacted Premium Software and (B) Google will refund or credit any prepaid amounts for the impacted Premium Software and Customer will be relieved of any then-current commitment to pay for future use of the impacted Premium Software. Without limiting the parties’ termination rights, this section (Software Warranty) states Customer’s sole remedy for Google’s breach of the warranty in this section (Software Warranty).
- Software Indemnification. Google’s indemnity obligations under the Agreement with respect to allegations of infringement of third-party Intellectual Property Rights apply to Premium Software, and Customer’s indemnity obligations under the Agreement with respect to Customer’s use of the Services apply to Customer’s use of Premium Software. In addition to any other indemnity exclusions in the Agreement, Google’s indemnity obligations will not apply to the extent the underlying allegation arises from modifications to Premium Software not made by Google or use of versions of Premium Software that are no longer supported by Google.
- Technical Support. Unless otherwise specified by Google, Google will make TSS available for Premium Software for an additional charge, in accordance with the TSS Guidelines.
- Compliance. Premium Software may transmit to Google metering information reasonably necessary to verify that use of the Premium Software complies with the Scope of Use, as described in the applicable Documentation. Customer will not disable or interfere with the transmission of such metering information.
- Updates and Maintenance. During the Term, Google will make available to Customer copies of all current versions, updates, and upgrades of Premium Software, promptly upon general availability, as described in the Documentation. Unless otherwise stated in the Documentation for the applicable component of Premium Software, Google will maintain the current release of Premium Software and the two versions immediately preceding the current release, including by providing reasonable bug fixes and security patches. Maintenance for any Premium Software may be discontinued with one year’s notice from Google, except Google may eliminate maintenance for a version and require upgrading to a maintained version to address a material security risk or when reasonably necessary to avoid an infringement claim or comply with applicable law.
Pre-GA Offerings Terms. Google may make available to Customer
pre-general availability Google Cloud Platform features, services or
software that are either not yet listed at
or identified as "Early Access","Alpha",
"Beta", "Preview", “Experimental,” or a similar designation in
related documentation or materials (collectively,
"Pre-GA Offerings"). While Pre-GA Offerings are not Services or
Software, Customer’s use of Pre-GA Offerings is subject to the terms of the
Agreement applicable to Services (or Software, if applicable), as amended by this
Customer may provide feedback and suggestions about the Pre-GA Offerings to Google, and Google and its Affiliates may use any feedback or suggestions provided without restriction and without obligation to Customer.
PRE-GA OFFERINGS ARE PROVIDED “AS IS” WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES OR REPRESENTATIONS OF ANY KIND. Pre-GA Offerings (a) may be changed, suspended or discontinued at any time without prior notice to Customer and (b) are not covered by any SLA or Google indemnity. Except as otherwise expressly indicated in a written notice or the documentation for a given Pre-GA Offering, (i) Pre-GA Offerings may not be covered by TSS and (ii) the Data Processing and Security Terms do not apply to Pre-GA Offerings and Customer should not use Pre-GA Offerings to process personal data or other data subject to legal or regulatory compliance requirements. With respect to Pre-GA Offerings, to the maximum extent permitted by applicable law, neither Google nor its suppliers will be liable for any amounts in excess of the lesser of (A) the limitation on the amount of liability stated in the Agreement or (B) $25,000. Nothing in the preceding sentence will affect the remaining terms of the Agreement relating to liability (including any specific exclusions from any limitation of liability). Customer's access to and use of any Pre-GA Offering is subject to any applicable Scope of Use. Either party may terminate Customer's use of a Pre-GA Offering at any time with written notice to the other party. Certain Pre-GA Offerings may be subject to additional terms stated below.
- Benchmarking. Customer may conduct benchmark tests of the Services (each a "Test"). Customer may only publicly disclose the results of such Tests if it (a) obtains Google's prior written consent, (b) provides Google all necessary information to replicate the Tests, and (c) allows Google to conduct benchmark tests of Customer's publicly available products or services and publicly disclose the results of such tests. Notwithstanding the foregoing, Customer may not do either of the following on behalf of a hyperscale public cloud provider without Google's prior written consent: (i) conduct (directly or through a third party) any Test of the Services or (ii) disclose the results of any such Test.
- Trials. Certain Services may be made available to Customer on a trial basis. The parameters of each trial, including any Scope of Use, may be presented to Customer either through the Fees URL, Admin Console, Documentation, email, or as otherwise communicated by Google. Use of a trial indicates Customer’s acceptance of any such parameters.
- PGSSI-S. Customer will comply with France's General Security Policy for Health Information Systems (PGSSI-S) to the extent applicable.
- “Cloud Locations Page” means https://cloud.google.com/about/locations/ .
- “Documentation” means the then-current Google documentation made available by Google to its customers for use with the Services at https://cloud.google.com/docs/.
- “Fees URL” means https://cloud.google.com/skus or a successor URL.
- “Region/Multi-Region” means a region or multi-region as described in the Documentation and identified at the Cloud Locations Page.
- “Scope of Use” means any limits on installation or usage of Services or Software described at the Fees URL, Admin Console, or otherwise presented by Google.
- Additional Security. If Customer requires greater than eight static IP addresses, Google may file a SWIP report with the American Registry for Internet Numbers (ARIN). Google may log DNS lookups, as well as source and destination IP addresses, for security purposes.
- Sustained Usage Discounting. Any credits provided to Customer in connection with sustained usage discounting have no cash value and can only be applied to offset future Compute Engine Fees. Upon termination or expiration of the Agreement, such credits will expire.
- Google Cloud Marketplace. If Customer uses Compute Engine tools or APIs to deploy or otherwise use any software or services from Google Cloud Marketplace (or Google Cloud Launcher), then Customer’s related deployment or use will be subject to the Google Cloud Marketplace Terms of Service.
- Sole-Tenant Nodes. Customer may select that Google provide the Compute Engine Service on physical Google host hardware dedicated to a single Project. While no other Google customer virtual machine instance will share that host hardware with Customer’s virtual machine instances, Compute Engine’s virtualization software will reside on that host hardware and continue to manage Customer’s virtual machine instances on that host hardware.
- Compute Engine, Google Kubernetes Engine, and Container Registry Service - Docker Hub. If Customer or a Customer End User requests container(s) from the Docker Hub for its Project or Customer Application, Customer instructs Google to cache a copy of such container in the Container Registry for future use.
- App Engine - Data Location. Customer may configure App Engine to store Customer Data in the United States or European Union, and Google will store that Customer Data at rest only in that location. The Service does not limit the locations from which Customer or Customer End Users may access Customer Data or to which they may move Customer Data. For clarity, Customer Data does not include resource identifiers, attributes, or other data labels.
Google Cloud VMware Engine (GCVE).
- Customer Security Obligations. Google may not have access to Customer's VMware environment. As such, (i) Customer acknowledges that, notwithstanding Section 7.1.1 (Google's Security Measures) of the Data Processing and Security Terms, Google may not be able to encrypt personal data in Customer's VMware environment and (ii) Customer will enable vSAN encryption and take other appropriate measures to protect and maintain the security of Customer Data stored on or processed through GCVE.
- Customer Responsibilities. Customer is solely responsible for obtaining and maintaining all licenses, rights, consents, and permissions that are required for Customer's use of any Operating Systems, software, applications, or other content that Customer uploads to or uses in connection with GCVE. For the purposes of this Section, "Operating System" means any operating system that (i) Customer uploads to, hosts on, or uses in connection with GCVE, or (ii) Customer instructs Google to pre-load onto GCVE servers.
Cloud Storage - Bucket Lock. Customer will comply with
applicable laws and regulations with respect to the retention of Bucket Lock Customer
Data, including determining and applying the appropriate retention and hold periods
and, if applicable, promptly furnishing any Bucket Lock Customer Data in a usable
format. Customer is also responsible for keeping its Account in good standing during
any retention and hold period. Upon deletion of a Project or Account, or termination of
the Agreement, Google may delete the applicable Bucket Lock Customer Data.
- “Bucket Lock” means the feature of Cloud Storage that allows Customer to set and lock a retention or hold period applicable to Customer Data in a Cloud Storage bucket.
- “Bucket Lock Customer Data” means Customer Data stored in Cloud Storage with Bucket Lock activated.
- Cloud Interconnect - Partner Interconnect. Customer will independently engage a network service provider (“Cloud Interconnect Partner”) who has agreed with Google to supply connectivity between Customer and Google under Google’s partner terms for Partner Interconnect. Customer is responsible for any charges for connectivity by the Cloud Interconnect Partner. Google is not responsible for any aspects of Partner Interconnect provided by the Cloud Interconnect Partner or any issues arising outside of Google’s network.
AI and Machine Learning
- AI Building Blocks. Customer will not (either directly or intentionally via third parties) use these Services to create, train, or improve (directly or indirectly) a similar or competing product or service to the specific Service being used by Customer (and specifically covered by this section). In addition to any other available remedies, Google may immediately suspend or terminate Customer's use of these Services based on any suspected violation of these terms, and violation of these terms is deemed violation of Google's Intellectual Property Rights. Customer will provide Google with any assistance Google requests to reasonably confirm compliance with these terms. In addition to this section applying to the AI Building Blocks, this section will also apply to any AutoML-related functionality accessible in AI Platform. These terms will survive termination or expiration of the Agreement.
- AI Platform Training and Prediction (AITP). Customer owns the model weights that Customer trains in AITP and can export such model weights in the supported output of the AITP supported machine learning library Customer used to train them (e.g., TensorFlow, XGBoost, scikit-learn, PyTorch).
- Celebrity Recognition (via functionality of Cloud Vision and Video Intelligence API). Customer will only use Celebrity Recognition functionality (i) with professionally filmed media content that Customer owns or has adequate consent to use with the functionality under applicable law and (ii) on individuals whose primary profession involves voluntarily being the subject of public media attention (“Celebrities”). Customer will not use this functionality for any surveillance–based purpose or on individuals who are not Celebrities.
- AutoML Tables. Customer can export a frozen model graph and related features via the formats supported by AutoML Tables. No license to retrain or reverse engineer such model graph is granted or implied to Customer.
- AutoML Video Edge. Customer can download a frozen model graph and TFlite model and any related Customer-provided video labels via the formats supported by AutoML Video. No license to retrain or reverse engineer such model graph or the TFLite model is granted or implied to Customer.
- AutoML Vision Edge. Customer can download a frozen model graph and any related Customer provided image labels via the formats supported by AutoML Vision. No license to retrain or reverse engineer such model graph is granted or implied to Customer.
- Talent Solution. Customer will not (either directly or intentionally via third parties) use the Service to create, train, or improve (directly or indirectly) a similar or competing product or service without Google's prior written permission. Customer agrees to adhere to the service limits (e.g., "queries-per-second") as defined within the Documentation.
- Data Location. Customer may configure AI Platform, AutoML Natural Language, AutoML Tables, Cloud Natural Language API, Cloud Vision (OCR functionality API end point only), Speech-to-Text, and Document AI to store and perform machine learning processing of Customer Data by the Service in the United States, European Union, or APAC (as applicable), and Google will store the Customer Data at rest and perform machine learning processing of it by the Service only in that location. For clarity, Customer Data does not include resource identifiers, attributes, or other data labels. These Services do not limit the locations from which Customer, Customer End Users, or Customer-selected or Google managed labeling resources may access Customer Data, or to which they may move Customer Data.
Cloud Translation (v1, v2, or later) and Media Translation API.
- HTML Markup and Attribution Requirements. Customer will comply with the HTML Markup Requirements found at https://cloud.google.com/translate/markup and the attribution requirements found at https://cloud.google.com/translate/attribution.
- Limitation. Customer will not (either directly or intentionally via third parties) (i) use this Service to create, train, or improve (directly or indirectly) a similar product or service, including any other machine translation engine, or (ii) use or retain translated text or any other data from this Service for the purpose of creating, training, or improving (directly or indirectly) a translation system, product, or service.
Security and Identity
Assured Workloads for Government. Assured Workloads for Government can
be used to support Customer's compliance with FedRAMP Moderate requirements for
Projects. When using Assured Workloads for Government, it is Customer's
- determine whether Google's FedRAMP Moderate authorization is adequate for Customer's purposes;
- review the Assured Workloads Documentation, use only the Services within the scope of Google's FedRAMP authorization (currently listed at https://cloud.google.com/security/compliance/fedramp), and implement such policies and practices that are necessary to comply with FedRAMP Moderate or other legal or regulatory requirements applicable to Customer; and
- identify Projects that require FedRAMP Moderate support and use Assured Workloads to apply relevant controls to those Projects.
- Access Approval. Use of Access Approval may increase support response times, and Customer will be responsible for any disruption or loss as a result of Customer denying or delaying approval via Access Approval. The SLAs do not apply to any Service disruption impacted by Customer’s use of Access Approval.
Cloud Identity Services. The following terms apply only to the Cloud
Identity Services provided under this Agreement:
- Customer Domain Name. Customer is responsible for obtaining and maintaining any rights necessary for use of the Customer Domain Names in connection with the Services.
- Administration of the Services. Customer may specify through the Services one or more Administrators who will have the rights to access Admin Account(s) and to administer the Services. Customer is responsible for all activities of the Administrators and in connection with the Admin Account(s).
- Additional Products. Google makes optional Additional Products available to Customer and Customer End Users through the Services. Customer’s use of Additional Products is subject to the Additional Product Terms.
- Subsequent Agreement. If Customer subsequently enters into a separate agreement under which Google or a Google Affiliate agrees to provide Cloud Identity Services, then that subsequent agreement will supersede the Agreement with respect to Cloud Identity Services.
- “Additional Products” means products, services and applications that are not part of the Services but that may be accessible for use in conjunction with the Services.
- “Additional Product Terms” means the then-current terms at https://gsuite.google.com/intl/en/terms/additional_services.html.
- “Admin Account(s)” means the administrative account(s) provided to Customer by Google for the purpose of administering the Services. The use of the Admin Account(s) requires a password, which Google will provide to Customer.
- “Administrators” mean the Customer-designated technical personnel who administer the Services on Customer’s behalf.
- “Customer Domain Names” mean the domain names owned or controlled by Customer, which will be used in connection with the Services and specified in the Order Form or Ordering Document (as applicable).
- Security Command Center. To provide the Service to Customer, Google will delete Customer Data processed by the Service on the earlier of (a) Customer’s deletion of its Google Cloud Platform Account, (b) expiration of the Term, or (c) 13 months after the date such Customer Data is initially processed by the Service.
Firebase Authentication and Identity Platform.
- Phone Authentication. Google temporarily stores phone numbers provided for authentication to improve spam and abuse prevention across Google services. Phone numbers are not logically isolated for a given customer's end users. Customer should obtain appropriate end-user consent before using the Firebase Authentication or Identity Platform phone number sign-in service.
- Other Authentication Services. Use of Google Sign-In for authentication is subject to Google’s API Services: User Data Policy. Google is not responsible for any third-party sign-in service used with Firebase Authentication or Identity Platform.
- Web Security Scanner. Customer acknowledges that Web Security Scanner may adversely affect the reliability of a Customer Application and may not be suitable for use in a production environment. Web Security Scanner will not detect all vulnerabilities in a Customer Application.
- Information. reCAPTCHA Enterprise works by collecting hardware and software information, such as device and application data, and sending this data to Google for analysis. The information collected in connection with Customer's use of the reCAPTCHA Enterprise Service will be used for providing, maintaining, and improving reCAPTCHA Enterprise and for general security purposes. It will not be used for personalized advertising by Google.
- Attribution. Customer may display a warning about unsafe web resources for a particular site based on verification against Google’s list of unsafe sites, if Customer provides attribution and conspicuous notice that the reliability and accuracy of the protection cannot be guaranteed using language similar to the “Advisory Notice” subsection below.
- Data Refresh. Customer will not treat a URL from Google’s list as an unsafe web resource, such as by showing users a warning about the site or blocking access to it, unless the applicable Customer Application has received from Google updated information (via the applicable API method) before the expiration time provided by the applicable API response or within 30 minutes if no expiration time is specified.
- Advisory Notice. Google works to provide the most accurate and up-to-date information about unsafe web resources, but cannot guarantee that its information is comprehensive and error-free: some risky sites may not be identified, and some safe sites may be identified in error.
- Submissions API. The Web Risk Submissions API provides Customer with the ability to voluntarily submit to Google URLs Customer suspects are unsafe (“Submitted URLs”). Google may use Submitted URLs to provide, maintain, protect and improve Google's products and services, including Google's list of unsafe web resources. Google may also share Submitted URLs with third parties, including other Google customers and users. Submitted URLs are not Customer Confidential Information or Customer Data.
- Chrome Browser Cloud Management. In order to use BeyondCorp Enterprise
Threat and Data Protection Services:
- Customer agrees to the online Chrome Browser Cloud Management License Agreement (available at https://cloud.google.com/terms/chrome-enterprise/chrome-browser-cloud-management or a successor URL) (the “CBCM Agreement”); and
- Customer acknowledges and agrees that Customer must enable "Chrome Enterprise Connectors" in the Chrome Browser Cloud Management section of the Admin Console.
- Advisory Notice. Google works to provide the most accurate and up-to-date information about unsafe web pages and malware, but cannot guarantee that its information is comprehensive and error-free. Some potentially risky sites and files may not be identified, and some safe sites and files may be identified in error.
- Threats. BeyondCorp Enterprise’s Threat and Data Protection Services (as described in the Services Summary) work by aggregating threat intelligence. BeyondCorp Enterprise analyzes (i) URLs visited by Customer’s End Users on supported browsers and proxies, to identify unsafe web pages and (ii) content of files uploaded and downloaded by Customer’s End Users to and from supported browsers and proxies, to identify malware (such unsafe web pages or malware, “Threats”). When BeyondCorp Enterprise checks for Threats, the URL or a file hash and the result of the analysis are temporarily stored in a Google global cache for performance-related purposes. Customer acknowledges and agrees that Customer URLs and file hashes that BeyondCorp Enterprise identifies as Threats are not Customer Confidential Information or Customer Data and Google may use such URLs and file hashes to provide, maintain, protect and improve Google's products and services, including Google's lists of Threats.
- Chrome Browser Cloud Management. In order to use BeyondCorp Enterprise Threat and Data Protection Services:
Transfer Appliance Service. In performing the Transfer Appliance
Service, Google will attempt to provide Customer with the requested Transfer Appliance
model, subject to availability. Google will provide technical support for the Transfer
Appliance Service only as described in the Documentation. Google may use Subprocessors
(as defined in the Data Processing and Security Terms) in providing the Transfer
Appliance Service. The Transfer Appliance Materials are at all times owned by Google,
with no transfer of title to Customer.
In case of cross-border shipments of Transfer Appliance Materials, Customer may be responsible for export clearance, Google may designate a carrier to act as Customer's agent with the relevant customs and tax authorities to import or export the Transfer Appliance Materials, and Customer will cooperate with Google and its carrier, including providing export classification information and acting as the importer or exporter of record.
While Transfer Appliance Materials are in its control, Customer is responsible for any loss or damage and will use appropriate security measures to protect them. Customer will not permit any Transfer Appliance Materials to leave the U.S. state or non-U.S. country to which they were shipped (except as directed in writing by Google or its Subprocessors).
As part of the Transfer Appliance Service, Google may temporarily move the applicable Customer Data to a staging bucket within a Google-owned project accessible to Customer and shortly after delete such Customer Data from the Transfer Appliance Materials. Completion of Customer's decompression and decryption of such Customer Data (or failure to do so within a reasonable number of days specified by Google) will constitute an instruction to Google to delete the applicable Customer Data from the staging bucket. Customer is solely responsible, under its own Project, for any virtual machine instance and destination buckets in which Customer desires to decompress and decrypt the applicable Customer Data.
Proper functioning of the Transfer Appliance Service is highly dependent on Customer's computing environment. Customer's sole remedy in connection with any unsuccessful attempt to complete the Transfer Appliance Service is for Google to use reasonable efforts to re-perform the Transfer Appliance Service.
“Transfer Appliance Materials” means the materials provided by Google or its Subprocessors in connection with the Transfer Appliance Service, including hardware and software.
Bare Metal Solution
- Admin Console. The Admin Console will not be available to Customer for management, monitoring, or administration of Bare Metal Solution.
Data Processing and Security Terms. Bare Metal Solution provides
non-virtualized access to underlying infrastructure resources and, by design, has
characteristics different from the other Services offered under the Agreement.
- Amendments. The Data Processing and Security Terms are amended solely
with respect to Bare Metal Solution as stated in this subsection b.
- Google's Third Party Auditor. The definition of "Google's Third Party Auditor" is amended as follows: "Google's Third Party Auditor means a qualified and independent third party auditor appointed by Google or a Bare Metal Solution Subprocessor, whose then-current identity Google will disclose to Customer upon request."
- Audited Services. Bare Metal Solution is not an Audited Service. With respect to Bare Metal Solution, Google or its Subprocessor will: (1) obtain (x) ISO 27001 certification and PCI DSS Attestation of Compliance (the "Compliance Certifications"); and (y) a SOC 1 Report and SOC 2 Report (the "SOC Reports") and update such Compliance Certifications and SOC Reports at least once every 12 months, and (2) provide the Compliance Certifications and SOC Reports to Customer in accordance with Section 7.5.3 (Additional Business Terms for Reviews and Audits) of the Data Processing and Security Terms. Google may add standards at any time. Google may replace a Compliance Certification or SOC Report with an equivalent or enhanced alternative.
- Subprocessors. Customer specifically authorizes Google to engage the entities listed at the Bare Metal Solution Subprocessors Page as of the Services Start Date ("Bare Metal Solution Subprocessors") as Subprocessors for Bare Metal Solution. Information about the Bare Metal Solution Subprocessors, including their functions and locations, is available at the Bare Metal Solution Subprocessors Page (as may be updated by Google from time to time in accordance with the Data Processing and Security Terms).
- Inapplicable Terms. The following terms in the Data Processing and
Security Terms (or similar successor terms) are excluded with respect to Bare
- From Section 7.1.1 (Google's Security Measures): the phrase "encrypt personal data";
- The subsections from Appendix 2 Section 1(a), titled "Server Operating Systems" and "Business Continuity";
- The subsections from Appendix 2 Section 1(b), titled "External Attack Surface," "Intrusion Detection," and "Encryption Technologies"; and
- From Appendix 2 Section 3(a): the sentences "Google stores data in a multi-tenant environment on Google-owned servers. Subject to any Customer instructions to the contrary (for example, in the form of a data location selection), Google replicates Customer Data between multiple geographically dispersed data centers."; or, if the Agreement authorizes the resale or supply of Google Cloud Platform under a Google Cloud partner or reseller program, the sentences "Google stores data in a multi-tenant environment on Google-owned servers. Subject to any Partner instructions to the contrary (for example, in the form of a data location selection), Google replicates Partner Data between multiple geographically dispersed data centers."
- Other Amendments. Other than this Section b, no terms in the Agreement that expressly amend, modify, or supplement the Data Processing and Security Terms (as then-currently available at https://cloud.google.com/terms/data-processing-terms or, for partners, at https://cloud.google.com/terms/data-processing-terms/partner) will apply to Bare Metal Solution.
- Customer Obligations. Without limiting Google's express obligations related to Bare Metal Solution, Customer will take reasonable steps to protect and maintain the security of Customer Data and any other content stored on or processed through Bare Metal Solution.
- Amendments. The Data Processing and Security Terms are amended solely with respect to Bare Metal Solution as stated in this subsection b.
- Representation and Warranty. Customer represents and warrants that it has all licenses, rights, consents, and permissions that are required for Customer's and any End User's use of any Operating Systems, software, applications, and any other content that Customer or any End User uploads to or uses in connection with Bare Metal Solution.
- Limitation of Liability. Notwithstanding anything to the contrary in the Agreement (except subject to any unlimited liabilities expressly stated in the Agreement), to the maximum extent permitted by law, each party’s total aggregate Liability for damages arising out of or relating to Bare Metal Solution is limited to the greater of (a) the Fees Customer paid for Bare Metal Solution during the 12 month period before the event giving rise to liability and (b) $25,000.
- Disclaimer. Notwithstanding anything to the contrary in the Agreement (including the Data Processing and Security Terms), Google and its subcontractors are not responsible for any of the following in relation to Bare Metal Solution: (i) non-physical security, such as access controls, encryption, firewalls, antivirus protection, threat detection, and security scanning; (ii) logging and monitoring; (iii) non-hardware maintenance or support; (iv) data backup, including any redundancy or high-availability configuration; or (v) business continuity and disaster recovery policies or procedures. Customer is solely responsible for securing (other than physical security of Bare Metal Solution servers), logging and monitoring, maintaining and supporting, and backing up any Operating Systems, Customer Data, software, and applications Customer uses with, uploads to, or hosts on Bare Metal Solution.
- Survival. The following subsections of these Bare Metal Solution Service Specific Terms will survive expiration or termination of the Agreement: d (Limitation of Liability); e (Disclaimer); f (Survival); and i (Definitions).
- Ordering. Except for Bare Metal POCs (as defined below), Customer must order Bare Metal Solution via an order form mutually executed by Customer and Google.
Bare Metal Solution Proof of Concepts. The following additional terms apply to
Bare Metal Solution proof of concepts and trials ("Bare Metal Solution POCs"):
- Bare Metal Solution POCs are deemed "Pre-GA Offerings" and are subject to the Pre-GA Offerings Terms in the General Services Terms of these Service Specific Terms.
- Customer may not use Bare Metal Solution POCs in connection with any production workloads.
- “Bare Metal Solution Subprocessors Page” means the URL located at: https://cloud.google.com/bare-metal/subprocessors.
- “Operating Systems” means any operating systems that: (i) Customer uploads to, hosts on, or uses in connection with Bare Metal Solution; or (ii) Customer instructs Google to pre-load onto Bare Metal Solution servers.
- “Services Start Date” means the start date stated in the Order Form, or if no date is specified, the date Google first makes Bare Metal Solution available to Customer.
- “Documentation” means the then-current Google documentation made available by Google to its customers for use with the Services at https://cloud.google.com/docs/.
- Disclaimer. Google’s suppliers will have no liability arising out of or relating to the Agreement.
- Red Hat Enterprise Linux. Customer’s use of the Red Hat Enterprise Linux product, provided by Google in conjunction with Compute Engine, is subject to the terms and conditions stated at http://www.redhat.com/licenses/cloud_cssa/ .
- Microsoft Products. Customer’s use of the Microsoft products, which may include associated media, printed materials, and “online” or electronic documentation (individually and collectively, “Microsoft Products”), provided by Google in conjunction with Compute Engine is subject to the terms and conditions stated at https://cloud.google.com/terms/service-terms/microsoft .
- NVIDIA Drivers. Customer’s use of NVIDIA software components provided by Google in conjunction with the Services is subject to the terms and conditions stated at https://cloud.google.com/terms/service-terms/nvidia . In addition, the following NVIDIA software components may be used solely with the Services for compute and offline graphics purposes: GRID, Tesla Driver, Cuda Toolkit, cuDNN, TensorRT, NVENC, NVCUVID, NVML, and nvidia-aml.
Pricing and Billing Terms
1. Committed Units.
- Selection and Commitment. Customer may have an option to request Committed Units via the Services (for example, in the Admin Console or through a Google API) or in an Order Form. If Google accepts the request, then notwithstanding the payment terms in the Agreement, Customer will pay the Fees for those Committed Units during the Committed Unit Term selected by Customer, whether or not they are used, as stated at the Fees URL for the applicable SKU.
- Renewal. Unless otherwise stated in the Admin Console or other documentation, at the end of each Committed Unit Term, the Committed Unit selection will automatically renew for the same Committed Unit Term at the same quantity throughout the Term until Customer selects in the Admin Console to stop renewing or either party notifies the other party in writing to cancel the renewal.
- Cancellation and Expiration. Committed Unit purchases may not be cancelled or refunded after they are placed, but if Google serves notice to non-renew the Agreement, terminates the Agreement (other than for Customer's material breach), or discontinues providing the Services applicable to the Committed Units, Google will refund Customer any unused prepaid Fees following the expiration or termination of the Agreement, or discontinuance of the relevant Services, as applicable. Any use of the Services after cancellation or expiration of the Committed Units will be billed at standard Fee rates.
- No Resell or Transfer. Unless Google agrees otherwise, Customer may not resell or transfer Committed Units.
2. Subscription Offerings.
- Subscription SKUs. Certain SKUs may be offered on a subscription basis (each, a “Subscription Offering”). Each Subscription Offering may be a single Service or Software item, or a package of two or more Services or Software items. The details of each Subscription Offering (“Subscription Details”) will be stated (i) at the Fees URL or elsewhere in the Services, the Admin Console, or Documentation, or (ii) in an Order Form or other written agreement between Google and Customer. The Subscription Details will include the duration of the subscription (“Subscription Term”), the amount of permitted usage of the applicable Subscription Offering during the Subscription Term (e.g., usage per month) (“Subscription Usage”), minimum Subscription Usage (if applicable), and the applicable pricing. If the Subscription Offering is a package of two or more Services or Software items, the Subscription Details may also list the different components packaged into the Subscription Offering. Customer may request to purchase a Subscription Offering via the Services (for example, in the Admin Console or through a Google API) or in an Order Form or other written agreement between Google and Customer, as applicable. If Google accepts Customer's request to purchase a Subscription Offering, then notwithstanding the invoicing and payment terms in the Agreement, Google will invoice or charge Customer for the Subscription Offering, and Customer will pay Google, during the Subscription Term (including during any renewal Subscription Term) as specified in the Subscription Details. Further, unless otherwise specified in the applicable Subscription Details, Google reserves the right to issue additional invoices or charges to Customer in arrears if Customer's usage of a Subscription Offering exceeds the Subscription Usage, with the pricing listed at the Fees URL applying to that excess usage, unless otherwise agreed by the parties.
- Renewal. Unless (i) otherwise specified in the Subscription Details, or (ii) either party provides the other party with notice of non-renewal at least 30 days before the end of the then-current Subscription Term, at the end of each Subscription Term, Customer's access to the Subscription Offering will automatically renew, with the renewal Subscription Term duration and Subscription Usage as described in the Subscription Details.
- Cancellation. Unless otherwise specified in the Subscription Details, Customer may not terminate a Subscription Offering before the end of the Subscription Term. If a particular Subscription Offering is indicated as terminable in the Subscription Details, then Customer may terminate the Subscription Offering before the expiration of the Subscription Term, and Google may charge a termination fee (“Termination Fee”), as specified in the Subscription Details. Further, Customer may be required to give extended notice before termination of any Subscription Offering, as specified in the Subscription Details. Notwithstanding any term to the contrary in the Agreement, (i) if Customer has entered into a Google Cloud Platform Order Form under the Agreement for the purchase of Services on an on-demand basis, then the Subscription Term will also terminate immediately upon termination of such Google Cloud Platform Order Form (and Customer will be charged the Termination Fee, if applicable), and (ii) upon termination of the Subscription Term, Customer may continue to use Google Cloud Platform, and pricing for the Service(s) or Software that are part of the Subscription Offering will be as stated at the Fees URL or as otherwise agreed by the parties (if available on a non-subscription basis).
3. Additional Definitions.
- “Committed Units” means (i) a specified quantity of the Services (e.g., App Engine virtual machine instance hours, Compute Engine virtual machine instances or cores, BigQuery slots, etc.) designated by Customer, which may include a specified machine type, region, zone, query capacity, and period of time to use; or (ii) a specified amount of credits to be purchased for expenditure on one or more specified Services during a specified time period.
- “Committed Unit Term” means the period of time within the Term during which Customer is obligated to pay for the Committed Units.
- “Documentation” means the then-current Google documentation made available by Google to its customers for use with the Services at https://cloud.google.com/docs.
- “Fees URL” means https://cloud.google.com/skus or a successor URL.