Compliance with the GDPR is a top priority for Google and our AppSheet customers. The GDPR aims to strengthen personal data protection in Europe, and impacts the way we all do business. We’re sure you have many questions, and we’re here to help. Google takes a customer-centric approach on protection, control, and compliance, and we want to be a key facilitator on your GDPR journey.

What is the GDPR?

The GDPR, which went into effect on May 25, 2018, replaced the 1995 EU Data Protection Directive. The GDPR lays out specific requirements for businesses and organizations who are established in Europe or who serve users in Europe. It:

• Regulates how businesses can collect, use, and store personal data
• Builds upon current documentation and reporting requirements to increase accountability
• Authorizes fines on businesses who fail to meet its requirements

What we're doing

We champion initiatives that prioritize and improve the security and privacy of user data. We’ve made multiple updates to ensure that AppSheet customers can confidently use our services now that the GDPR is in effect. Partner with AppSheet and we will support your efforts by:

1. Committing in our contracts to comply with the GDPR in relation to our processing of customer personal data in the AppSheet services
2. Offering additional security features that may help you to better protect the personal data that is most sensitive
3. Giving you the documentation and resources to assist you in your privacy assessment of the AppSheet services
4. Continuing to evolve our capabilities as the regulatory landscape changes

Platform features that support your GDPR Compliance

AppSheet connects with leading cloud storage providers. Data used as the back-end of your app is stored in the cloud data source you use to host your data. The AppSheet services do not persist this data and simply passes the data through data connections back to your cloud data source. We recommend you review your cloud storage providers and how they work with the GDPR.

AppSheet gives you the ability to create and share apps in a secure way, keeping control of who has access to data and where data is hosted. It's important that you use the security settings in a way that matches your needs for the data you use in your apps. We invite you to explore the different security options available in the platform. Some of the capabilities available in AppSheet are:

• Ability to tag any data field as sensitive, which in turn obscures it from AppSheet back-end usage logs
• Ability to apply security filters to any table used in your applications.
• Ability to restrict access to your applications using oAuth 2.0 authentication.
• HTTPS data transmission.
• Ability to conditionally restrict read/write access to any field in a table.

AppSheet Subprocessors

Google and its affiliates engage the following third-party entities to assist in connection with the AppSheet services as specified below: