Google says it is preparing for Europe’s new General Data Protection Regulation (GDPR) scheduled to take effect in May 2018 by launching a new website for customers and partners, which replaces the 1995 EU Data Protection Directive.
From search and Gmail to AdWords, AdSense, DoubleClick and Analytics, Google says it will comply with the GDPR across all services provided in Europe.
For businesses, the website will detail information about the control businesses have over the data they share with Google, the security of Google's infrastructure and its commitment to complying with data protection laws, and the free available resources and training Google provides to help businesses get the most from their data.
For instance, commercially sensitive data that a business shares to optimize its marketing campaigns such as cookie lists and conversion data is handled within strict usage guidelines, per Google. And when Google publishes benchmarks, cohort reports or product statistics, the numbers are based on publicly available or aggregated data. This means the company from which the data originated is not identified unless the business gives Google permission to do so.
Europe's new rules are intended to strengthen the rights of EU citizens and place the ownership on companies, such as Google, that offer goods and services online to protect the data.
Google says it conducts regular audits, maintains certifications, provides industry-standard contractual protections and shares tools and information to help partners comply -- but it also plans to make available in the coming months updated contractual commitments that meet GDPR requirements for customers and partners.
Google insists it does not sell personal information. There are pages on its website detailing why Google collects data, what data it collects, and how to keep personal data private.