Expand all
Under applicable law, you may be entitled to request that we provide you with access to certain data that we process relating to you. For more information, please refer to our Privacy Help Center, section “Your account controls”. To protect the privacy and security of our users and services, there are some circumstances under which we do not include certain data in our responses to access requests:
You may be entitled to request that we provide you with access to certain data relating to you - this does not extend to information relating to someone else, or information which is not data relating to you.
For example, we will not be able to provide you with access to data we may process relating to your friend, relative or work colleague. Additionally if data has been anonymised we will not be able to associate it with you so it would not be provided in response to a request for information relating to you.
Data is not included to the extent we are unable to verify that the person making the request is the person to whom it relates. Disclosing data to a person making a request without being able to adequately verify that person’s entitlement to the data could undermine the confidentiality and security of users’ data, and may adversely affect other individuals to whom the data relates. For more information see the identity verification section of this Help Centre.
Providing a copy of data that we process for purposes of defending our systems to protect you, our users, the public, and Google could undermine the security of our systems. This means, for example: to detect threats to the security of our systems; privacy, anti-abuse and anti-fraud protection; to support traffic management (e.g., defending against DDoS); and to defend against other abusive and system-damaging activities.
We do not disclose data where such a disclosure may impact the ability of you and other users to safely use the services. Cyberattackers and other potential adversaries can exploit details about data to infer exactly how we defend our systems, leaving those systems - and our users - more vulnerable to sophisticated attack. For example, knowledge of how many copies of account sign-in logs and related activity metrics are held, and in what formats, implicitly indicates security sensitive configuration details, commercially sensitive indications of our approach to backup and archiving, and, most importantly, embodies architectural information about our approach to defense-in-depth.
If certain detailed information, about our system defenses, and the data we process through them, such as how low-level data structures are laid out in memory, were to become known, it could give potential bad actors valuable signals that could be used to exploit our systems. It’s for that reason - to protect our users and their data - that we hold some of these details in confidence and do not release them. As these technologies evolve and specific details become less critical to our systems’ security, we reappraise what we are able to safely provide.
Additionally, while data that is used for security purposes may not be provided in response to an access request for that security related data, other copies of it may still be returned where it is used for other purposes. For example, if a data point associated with an individual is processed in the context of securing Google systems, information in those security logs may not be provided to ensure our systems remain safe. However, it may still be available through Google Takeout in the context of other services. Similarly, device identifiers processed in the context of our security systems may not be produced in the context of those security systems but are still disclosed in Google’s Takeout tool.
To illustrate this we provide an example of information associated with a user’s use of our services that could appear in a log entry below. Like most websites, our servers automatically record the page requests made when you visit our sites. These “server logs” typically include your web request, IP address, browser type, browser language, and the date and time of your request. For example:
123.45.67.89 - 25/Mar/2023 10:15:32 -
http://google.com/search?q=cars -
Chrome 112; OS X 10.15.7 -
- 123.45.67.89 is the IP address assigned to the user by the user’s ISP. Depending on the user’s service, a different address may be assigned to the user by their service provider each time they connect to the Internet.
- 25/Mar/2023 10:15:32 is the date and time of the query.
- http://google.com/search?q=cars is the requested URL, including the search query.
- Chrome 112; OS X 10.15.7 is the browser and operating system being used.
If this information was processed in the context of our internal security systems, records of that security processing may not be provided in response to an access request. However, this information could still be provided in Takeout where it is logged in other services. For example, downloading the data available in the:
- “Google Account” service that is included in Takeout will include information such as time of activity, IP address associated with the activity, and browser details when an activity was performed.
- “MyActivity” service that is included in Takeout will include information such as details of your activity by reference to the selected product and time of activity.
Disclosure of data could also impact other people and organizations’ rights and freedoms beyond undermining the security of our systems and processes. For example:
- Where the provision of data in response to an access request includes the data of others, and providing it impacts the rights of those other individuals, such data may not be provided depending on the circumstances.
- Where disclosing the data could also reveal a trade secret, or create a risk to the protection of intellectual property (such as copyright protection of software). For example, providing data could sometimes reveal information about the structure of internal databases that are protected under intellectual property law. In many cases, much of the same data (e.g. your IP address and account identifier) may still be available to you in our response, but in a different context that does not reveal a trade secret or adversely affect intellectual property rights.
Depending on where you are based, there may be further circumstances under which we do not include certain data in our responses to access requests, according to local law. For example, many local laws provide that data which is the subject of legal privilege may be withheld. Where additional statutory exemptions are applied to a request for data, we will provide you with an outline of such exemptions with our response, consistent with local law.