Service Specific Terms
Last modified: February 29, 2024
These Service Specific Terms are incorporated into the agreement under which Google has agreed to provide Google Cloud Platform (as described at https://cloud.google.com/terms/services) to Customer (the “Agreement”). If the Agreement authorizes the resale or supply of Google Cloud Platform under a Google Cloud partner or reseller program, then all references to Customer in the Service Specific Terms mean Partner or Reseller (as applicable), and all references to Customer Data in the Service Specific Terms mean Partner Data. Capitalized terms used but not defined in the Service Specific Terms have the meaning given to them in the Agreement.
1. Data Location. Customer may configure the Services listed at https://cloud.google.com/terms/data-residency to store Customer Data in a specific Region or Multi-Region as detailed in the Cloud Locations Page, and Google will store that Customer Data at rest only within the selected Region or Multi-Region. The Services do not limit the locations from which Customer or Customer End Users may access Customer Data or to which they may move Customer Data. For clarity, Customer Data does not include resource identifiers, attributes, or other data labels.
2. Operations of Communications Services. Notwithstanding any telecommunications restrictions in the Agreement, Customer may use the Services for hosting capacity in connection with Customer’s provision of telecommunications services if (a) Customer obtains, maintains, and complies with all necessary regulatory licenses, registrations or other applicable requirements relating to such telecommunications services, and (b) Customer does not use or resell the Services to provide telecommunications connectivity, including for virtual private network services, network transport, or voice or data transmission.
3. General Software Terms. The following terms apply to all Software:
a. License. Google grants Customer a royalty-free (unless otherwise stated by Google), non-exclusive, non-sublicensable, non-transferable license during the Term to reproduce and use the Software ordered by Customer on systems owned, operated, or managed by or on behalf of Customer in accordance with (i) the Agreement, and (ii) if applicable, the Scope of Use. Customer may authorize its and its Affiliates' employees, agents, and subcontractors (collectively, “Software Users”) to use the Software in accordance with this subsection. Customer may make a reasonable number of copies of the Software for back-up and archival purposes. For clarity, Software does not constitute Services.
b. Compliance With Scope of Use. Within 30 days of Google’s reasonable written request, Customer will provide a sufficiently detailed written report describing its usage in accordance with the applicable Scope of Use of each Software product used by Customer and its Software Users during the requested period. If requested, Customer will provide reasonable assistance and access to information to verify the accuracy of Customer’s Software usage report(s).
c. Other Warranties and Compliance. Each party represents and warrants that it will comply with all laws applicable to its provision or use of the Software. Customer will: (i) ensure that Customer and its Software Users' use of the Software complies with the Agreement (including the Scope of Use) and the restrictions in the Agreement applying to Customer's use of the Services; (ii) use commercially reasonable efforts to prevent and terminate any unauthorized access to or use of the Software; and (iii) promptly notify Google of any unauthorized access to or use of the Software of which Customer becomes aware.
d. Open Source or Third Party Terms. If the Software contains open source or third-party components, those components may be subject to separate license agreements, which Google will make available to Customer. Customer is solely responsible for complying with the terms of any third-parties from which Customer elects to migrate its workloads onto the Services, and represents and warrants that such third-party sources permit the use of Software to migrate applications away from such sources.
e. Termination. On termination or expiration of the Agreement, Customer will stop using all Software and delete all copies.
4. Premium Software Terms. The following terms apply only to Premium Software:
a. Introduction. Google makes certain Software available under the Agreement described as “Premium Software” at https://cloud.google.com/terms/services (“Premium Software”). Customer will pay applicable Fees for any Premium Software it obtains as described at the Fees URL. Premium Software is Google’s Confidential Information.
b. Software Warranty.
i. Google warrants to Customer that for one year from its delivery, Premium Software will perform in material conformance with the applicable Documentation. This warranty will not apply if (A) Customer does not notify Google of the non-conformity within 30 days after Customer first discovers it, (B) Customer modifies Premium Software or uses it in violation of the Agreement, or (C) the non-conformity is caused by any third-party hardware, software, services, or other offerings or materials, in each case not provided by Google.
ii. If Google breaches this warranty, then Google will, in its discretion, repair or replace the impacted Premium Software at no additional charge. If Google does not believe that repairing or replacing would be commercially reasonable, then Google will notify Customer and (A) Customer will immediately cease use of the impacted Premium Software and (B) Google will refund or credit any prepaid amounts for the impacted Premium Software and Customer will be relieved of any then-current commitment to pay for future use of the impacted Premium Software. Without limiting the parties’ termination rights, this subsection states Customer’s sole remedy for Google’s breach of the warranty in this Section (Software Warranty).
c. Software Indemnification. Google’s Intellectual Property Rights infringement indemnity obligations under the Agreement apply to Premium Software, and Customer’s indemnity obligations under the Agreement with respect to Customer’s use of the Services apply to Customer’s use of Premium Software. In addition to any other indemnity exclusions in the Agreement, Google’s indemnity obligations will not apply to the extent the underlying allegation arises from modifications to Premium Software not made by Google or use of versions of Premium Software that are no longer supported by Google.
d. Technical Support. Unless otherwise specified by Google, Google will make TSS available for Premium Software, in accordance with the TSS Guidelines, for an additional charge.
e. Compliance. Premium Software may transmit to Google metering information reasonably necessary to verify that use of the Premium Software complies with the Scope of Use. Customer will not disable or interfere with the transmission of such metering information.
f. Updates and Maintenance. During the Term, Google will make available to Customer copies of all current versions, updates, and upgrades of Premium Software, promptly upon general availability, as described in the Documentation. Unless otherwise stated in the Documentation, Google will maintain the current release of Premium Software and the two versions immediately preceding the current release, including by providing reasonable bug fixes and security patches. Maintenance for any Premium Software may be discontinued with one year’s notice from Google, except Google may eliminate maintenance for a version and require upgrading to a maintained version to address a material security risk or when reasonably necessary to avoid an infringement claim or comply with applicable law.
5. Pre-GA Offerings Terms.
a. Introduction. Google may make available to Customer pre-general availability Google Cloud Platform features, models, services or software that are either not yet listed at https://cloud.google.com/terms/services or identified as “Early Access,” “Alpha,” “Beta,” “Preview,” “Experimental,” or a similar designation in related documentation or materials (collectively, “Pre-GA Offerings”). Customer's access to and use of any Pre-GA Offering is subject to any applicable Scope of Use. While Pre-GA Offerings are not Services or Software, Customer’s use of Pre-GA Offerings is subject to the terms of the Agreement applicable to Services (or Software, if applicable), as amended by this Section (Pre-GA Offerings Terms).
b. Disclaimer. PRE-GA OFFERINGS ARE PROVIDED “AS IS” WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES OR REPRESENTATIONS OF ANY KIND. Pre-GA Offerings (i) may be changed, suspended or discontinued at any time without prior notice to Customer and (ii) are not covered by any SLA or Google indemnity. Except as otherwise expressly indicated in a written notice or Google documentation, (A) Pre-GA Offerings are not covered by TSS, and (B) the Data Location Section above will not apply to Pre-GA Offerings.
c. Liability. Notwithstanding anything to the contrary in any other limitation of liability Section in the Agreement, with respect to Pre-GA Offerings, Google will not be liable for any amounts in excess of the lesser of (i) the limitation on the amount of liability stated in the Agreement or (ii) $25,000. Nothing in the preceding sentence will affect any exclusions from any limitation of liability in the Agreement with respect to the following: (A) death or personal injury resulting from negligence, (B) fraud or fraudulent misrepresentation, (C) infringement of the other party’s Intellectual Property Rights, or (D) matters for which liability cannot be excluded or limited under applicable law.
d. Data Processing. Except as otherwise expressly indicated in a written notice or Google documentation, no data processing terms (including the Cloud Data Processing Addendum) apply to Pre-GA Offerings and Customer should not use Pre-GA Offerings to process personal data or other data subject to legal or regulatory compliance requirements.
e. Termination. Either party may terminate Customer's use of a Pre-GA Offering at any time with written notice to the other party.
6. Google-Managed Multi-Cloud.
a. Introduction. The then-current services described as “Google-Managed Multi-Cloud Services” at https://cloud.google.com/terms/services ("Google-Managed MCS") are Google services, products and features that are hosted on the infrastructure of a third party cloud provider (“MCS Third-Party Provider”). While the Google-Managed MCS are not Services or Software, Customer’s use of the Google-Managed MCS is subject to the terms of the Agreement applicable to Services (or Software, if applicable), as amended by this Section (Google-Managed Multi-Cloud).
b. Admin Console. The Google-Managed MCS may not be available through the Admin Console.
c. MCS Third-Party Provider Relationship.
i. To make use of the Google-Managed MCS, Customer must maintain an independent agreement, account and billing relationship with the applicable MCS Third-Party Provider. The Agreement does not obligate Google or the MCS Third-Party Provider to provide the MCS Third-Party Provider’s services that are necessary for the Customer to use the Google-Managed MCS.
ii. If the MCS Third-Party Provider makes a change to its services or terms, and Google reasonably concludes that its provision of the Google-Managed MCS is no longer commercially feasible as a result of the change, Google may immediately Suspend all or part of Customer's use of the impacted Google-Managed MCS, or make any other discontinuance or backwards-incompatible change necessary to continue to provide the Google-Managed MCS. To the extent Google may Suspend or modify the Google-Managed MCS as set forth in this Sections, the Google-Managed MCS are not subject to the Sections of the Agreement covering discontinuance and backwards-incompatible changes.
d. Liability. Notwithstanding anything to the contrary in the Agreement (except subject to any unlimited liabilities expressly stated in the Agreement), to the maximum extent permitted by law, each party’s total aggregate Liability for damages arising out of or relating to the Google-Managed MCS is limited to the greater of (i) the Fees Customer paid for the Google-Managed MCS during the 12-month period before the event giving rise to liability and (ii) $25,000.
e. Disclaimer. Notwithstanding anything to the contrary in the Agreement, the Google-Managed MCS are not (i) covered by any SLA, unless specifically identified under the terms of the SLA, (ii) subject to any obligations for Google to provide termination or transition assistance or other technical assistance after Suspension or termination, and (iii) subject to any business continuity or disaster recovery commitments.
7. Benchmarking. Customer may conduct benchmark tests of the Services (each a "Test"). Customer may only publicly disclose the results of such Tests if (a) the public disclosure includes all necessary information to replicate the Tests, and (b) Customer allows Google to conduct benchmark tests of Customer's publicly available products or services and publicly disclose the results of such tests. Notwithstanding the foregoing, Customer may not do either of the following on behalf of a hyperscale public cloud provider without Google's prior written consent: (i) conduct (directly or through a third party) any Test or (ii) disclose the results of any such Test.
8. Trials. Certain Services may be made available to Customer on a trial basis subject to parameters and any Scope of Use, as presented in a Fees URL, Admin Console, Documentation, or otherwise. Use of a trial indicates Customer’s acceptance of any such parameters.
9. User Experience Research. If Customer enrolls in the Google Cloud User Experience Research Program for Google Cloud Platform, Customer’s participation will be subject to the Google Cloud User Experience Research Panel Addendum available at https://cloud.google.com/terms/user-experience-research or a successor URL.
10. PGSSI-S. Customer will comply with France's General Security Policy for Health Information Systems (PGSSI-S) to the extent applicable.
11. APIs and non-Google cloud services. Certain APIs and non-Google cloud services accessible through the Admin Console have separate terms or privacy policies. Notwithstanding any reference to the Google Cloud Terms of Service or the Google Cloud Privacy Notice in the Admin Console, the API-specific terms and privacy policies will apply to Customer’s use of those APIs or services.
12. Resource Fields Data. Data included in Project Name, Project ID, or other resource fields do not constitute Customer Data. Do not include confidential, sensitive, or personally identifiable information in these fields.
13. Google Maps Content. Certain Services may incorporate features and content from Google Maps (“Google Maps Content”). If Customer provides its Google Maps Platform credentials to enable a Service to access Google Maps Content, such use or access is subject to the agreement under which Google has agreed to provide Google Maps Platform to Customer. Otherwise, Customer agrees that its use of or access to such Google Maps Content is subject to the then-current versions of the: (1) Google Maps/Google Earth Additional Terms of Service at https://maps.google.com/help/terms_maps.html; and (2) Google Privacy Policy at https://www.google.com/policies/privacy/.
14. Survival. The following Sections of these General Service Terms will survive expiration or termination of the Agreement: (a) Liability and the Disclaimer subsections in the Google-Managed Multi-Cloud Section and Pre-GA Offerings Terms, and (b) Benchmarking.
15. Additional Definitions.
“Cloud Locations Page” means https://cloud.google.com/about/locations/.
“Documentation” means the then-current Services and / or Software documentation at https://cloud.google.com/docs/.
“Fees URL” means https://cloud.google.com/skus.
“Multi-Region” means a defined set of Regions.
“Region” means a region from which a particular Service is offered, as identified at the Cloud Locations Page.
“Scope of Use” means any limits on installation or usage of Services or Software described at the Fees URL, Admin Console, Documentation, order form, or otherwise presented by Google.
As used throughout these Service Specific Terms, “Cloud Data Processing Addendum” (formerly referred to as the Data Processing and Security Terms) has the meaning given in the Agreement or, if no such meaning is given, means the then-current terms describing data processing and security obligations with respect to Customer Data at https://cloud.google.com/terms/data-processing-addendum.
The following terms apply only to the Service(s) indicated in the Section title.
Compute
1. App Engine - Data Location. Customer may configure App Engine to store Customer Data in the United States or European Union, and Google will store that Customer Data at rest only in that location. The Service does not limit the locations from which Customer or Customer End Users may access Customer Data or to which they may move Customer Data. For clarity, Customer Data does not include resource identifiers, attributes, or other data labels.
2. Google Cloud VMware Engine (GCVE)
a. Customer Security Obligations. Google may not have access to Customer's VMware environment or be able to encrypt personal data in Customer's VMware environment.
b. VMware Cloud Universal Program (“VMware Universal”). VMware, Inc. (“VMware”) and VMware partners sell credits through VMware Universal that may be applied towards GCVE in accordance with Customer’s agreement with VMware. Customer’s purchase and use of GCVE through VMware Universal is subject to the Agreement and the following terms.
(i) The Agreement’s payment terms will not apply, and all fees will be payable to VMware and determined solely between VMware and Customer.
(ii) Data Sharing with VMware.
A. Google may share with VMware information regarding Customer’s use of GCVE and Google Cloud Platform.
B.Customer acknowledges that, to the extent Customer provides any data to VMware in connection with GCVE, VMware may share such data with Google to the extent reasonably required to provide GCVE (including technical support) and administer VMware Universal.
C. If Customer brings a claim under the Agreement related to GCVE, Customer acknowledges that VMware may disclose to Google the fees or other amounts paid or payable by Customer to VMware for GCVE, and any other terms of the agreement between Customer and VMware regarding GCVE or either party’s performance under that agreement.
(iii) Remedies. Customer will seek any applicable SLA credits and monetary remedies described in the Agreement from VMware (and will not do so from Google).
(iv) Support. Google will provide technical support to Customer in accordance with the Agreement. Support fees for GCVE may be charged by VMware to Customer.
(v) Financial Commitments. If Customer has made financial commitments in an Order Form or addendum to the Agreement, then Google may apply Customer's GCVE consumption (at a rate determined by Google), or a portion of the applicable fees Google receives from VMware, to those commitments.
3. BigQuery.
a. ODBC/JDBC Drivers. The ODBC and JDBC drivers for BigQuery (described here) are “Software” as defined in the Agreement and their use is subject to the “General Software Terms.” These drivers may only be used with BigQuery.
b. Analytics Hub
(i) Introduction. Analytics Hub helps BigQuery customers publish and share sets of Customer Data (“Datasets”) with other BigQuery customers as subscribers. Datasets are organized into shared repositories (“Exchanges”) with each Dataset’s listings including additional listing information (“Listing Materials”) managed by the administrator of that Exchange (“Exchange Administrator”).
(ii) Exchange Administrators. When acting as an Exchange Administrator: (A) Customer Listing Materials are considered Customer Data and (B) Customer is responsible for any Datasets listed in its Exchange, including handling takedown requests and securing necessary rights and consents.
(iii) Disclaimer. Google is not responsible for and will have no liability for (A) any terms or relationships between Customer and any third party or (B) any Datasets.
4. Looker Studio.
This Agreement only applies to (a) Looker Studio Pro or (b) Looker Studio if Customer has selected it to govern in the Admin Console.
5. Google Earth Engine.
a. Non-Commercial Use. Use of the free, non-commercial / research activities edition of Google Earth Engine is subject to the terms at https://earthengine.google.com/noncommercial/ or a successor URL, which may be updated by Google periodically.
b. Incorporation into Applications. Customer may not allow End Users of Customer’s Applications to directly access or interact with the Google Earth Engine APIs unless those End Users have their own Google Cloud Platform Accounts and have access to Google Earth Engine from those Accounts.
6. Compute Engine.
a. Future Reservations. Customer may request a future reservation, as described at https://cloud.google.com/compute/docs/future-reservations (or a successor URL), by following the instructions at that URL. Google will determine in its sole discretion whether to approve each future reservation request, and approval will not be unreasonably withheld or delayed. Reserved VMs may not be transferred or shared amongst multiple customers by Customer (if the Customer is a reseller or supplier of Google Cloud Platform).
Networking
7. Cloud Interconnect - Partner Interconnect. Customer will independently engage a network service provider who has agreed with Google to supply connectivity between Customer and Google under Google’s partner terms for Partner Interconnect. Google is not responsible for any issues arising outside of Google’s network.
8. Cloud Intrusion Detection System (Cloud IDS). Notwithstanding anything to the contrary in the “Benchmarking” section of the General Service Terms of these Service Specific Terms, Customer will not, and will not allow End Users to, disclose, publish, or otherwise make publicly-available any benchmark, or performance or comparison tests that are run on Cloud IDS and that are conducted by Customer or an End User (or a third party authorized by Customer or an End User).
9. Network Connectivity Center (NCC). Notwithstanding any telecommunications restrictions in the Agreement, Customer may use NCC only in Australia, India, Japan, Korea, Singapore, the United Kingdom, and the United States.
10. Spectrum Access System
a. Governing Agreement. This Section 9 (Spectrum Access System) only applies to Customers procuring SAS under the terms of this Agreement.
b. Additional Customer Obligations. Customer is solely responsible for (i) the installation, operation, maintenance, and repair of Registered CBSDs; (ii) staffing, instructing, and managing personnel performing the installation, operation, maintenance, and repair of Registered CBSDs; (iii) ensuring that such personnel are certified by WInnForum to the extent required by applicable law; and (iv) procuring and maintaining connectivity with Spectrum Access System to enable the ordering and registration of CBSDs and the use of Registered CBSDs. For clarity, Section 2(b) (Operations of Communications Services) in the General Services Terms of these Service Specific Terms does not prohibit Customer from using Spectrum Access System in compliance with this Section 9 (Spectrum Access System).
c. Applicable Law. Spectrum Access System is subject to Federal Communications Commission (“FCC”) regulations. Each party will comply with the rules and implementing orders of the FCC (including 47 C.F.R. Part 96), the Department of Defense, and the National Telecommunications and Information Administration, along with the duly adopted Release 1 standards of WInnForum, to the extent applicable to that party’s provision, receipt, or use of Spectrum Access System.
d. No Personal Data. Except for any Customer Account Information that may include personal data, Customer will not provide any CBSD Endpoint User Information or other regulated data to Google through Customer’s use of Spectrum Access System.
e. Definitions.
“CBSD” means a device with a radio access point that is certified by the FCC to operate in the Citizens Broadband Radio Services band.
“CBSD Registration Information” means data relating to the location, identification, operating parameters, and other aspects of Registered CBSDs.
“CBSD Reporting Data” means the anonymized or aggregated data and metadata Google receives from the Registered CBSDs during Customer’s use of Spectrum Access System.
“CBSD Endpoint” means a device that may establish wireless connectivity with the authorization of a Registered CBSD.
“CBSD Endpoint User” means an individual that uses any CBSD Endpoint.
“CBSD Endpoint User Information” means any information, data, or content relating to a CBSD Endpoint User, including (i) billing and usage information, passwords, and PINs; (ii) transmitted or received content information; (iii) authentication information and any other demographic information; and (iv) other information in connection with use by a CBSD Endpoint User of a CBSD Endpoint on any Registered CBSD or network of Registered CBSDs (excluding any information that may qualify as CBSD Registration Information or CBSD Reporting Data).
“Customer Account Information” means information provided by Customer in connection with the registration of CBSDs, which consist of (i) contact and account information for Customer; (ii) identification information for all Registered CBSDs registered to Customer, as prescribed by WInnForum standards; (iii) identifying information for all groups of CBSDs for Customer; and (iv) information relating to Customer’s priority access licenses (as applicable), including identification numbers, boundary information, protection area, CBSD cluster lists, grouping information, and any leases of such priority access licenses.
“Registered CBSD” means a CBSD that is registered with Google and operated by Customer via Spectrum Access System.
“WInnForum” means the Wireless Innovation Forum or any successor organization.
Developer Tools
11. Assured Open Source Software (AOSS). TSS is not available for free tiers of AOSS.
Data Analytics
12. Looker (Google Cloud core). If Google’s measurement tools are unable to confirm Customer’s usage of the Services, then (a) within 30 days of Google’s request, Customer will provide a sufficiently-detailed written report describing usage of the Looker (Google Cloud core) Service by Customer and End Users during the requested period, and (b) Customer will provide reasonable assistance and access to information to verify the accuracy of Customer’s usage report(s).
AI / ML Services
13. Definitions
“Customer Adapter Model” means an adapter model that Customer creates using its Customer Data with an AI/ML Service.
“Customer Model” means (i) a model that Customer creates without using a Google Pre-Trained Model or (ii) a model owned by Customer or a third party that Customer uploads, fine tunes, or deploys in AI/ML Services. Customer Models do not include Customer Adapter Models.
“Fine-Tuned Model” means an uptrained model that Customer creates by using an AI/ML Service to retrain or fine-tune a Google Pre-Trained Model using Customer Data.
“Google Pre-Trained Model” means a model trained by Google and not released under an open source license.
“Third Party Model” means a model that Google makes available through AI/ML Services and is provided by a third party or subject to an open source license.
14. Intellectual Property Terms for AI/ML Services
a. Non-Google Models. As between Customer and Google and in connection with use of an AI/ML Service (as described at https://cloud.google.com/terms/services), Google does not assert any ownership rights in (i) Customer Models or (ii) Customer Adapter Models to the extent that the adapter model does not contain any pre-existing Google intellectual property.
b. Google Models. Customer will have sole (meaning to the exclusion of Google and other third parties) access to use Fine-Tuned Model. Google owns all Intellectual Property Rights in Google Pre-Trained Models and Fine-Tuned Models. Where permitted by the AI/ML Service, any exported Fine-Tuned Model is licensed as Software.
15. AI/ML Data Location. Customer may configure the Services listed at https://cloud.google.com/terms/data-residency to (a) store Customer Data at rest and (b) perform machine learning processing of Customer Data by the Service, in each case in a specific Multi-Region, and Google will perform (a) and (b) only in that Multi-Region. For clarity, Customer Data does not include resource identifiers, attributes, or other data labels.
16. Use Restrictions for AI/ML Services. Customer will not, and will not allow End Users to, use an AI/ML Service to: (a) develop models that compete with the specific Service being used by Customer, or (b) reverse engineer or extract components of any Service, Software, or their models. Google may immediately suspend or terminate Customer's use of any AI/ML Service based on any suspected violation of the preceding sentence. The restriction in subsection (a) of this Section does not apply to Vertex AI Platform so long as Customer does not use a Google Pre-Trained Model.
17. Training Restriction. Google will not use Customer Data to train or fine-tune any AI/ML models without Customer's prior permission or instruction.
18. Third Party-Models and Customer Models
a. Use of Third-Party Models on the Google Cloud Platform. Customer’s use of Third Party Models is subject to third party terms and conditions.
b. Disclaimer and Indemnity. Google disclaims all liability arising from Customer’s use of Third Party Models and Customer Models, and Google’s indemnification obligations do not apply to allegations arising from Third Party Models or Customer Models.
19. Generative AI Services.
a. Definition. “Generated Output” means the data or content generated by a Generative AI Service prompted by Customer Data. Generated Output is Customer Data. As between Customer and Google, Google does not assert any ownership rights in any new intellectual property created in the Generated Output.
b. Disclaimer. Generative AI Services (as described at https://cloud.google.com/terms/services) use emerging technology, may provide inaccurate or offensive Generated Output, and are not designed for or intended to meet Customer’s regulatory, legal, or other obligations. Customer acknowledges that a Generative AI Service may, in some scenarios, produce the same or similar Generated Output for multiple customers.
c. Prohibited Use Policy. For the purposes of Generative AI Services, the Prohibited Use Policy located at https://policies.google.com/terms/generative-ai/use-policy, as may be updated from time to time, is incorporated into the AUP. (If Customer has questions on whether this policy applies to Customer’s business, contact your Google Cloud Sales Representative or Google Cloud Partner.)
d. Use Restrictions for Generative AI Services. Customer will not, and will not allow End Users to, use Generated Output to: (i) develop models that compete with any Service or Software, or (ii) reverse engineer any Service, Software, or their models (or extract any components of the foregoing).
e. Age Restrictions. Customer will not, and will not allow End Users to, use a Generative AI Service as part of a website, Customer Application, or other online service that is directed towards or is likely to be accessed by individuals under the age of 18.
f. Healthcare Restrictions. Customer will not, and will not allow End Users to, use the Generative AI Services for clinical purposes (for clarity, non-clinical research, scheduling, or other administrative tasks is not restricted), as a substitute for professional medical advice, or in any manner that is overseen by or requires clearance or approval from any applicable regulatory authority.
g. Suspected Violations. Google may immediately suspend or terminate Customer's use of a Generative AI Service based on any suspected violation of subsections (d) or (e) above.
h. Restrictions. The restrictions contained in subsections (e) and (f) above are deemed to be “Restrictions” or “Use Restrictions” under the applicable Agreement.
i. Handling of Prompts and Generated Output. Absent Customer’s prior permission or instruction, Google will not store outside Customer’s Account (i) Customer Data prompted to a Generative AI Service for longer than is reasonably necessary to create the Generated Output, or (ii) the Generated Output.
j. Additional Google Indemnification Obligations.
(i) Generated Output. Google’s indemnification obligations under the Agreement also apply to allegations that an unmodified Generated Output from a Generative AI Indemnified Service using only Google Pre-Trained Model(s), a Fine-Tuned Model, or a Customer Adapter Model used with a Google Pre-Trained Model infringes a third party’s Intellectual Property Rights. This subsection (i) (Generated Output) does not apply if the allegation relates to a Generated Output where: (1) Customer creates or uses such Generated Output that it knew or should have known was likely infringing, (2) Customer (or Google at Customer’s instruction) disregards, disables, or circumvents source citations, filters, instructions, or other tools Google makes available to help Customer create or use Generated Output responsibly, (3) Customer uses such Generated Output after receiving notice of an infringement claim from the rightsholder or its authorized agent, (4) the allegation is based on a trademark-related right as a result of Customer’s use of such Generated Output in trade or commerce, or (5) Customer does not have the necessary rights to the Customer Data used to customize or retrain the Fine-Tuned Model or Customer Adapter Model. “Generative AI Indemnified Service” means a Service or feature listed at https://cloud.google.com/terms/generative-ai-indemnified-services, where the use of such Service or feature is paid for by Customer and not subject to credits or free tier usage.
(ii) Training Data. Google’s indemnification obligations under the Agreement also apply to allegations that Google’s use of training data to create any Google Pre-Trained Model utilized by a Generative AI Service infringes a third party’s Intellectual Property Rights. This indemnity does not cover allegations related to a specific Generated Output, which may be covered by subsection (i) (Generated Output) above.
k. Modifying, Disregarding, or Disabling Safety Filters. Customer is solely responsible for any Generated Output created or used where Customer (or Google at Customer’s instruction) disables or modifies safety filters (if permitted by the Generative AI Service) or disregards safety instructions or documentation.
20. Vertex AI Search. With respect to this Service, Customer may use only Customer Data and web domains that it owns or is authorized to utilize.
21. Celebrity Recognition. Customer will use celebrity recognition functionality in Cloud Vision and Video Intelligence API on celebrities, only with professionally-filmed media content that Customer owns or is authorized to use, and not for any surveillance-based purpose.
22. CCAI Platform
a. No Access to Emergency Services. CCAI Platform does not function as a telephonic or other communication service. The Service cannot send or receive emergency calls or texts, and will not be used for emergency services.
b. Bring Your Own Carrier (“BYOC”). In the BYOC model, Customer is responsible for obtaining telephony services from a third party and for all associated costs. Customer and its telephony provider are solely responsible for compliance with any regulatory and licensing requirements for such telephony services.
23. Cloud Translation API. Customer will comply with the HTML Markup Requirements found at https://cloud.google.com/translate/markup and the attribution requirements found at https://cloud.google.com/translate/attribution.
24. Speech on Device. Customer’s license to this Premium Software is limited to using Speech on Device (SOD) locally on each designated device upon which it is activated. Only Customers who subscribe to TSS are eligible to receive updates to SOD. Upon termination or expiration of Customer’s Order Form for SOD, Customer will permanently delete all SOD models (except those models on already-activated devices) and may not use SOD to perform any additional activations or distribute any more devices.
25. Visual Inspection AI. Customer may only download from Visual Inspection AI containerized Solution Artifacts (as described in the Documentation and licensed as Software) for the duration and number of cameras designated when downloaded by Customer in the Admin Console.
26. Retail Search. If Customer provides results for any query in a different order than the ranked order returned by Retail Search (“Alternative Ranking”), then (a) Google will not provide any support (including TSS) in relation to this Alternative Ranking and (b) Customer forfeits any rights granted by Google to use Google Brand Features in connection with Retail Search.
27. Telecom Subscriber Insights.
a. Updates. If Google makes available to Customer an update to the Telecom Subscriber Insights Software and Customer does not download the update within 30 days of notification of its availability, Google will automatically push the update to Customer’s Project(s) that use Telecom Subscriber Insights.
b. Additional Restrictions. Customer will not (either directly or via third parties) (i) use Telecom Subscriber Insights or any of its components to create, train, or improve (directly or indirectly) any similar or competing system, product or service; or (ii) use output data from Telecom Subscriber Insights for the purpose of creating, training, or improving (directly or indirectly) any similar or competing system, product or service.
28. Anti Money Laundering AI. The Service may only be used for Customer’s (or its own customers’) detection of money-laundering activities as part of an anti money laundering (AML) compliance program. Customer will comply with the service limits defined in the Documentation and ensure that Service outputs are subject to human oversight, investigation, and evaluation by trained AML compliance personnel. Google may suspend or terminate Customer’s use of the Service based on any suspected violation of the foregoing obligations.
Bare Metal
29. Bare Metal Solution
a. Liability. Notwithstanding anything to the contrary in the Agreement (except subject to any unlimited liabilities expressly stated in the Agreement), to the maximum extent permitted by law, each party’s total aggregate Liability for damages arising out of or relating to Bare Metal Solution is limited to the greater of (i) the Fees Customer paid for Bare Metal Solution during the 12 month period before the event giving rise to liability and (ii) $25,000. This Section will survive expiration or termination of the Agreement.
b. Bare Metal Solution Proof of Concepts. Customer may not use Bare Metal Solution proof of concepts and trials in connection with any production workloads.
Migration
30. Transfer Appliance Service.
a. Trade Compliance. In case of cross-border shipments of Appliance Materials, Customer may be responsible for export clearance, Google may designate a carrier to act as Customer's agent with the relevant customs and tax authorities to import or export the Appliance Materials, and Customer will cooperate with Google and its carrier, including providing export classification information and acting as the importer or exporter of record. Customer will not ship Appliance Materials except as directed in writing.
b. Responsibility for Appliance Materials. While Appliance Materials are in its control, Customer is responsible for any loss or damage and will use appropriate security measures to protect them.
c. Sole Remedy. Customer's sole remedy in connection with any unsuccessful attempt to complete the Transfer Appliance Service is for Google to use reasonable efforts to re-perform the Transfer Appliance Service.
The Service Specific Terms for the Transfer Appliance Service are also applicable to Google Distributed Cloud Edge Appliance Service excluding the “Sole Remedy” subsection above.
“Appliance Materials” means the materials provided by Google or its Subprocessors in connection with the Transfer Appliance Service or the Google Distributed Cloud Edge Appliance Service, as applicable, including hardware and software.
Security and Identity
31. Assured Workloads.
a. General. Google will provide TSS for Assured Workloads in accordance with such Customer-selected controls. It is Customer's responsibility to determine whether Customer-selected Admin Console controls are adequate for Customer’s purposes. Google’s data location commitments under General Service Terms Section 1 (Data Location) apply to Assured Workloads. In addition, Assured Workloads provides Customers the ability to prevent Google persons located outside the Customer-selected Region from accessing Customer Data in an Assured Workloads environment.
b. Assured Workloads. Notwithstanding any restriction on the access or use of the Services for materials or activities subject to ITAR in the Agreement, Customer may access or use the Services with software or technical data subject to ITAR if Customer uses Assured Workloads Services explicitly identified in the Documentation as being compatible with ITAR requirements.
c. Federal Risk and Authorization Management Program (FedRAMP) and Department of Defense Cloud Security Requirements Guide (DoD SRG). Certain Google Services have received FedRAMP or DoD SRG Authority to Operate (“ATO”) for defined Services. FedRAMP ATO Services are currently described at https://cloud.google.com/security/compliance/fedramp and DoD SRG ATO Services are currently described at https://cloud.google.com/security/compliance/disa. Customers are responsible for complying with the relevant FedRAMP and SRG requirements when using the Services, including the requirements in the Customer Responsibility Matrix (“CRM”). The CRM is a part of the Google Services System Security Plan maintained by the FedRAMP Program Management Office, and is available to government customers upon request. Customer may not use any Services to store or process classified information data.
32. Access Approval. Use of Access Approval may increase response times for TSS, and Customer will be responsible for any disruption or loss as a result of Customer denying or delaying approval via Access Approval. The SLAs do not apply to any Service disruption impacted by Customer’s use of Access Approval.
33. Security Command Center.
a. Data Processing. In order to protect your assets against new and evolving threats, Security Command Center analyzes data related to misconfigured assets, indicators of compromise in logs, and attack vectors. This activity may include processing to improve service models, identifying recommendations to harden customer environments, collecting metrics to evaluate the effectiveness and quality of services, and conducting experiments to optimize the user experience.
b. Cryptomining Protection Program. Customer’s use of Security Command Center Premium is subject to the terms of the Security Command Center Cryptomining Protection Program (“Cryptomining Protection Program”). Google reserves the right to update or discontinue the Cryptomining Protection Program upon 30 days notice.
34. Cloud Identity Services. The following terms apply only to the Cloud Identity Services provided under this Agreement:
a. Use of Google Workspace Components. Customer’s use of the Google Workspace Components is subject to any applicable provisions of the then-current Google Workspace Service Specific Terms at https://workspace.google.com/intl/en/terms/service-terms/, which provisions are incorporated by reference into this Agreement.
b. Additional Products. Google makes optional Additional Products available to Customer and Customer End Users through the Cloud Identity Services. Customer’s use of Additional Products is subject to the Additional Product Terms.
c. Governing agreement. Customer’s use of Cloud Identity Services under the Account, will be governed by: (i) Customer's Google Workspace agreement; (ii) this Agreement; or (iii) the terms at https://cloud.google.com/terms/identity, if and as applicable, depending on which is in effect. This Section will survive expiry or termination of this Agreement.
d. Definitions.
“Additional Products” means products, services and applications that are not part of the Services but that may be accessible for use in conjunction with the Services.
“Additional Product Terms” means the then-current terms at https://workspace.google.com/intl/en/terms/additional_services.html.
“Google Workspace Components” has the meaning given in the then-current services summary for Cloud Identity Services at https://cloud.google.com/terms/identity/user-features.
“Google Workspace” means the then-current services described at https://workspace.google.com/terms/user_features.html
35. Firebase Authentication and Identity Platform.
a. Phone Authentication. Google temporarily stores phone numbers provided for authentication to improve spam and abuse prevention across Google services. Phone numbers are not logically isolated for a given customer's end users. Customer should obtain appropriate end-user consent before using the Firebase Authentication or Identity Platform phone number sign-in service.
b. Other Authentication Services. Use of Google Sign-In for authentication is subject to Google’s API Services: User Data Policy. Google is not responsible for any third-party sign-in service used with Firebase Authentication or Identity Platform.
c. reCAPTCHA Notice Requirement. Customer agrees to explicitly inform Customer End Users of phone authentication features that their use of reCAPTCHA is subject to the Google Privacy Policy and Terms of Use. For users in the European Union, you and your Application(s) must comply with the EU User Consent Policy. Google collects hardware and software information, such as device and application data, through reCAPTCHA only as necessary to provide, maintain, and improve the Service, and for general security purposes. Such information will not be used for any other purpose, such as personalized advertising by Google.
36. reCAPTCHA Enterprise.
a. Information. Google collects hardware and software information, such as device and application data, through reCAPTCHA Enterprise only as necessary to provide, maintain, and improve the Service, and for general security purposes. Such information will not be used for any other purpose, such as personalized advertising by Google.
b. Terms. Customer will inform applicable Customer’s End Users that Customer has implemented reCAPTCHA Enterprise on its properties and that Customer’s End Users' use of reCAPTCHA Enterprise is subject to the Privacy Policy and Terms of Use.
c. Use. reCAPTCHA Enterprise may only be used to fight fraud and abuse on Customer's properties, and not for any other purposes, such as determining credit worthiness, employment eligibility, financial status, or insurability of a user.
d. Customer Privacy Policy. Customer will provide and adhere to a privacy policy for its API client that clearly and accurately describes to applicable Customer End Users what user information Customer collects and how Customer uses and shares such information with Google and third parties. Customer will be responsible for providing any necessary notices or consents for the collection and sharing of this data with Google. Customer and its API client(s) will comply with the EU User Consent Policy.
37. Web Risk.
a. Attribution. Customer may display a warning about unsafe web resources for a particular site based on verification against Google’s list of unsafe sites provided that (i) the applicable Customer Application has received from Google an updated list (via the applicable API method) before the expiration time provided by the applicable API response or within 30 minutes if no expiration time is specified; and (ii) Customer provides attribution and conspicuous notice that the reliability and accuracy of the protection cannot be guaranteed using language similar to the “Advisory Notice” subsection below.
b. Advisory Notice. Google works to provide the most accurate and up-to-date information about unsafe web resources, but cannot guarantee that its information is comprehensive and error-free: some risky sites may not be identified, and some safe sites may be identified in error.
c. Evaluate and Submission APIs. Google uses URLs and associated data submitted through the Evaluate API or Submission API (“Submitted URLs”) and corresponding maliciousness scores to provide, maintain, protect and improve Google's products and services, including Google's list of unsafe web resources. Google may also share Submitted URLs with third parties, including other Google customers and users. Submitted URLs are not Customer Confidential Information or Customer Data.
38. BeyondCorp Enterprise
a. Chrome Browser Cloud Management. In order to use BeyondCorp Enterprise Threat and Data Protection Services, Customer acknowledges and agrees that Customer must enable "Chrome Enterprise Connectors" in the Chrome Browser Cloud Management section of the Admin Console.
b. Threats. When BeyondCorp Enterprise checks for malware, unsafe web pages, or other unsafe files (“Threats”), the URL or a file hash and the result of the analysis are temporarily stored in a Google global cache for performance-related purposes. Customer acknowledges and agrees that Customer URLs and file hashes that BeyondCorp Enterprise identifies as Threats are not Customer Confidential Information or Customer Data and Google may use such URLs and file hashes to provide, maintain, protect and improve Google's products and services, including Google's lists of Threats.
c. BCE app connector. Customer agrees to install Software for BCE app connector in Customer’s private data center or other non-Google cloud environments in accordance with the minimum specifications described in the Documentation. Customer authorizes Google to connect and maintain the Software in order to provide connectivity for the applications accessed by Customer via BCE app connector.
39. Certificate Manager. Customer authorizes Google Cloud to apply for and obtain publicly trusted SSL/TLS certificates from third-party or Google-managed certificate authorities for domains operated and controlled by Customer (“Customer Domains”) pursuant to the CA/Browser Forum Baseline Requirements or any applicable successor requirements (“Requirements”). Customer represents and warrants that it operates and controls the Customer Domains and will revoke the authorization from Google when Customer ceases to operate and control a Customer Domain. Google may revoke a certificate as required by the Requirements or for failure to comply with the AUP.
Google Distributed Cloud
40. Google Distributed Cloud Edge. If you purchased Google Distributed Cloud Edge prior to August 15, 2023, the terms available at https://cloud.google.com/distributed-cloud/edge/service-terms will apply.
Sovereign Controls by Partners
41. Sovereign Controls by Partners.
a. Customer Responsibilities. The Sovereign Controls by Partners solution applies only to the Supported Google Cloud Services listed at https://cloud.google.com/terms/in-scope-sovereign-cloud (“Supported Google Cloud Services”). The Party using the Sovereign Controls Partners solution, whether Customer or a customer of the Sovereign Controls Partner or other Reseller or Partner , is responsible for: (i) receiving the Sovereign Controls Partners services, including external key management services (“EKM”), from the Sovereign Controls Partners listed at https://cloud.google.com/terms/in-scope-sovereign-cloud, and (ii) maintaining separate terms directly with the Sovereign Controls Partner governing the use of those Sovereign Controls Partners services.
b. Partner Access. To the extent applicable, Customer authorizes (and will ensure, if applicable, it has all relevant approvals to allow) Google to share, with the relevant Sovereign Controls Partner, Customer's contact information, metadata, log data, billing information, and configuration data from the Services used in the environment applicable to the Sovereign Controls by Partners solution, or that of Customer’s applicable end customer. Google is not responsible for a Sovereign Controls Partner’s handling of such data.
c. Key Access Justifications. Google will transmit an accurate justification to the EKM for each request to obtain key access to decrypt Customer Data for supported, generally-available Services, pursuant to terms agreed between the Sovereign Controls Partner and Google (if applicable). Once the EKM receives a justification, they are responsible for determining whether to grant Google the requested key access. Google is not responsible if the operation or functionality of the Services is impacted because Google cannot obtain a key access needed for such operation or functionality.
d. Security Controls. Data location controls made available by Google for the Sovereign Controls solution will be the same as the controls Google makes available for Assured Workloads, as described in the Assured Workloads Service Specific Terms.
Databases
42. AlloyDB Omni. Free users may not use the Software for a commercial purpose or within, related to, or in support of a production environment.
1. Red Hat Enterprise Linux.
Customer’s use of the Red Hat Enterprise Linux product, provided by Google in conjunction with Compute Engine, is subject to the terms and conditions stated at https://www.redhat.com/licenses/cloud_cssa/.
2. Microsoft Products.
Customer’s use of the Microsoft products, which may include associated media, printed materials, and “online” or electronic documentation (individually and collectively, “Microsoft Products”), provided by Google in conjunction with any applicable Service(s) is subject to the terms and conditions stated at https://cloud.google.com/terms/service-terms/microsoft.
3. NVIDIA Drivers.
The NVIDIA software components used in conjunction with the Services are subject to the terms and conditions stated at https://cloud.google.com/terms/service-terms/nvidia. Notwithstanding the preceding sentence, the NVIDIA Linux GPU kernel modules identified at https://github.com/NVIDIA/open-gpu-kernel-modules will be made available under, and subject to, the open source terms included on that page.
In addition, the following NVIDIA software components may be used solely with the Services for compute and offline graphics purposes: GRID, Tesla Driver, Cuda Toolkit, cuDNN, TensorRT, NVENC, NVCUVID, NVML, and nvidia-aml.
4. Oracle JDBC Driver in Looker (Google Cloud core) only.
The Oracle JDBC software components used in conjunction with the Looker (Google Cloud core) service are subject to the terms and conditions stated at https://cloud.google.com/terms/looker/legal/customers/service-terms/oracle.
1. Committed Units.
a. Selection and Commitment. If Customer purchases Committed Units, then notwithstanding the payment terms in the Agreement, Customer will pay the Fees for those Committed Units during the Committed Unit Term selected by Customer, whether or not they are used, as stated at the Fees URL for the applicable SKU. The Fees for some Committed Units may be fixed for the duration of the Committed Unit Term to the price in effect at the beginning of that Committed Unit Term, as described in the applicable Documentation.
b. Renewal. Unless otherwise stated in the Admin Console or other documentation, at the end of each Committed Unit Term, the Committed Unit selection will automatically renew for the same Committed Unit Term at the same quantity until Customer selects in the Admin Console to stop renewing or either party notifies the other party in writing to cancel the renewal.
c. Cancellation and Expiration. If Google serves notice to non-renew the Agreement, terminates the Agreement (other than for Customer's material breach), or discontinues providing the Services applicable to the Committed Units, Google will refund Customer any unused prepaid Fees following the expiration or termination of the Agreement, or discontinuance of the relevant Services, as applicable. Any use of the Services after cancellation or expiration of the Committed Units will be billed at standard Fee rates.
d. No Resell or Transfer. Unless Google agrees otherwise, Customer may not resell, share or transfer Committed Units.
2. Currency Conversion.
When charging in non-USD currency, Google will convert USD-denominated prices into applicable currency according to market conversion rates published by leading financial institutions from time to time.
3. Additional Definitions.
“Committed Units” means a non-cancellable (a) specified quantity of the Services (e.g. Compute Engine virtual machine instances), which may include a specified machine type, region, zone, query capacity, and period of time to use; (b) specified amount of credits to be purchased for expenditure on specified Services during a specified time period; or (c) a specified quantity of the Services offered on a subscription basis during a specified time period.
“Committed Unit Term” means the period of time during which Customer is obligated to pay for the Committed Units.
“Fees URL” means https://cloud.google.com/skus.
“Order Form” means an order form executed by Customer and Google or an order placed by Customer via a Google website, in either case specifying the Services Google will provide to Customer.