ISO logo

Global | ALL INDUSTRIES

ISO/IEC 27701

ISO/IEC 27701 is a global privacy standard that focuses on the collection and processing of personally identifiable information (PII). This standard was developed to help organizations comply with international privacy frameworks and laws, and focuses on three main factors :

  • Extends the requirements of ISO/IEC 27001 and ISO/IEC 27002 to include data privacy;
  • Provides a framework for implementing, maintaining, and continuously improving a Privacy Information Management System (PIMS);
  • Includes requirements and guidance for organizations acting as PII controllers and PII processors.

Google Cloud and Google Workspace have received an accredited ISO/IEC 27701 certification as a PII processor after undergoing an audit by an independent third party.

Google Cloud and Google Workspace ISO 27701 certificates may be requested via the Compliance Reports Manager. Potential customers can reach out to sales for more information.


Google Cloud services that are in scope for ISO/IEC 27701 certification

* Indicates that the scope of this certification applies to this offering where Google acts as a processor of Service Data (in addition to Google acting as a processor of Customer Data). Google’s processing of Service Data as a processor is subject to agreement with relevant enterprise customers of this offering.

FAQs

We have obtained an accredited ISO/IEC 27701 certificate for Google Cloud. In order to get a copy of the certificate, visit the Related Documentation section of this page.

We have obtained an accredited ISO/IEC 27701 certificate for Google Workspace. In order to get a copy of the certificate, visit the Related Documentation section of this page.

Our accredited certification demonstrates Google Cloud’s long-standing commitment to privacy and providing the most trusted experience for our customers. By meeting the rigorous standards outlined by ISO/IEC 27701, Google Cloud customers can leverage the many benefits our certification, including:

A universal set of privacy controls, verified by a trusted third party in accordance with the requirements of their accreditation body, that can serve as a solid foundation for the implementation of a privacy program

The ability to rely on Google Cloud's accredited ISO/IEC 27701 certification in your own compliance efforts

Reduced time and expense for both internal and third-party auditors, who can now demonstrate compliance with several privacy objectives within a single audit cycle

Greater clarity on privacy-related roles and responsibilities, which can facilitate efforts to comply with privacy regulations such as GDPR

ISO/IEC 27001

Learn more

ISO/IEC 27018

Learn more