← All providers

Google Cloud Platform

Cloud IaaSMedium RiskVerified 2026-03-05
Visit website
Overview
HeadquartersπŸ‡ΊπŸ‡Έ USMountain View
Parent CompanyGoogle/Alphabet(πŸ‡ΊπŸ‡Έ US)
US IncorporatedYes
CLOUD Act ExposureYes
NotesGCP is operated by Google LLC, a subsidiary of Alphabet Inc. Comprehensive compliance portfolio including FedRAMP High authorization.
Regions (7 in 7 countries)
πŸ‡ΊπŸ‡Έ US
US Iowa Β· Council Bluffs
πŸ‡§πŸ‡ͺ BE
EU Belgium Β· Brussels
πŸ‡©πŸ‡ͺ DE
EU Frankfurt Β· Frankfurt
πŸ‡¬πŸ‡§ GB
EU London Β· London
πŸ‡―πŸ‡΅ JP
AP Tokyo Β· Tokyo
πŸ‡ΈπŸ‡¬ SG
AP Singapore Β· Singapore
πŸ‡¦πŸ‡Ί AU
AP Sydney Β· Sydney
Compliance & Data

Certifications

βœ“ SOC 2βœ“ ISO 27001βœ“ GDPRβœ“ HIPAAβœ“ PCI DSS

Data Types Handled

Application DataLogsPII
Applicable Laws (8)

Applies to businesses meeting revenue or data volume thresholds that handle California residents' data.

Max fine: USD 7,500 per intentional violationvia πŸ‡ΊπŸ‡Έ US
UK GDPRUnited Kingdom

UK has its own adequacy decisions separate from the EU. Transfers from the UK follow UK-specific rules.

Max fine: 4% of global annual turnover or GBP 17.5Mvia πŸ‡¬πŸ‡§ GB
CLOUD ActUnited States

Any US-incorporated provider or subsidiary may be compelled to disclose data regardless of where it is stored.

Max fine: Contempt of court penaltiesvia πŸ‡ΊπŸ‡Έ US

Cross-border transfers require consent or equivalent protection standards recognized by Japan's PPC.

Max fine: JPY 100M for corporate violationsvia πŸ‡―πŸ‡΅ JP

Cross-border transfers require comparable protection standards in the receiving country.

Max fine: SGD 1M or 10% of annual turnovervia πŸ‡ΈπŸ‡¬ SG

Cross-border transfers to non-adequate countries require SCCs, BCRs, or other safeguards.

Max fine: 4% of global annual turnover or EUR 20Mvia πŸ‡§πŸ‡ͺ BE, πŸ‡©πŸ‡ͺ DE
FISA Section 702United States

US providers may be subject to surveillance orders targeting non-US persons, creating risk for EU data subjects.

Max fine: Contempt of court penaltiesvia πŸ‡ΊπŸ‡Έ US

Organizations must take reasonable steps to ensure overseas recipients handle personal information in accordance with the APPs.

Max fine: AUD 50M or 30% of adjusted turnover (whichever is greater)via πŸ‡¦πŸ‡Ί AU