Other Covered Entities

See Purposes of Data Collection section for details on scope of cert

Industries

  • Information and Communications Technology
  • Information Technology Services

Participation

UK Extension to the EU-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 9/14/2023
Next Certification Due Date: 9/13/2024
Data Collected: HR, NON-HR

Swiss-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 4/18/2017
Next Certification Due Date: 9/13/2024
Data Collected: HR, NON-HR

EU-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 9/22/2016
Next Certification Due Date: 9/13/2024
Data Collected: HR, NON-HR

Purpose of Data Collection

This certification applies to Google LLC and its wholly-owned U.S. subsidiaries, including X (a division of Google LLC) and Chronicle LLC, and any other wholly-owned U.S. subsidiary of Google LLC to the extent of any current separate self-certification by such entity. With respect to personal data other than human resources data: Data is processed for various purposes depending on the particular product or service being provided, including: sales and marketing to consumers and businesses; supplying services and products to consumers and businesses; operating, developing and improving services and products of Google and/or any of its wholly-owned U.S. subsidiaries identified below; personalizing services and products; financial processing and management; supplier, vendor and partner relationship management; fraud prevention, security, and protection of Google, its wholly-owned U.S. subsidiaries, and our users; compliance with applicable law and governmental, legislative and regulatory bodies; and customer support and relationship management. Data is disclosed to third parties as detailed in our relevant Privacy Policies, listed below, including: in situations in which we have consent, for external processing, with domain administrators, and for legal reasons. With respect to human resources data: Data is processed for various employment and legal purposes, including: recruitment and staffing; compensation, benefit programs and payroll; performance management and training; compliance and risk management; workplace management; protection against injury, theft, legal liability, fraud and abuse; and other business purposes. Data is disclosed to third parties as detailed in our relevant Privacy Policies, listed below, including for business-related and legal purposes. We currently do not rely on the Swiss-U.S. Data Privacy Frameworks and the UK Extension to transfer Swiss and UK personal information to the U.S..

Privacy Policy

HR Data

Google Employee Privacy Policy
Description:

Describes how Google collects and uses employee data. Available to employees on Google internal sites and services. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for Google Employee Privacy Policy.

Effective Date: 9/1/2023

HR and Non-HR Data

Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) will serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/1/2023
Document: BreezoMeter
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) will serve as the dispute resolution provider for this Privacy Policy.

Effective Date: 10/1/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) will serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/11/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/1/2023
Description:

The Extended Workforce Privacy Policy explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/1/2023
Description:

The Fitbit Privacy Policy describes the privacy practices for our devices, applications, software, websites, APIs, products, and services. The Privacy Policy covers the data we collect, how we use it, the controls we offer, and security measures we take.

Effective Date: 6/6/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this Privacy Policy.

Effective Date: 8/31/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy notice.

Effective Date: 8/21/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this Privacy Policy.

Effective Date: 7/1/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this Privacy Policy.

Effective Date: 9/1/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/15/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/20/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/1/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy statement.

Effective Date: 9/1/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/14/2023
Description:

Explains the data that we collect and why we collect it, how we use that data, and the choices we offer to control that data. The EU Data Protection Authorities (DPAs) serve as the dispute resolution provider for this privacy policy.

Effective Date: 9/7/2023

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact Google LLC at:

Keith Enright
Chief Privacy Officer
Google LLC
Google Data Protection Office
1600 Amphitheatre Pkwy
Mountain View, California 94043-1351
Fax: 650.618.1806

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from Google LLC to your question or complaint, please contact the independent recourse mechanism listed below




Appropriate statutory body with jurisdiction to investigate any claims against Google LLC regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission