The following article provides a brief overview of Google's data usage practices and commitment to protecting the confidentiality and security of data.
Google as a data controller
Google operates as a data controller for AdMob. Publishers use this product as independent data controllers, not processors or joint controllers. This is reflected in our Controller-Controller Data Protection Terms, which will be a part of the updated Terms and Conditions for AdSense. Updated terms will be available to click to accept prior to May 25, 2018.
A user’s visit to one site or app in the AdSense or AdMob network, where ads personalization is on, will help advertisers to serve more relevant ads to that user when they visit other sites or apps in the AdSense or AdMob network. So if the user visits one site that talks about bicycles, then visits another publisher’s site, the user might see ads for bicycles. That is not a consequence of AdSense and AdMob being designated as controllers; rather, that’s how these products have worked since their inception. Because they operate in that way, AdSense and AdMob are controller products.
Our AdMob Program Policies (which incorporate the AdSense Program Policies) prohibit the use of AdMob to pass any information to Google that Google could use or recognize as personally-identifiable information. This would include, for example, end users’ email addresses or phone numbers.
Each AdMob ad request on a publisher’s app will share certain data from the user’s device, for instance the user’s IP address and mobile ad identifiers will be shared with Google. For rewarded ads, a user opt-in and incentivized format, an app developer may pass signals to identify the user to the SDK. These signals are passed back to the app developer when an advertisement is shown so that the app can reward the user. Such signals are not stored or used by Google in any way.
What is the data used for?
Google uses AdMob data to help us provide and develop the AdMob services (described further below) and to make advertising more effective. Identifiers such as mobile advertising IDs are used to stop users from seeing the same ad over and over again, to detect and stop click fraud, and to show ads that are likely to be more relevant to the user (such as ads based on apps the user has visited). AdMob data is used for analytics purposes and to deliver reports to publishers about their account and performance.
Google uses strict access controls (using both automated technical controls and internal policy controls) to limit internal access to the personal data to only those with a business need to access it. AdMob shares limited end user data with ad networks. Publishers can control the participating ad networks by using in-product controls. This data is shared to help the ad network decide whether they want to serve an ad to the user and, if so, which ad they want to show, and how much they want to bid.
The information that is shared with potential ad network includes:
- The name and identifier of the app, provided the app developer allows such sharing
- The category of that app (e.g., “Sports News”) and its language
- The type of browser and device the user is using, and the device’s screen size
- The user’s approximate geographic location
- A truncated version of the user’s IP address, which potential bidders may use for purposes such as determining the user’s approximate geography for themselves, and as a signal to protect against advertising fraud
- For web pages, an encrypted cookie identifier that is unique to the potential bidder, which helps a bidder that has its own cookie on the user’s browser to look at any other information it has associated with that cookie (e.g., based on that cookie, the bidder may know that the user is a female with an interest in hockey)
- For apps and other devices, such as gaming consoles and connected TV devices, an advertising ID that serves the same purpose.
In addition, our Ad Exchange policies restrict the ways in which Ad Exchange bidders are allowed to use this information.
Data retention, data deletion, and data portability
Signed-in Google users can delete past searches, browsing history, and other authenticated activity from their Google Accounts. When these events are deleted, they will no longer contribute to that user’s signed-in ads profile. For more information about the data deletion functionalities available in My Activity, please refer to the My Activity help center. Signed-in users can also view and edit their Google account ads profile in Ads Settings.
End user data from users who are not signed-in Google users can no longer be used by Google for purposes of targeting that user if :
- The user’s cookie expires or the user chooses to delete their cookies or reset their advertising ID; or
- The user opts out of ads personalization on their device.
We store a record of the ads we serve in our logs, for signed-in and signed-out users. These server logs typically include a user’s web request, IP address, browser type, browser language, the date and time of the ad request, and one or more cookies or an advertising ID that may uniquely identify that user’s browser or mobile device. We anonymize IP addresses in logs by removing part of the address after 9 months. After 18 months, we further anonymize log data by anonymizing or deleting cookie or advertising ID information in both logs and ad serving databases.
User data tied to cookies and advertising IDs is also used to detect and prevent ad fraud and ensure that users don’t see ads that they’ve blocked in the past. In these cases, or in cases where Google stores this data on behalf of its customers (e.g. in Google Analytics), data may be stored for periods longer than those specified above.
When AdMob associates information about a signed-in Google user’s activity with the user’s Google Account, the user can access that activity through My Activity, as described above. Signed-in Google users can also export all their My Activity records (including ads-related records) via Download your data.