Google Privacy Policy

This document is Google's Privacy Policy governing the collection, use, and sharing of personal data across Google's full suite of services (Search, YouTube, Maps, Gmail, advertising platforms, and others), with legal bases including consent, legitimate interests, and contractual necessity under applicable frameworks including GDPR and CCPA. The policy creates obligations on Google to provide data access, correction, deletion, and portability rights, while obligating users to accept broad data collection practices as a condition of service use. Notably, Google's policy permits cross-service data combination — linking activity across Search, YouTube, Maps, and third-party sites using Google's advertising infrastructure — creating a surveillance profile scope that significantly exceeds what most users expect and departs from data minimization principles. The policy engages GDPR (Arts. 6, 9, 17, 20), CCPA/CPRA (Cal. Civ. Code §1798.100 et seq.), COPPA (16 CFR Part 312), and the UK GDPR, with Google acting as both a data controller and processor depending on context. Material compliance considerations include the adequacy of consent mechanisms for cross-context behavioral advertising, the lawfulness of combining sensitive inferences from health, location, and communications data, and the sufficiency of disclosures to satisfy GDPR transparency obligations under Art. 13/14.

REGULATORY EXPOSURE: This policy engages GDPR Arts. 5 (data minimization), 6 (lawful basis — legitimate interests and consent), 9 (special category data), 13/14 (transparency), 17 (erasure), 20 (portability), and 22 (automated decision-making), enforced by EU Data Protection Authorities including I…