A helpful home is
a private home.
Your home is a special place. You want to trust the things you bring into your home. And we’re committed to earning that trust with devices and services designed to help create a home that takes care of the people inside it and the world around it.
We live by the same core privacy and security principles that guide all of Google’s work. This guide explains how we respect your privacy and keep your connected home devices and services secure.
Which devices and services do these commitments apply to?
Our commitment to privacy in the home – outlined in this guide – applies to our connected home devices and services that use Google Accounts and carry the Google Nest, Google Home, Nest, Google Wifi, or Chromecast brand. This means it will also apply to people who migrate from Nest Accounts to Google Accounts. In addition, Google’s Privacy Policy also applies to the devices and services listed above; for example, it describes how we use service providers, how we may share non-personally identifiable information, and how and when we may store and share your information for legal reasons – none of which are affected by the commitments below. Also, note that you can use many other Google services with your connected home devices, such as YouTube, Google Maps, and Google Duo. When you use these other Google services, what data those services collect and how that data is used are determined by the terms of those individual services and Google’s Privacy Policy.
Why do we make these commitments to you?
We want you, your family, and your guests to feel comfortable using these devices and services, since their purpose is to help and to provide peace of mind. We also recognize that we’re a guest in your home, and we respect and appreciate that invitation. Technology in the home is dynamic and evolving, so we’ll approach our work with humility, a commitment to seeking out many points of view, and an eagerness to learn and adapt.
COMMITMENT
Technical Specifications Transparency
When our connected home devices include cameras, microphones, or environmental or activity sensors that detect information about your home environment, we’ll list these hardware features in the device’s technical specifications — whether or not they’re enabled.
COMMITMENT
Published Sensors Guide
We will clearly explain what types of information these sensors send to Google, as well as give examples of how we use that information in our Sensors Guide, to help you better understand their purpose.
COMMITMENT
Responsible Advertising Practices
For all our connected home devices and services, we will keep your video footage, audio recordings, and home environment sensor readings separate from advertising, and we won’t use this data for ad personalization. When you interact with your Assistant, we may use those interactions to inform your interests for ad personalization. For example, if you ask, “Hey Google, what’s the weather in Hawaii in July?” we may use the text of that voice interaction (but not the audio recording itself) to show you personalized ads. You can always review your Google settings to control the ads you see, including opting out of ad personalization completely. Learn more about the Google Assistant and the choices available to you here.
COMMITMENT
Independent Security Assessment
Google Nest connected home devices released in 2019 or later are validated using third-party, industry-recognized security standards, and we publish the validation results.
COMMITMENT
Invest in Security Research
Google Nest participates in the Google vulnerability reward program.
Why it matters
This industry practice provides monetary rewards and public recognition for external security researchers who disclose vulnerabilities to the Nest Security team. We want responsible security researchers to examine our products and we pay monetary rewards only after the disclosed vulnerabilities are fixed. Through this program, the Nest Security team can learn about and address vulnerabilities before they can be exploited.
How does this make Nest devices more secure?
If someone outside of Google discovers a security vulnerability in one of our devices, we want to know about it. To qualify for a monetary award, the researcher must wait for Google to patch the vulnerability before disclosing it to anyone else. This program creates an incentive for security researchers around the world to help us make our devices more secure.
How else does Google find security vulnerabilities?
We have dedicated security teams that analyze the hardware and software of each device before it’s available to the public, and we do our best to make sure our devices are secure. After the initial verification is performed, we also continue to analyze risks and security threats after devices are introduced and provide automatic, critical security updates for at least 5 years.
COMMITMENT
Google Account Security
We help keep your Google Account secure with tools and automatic protection like suspicious activity detection, Security Checkup, and 2-step verification.
Why it matters
We help keep your Google Account secure with:
- Suspicious activity detection sends you notifications whenever we detect unusual or potentially dangerous activity, such as suspicious sign-ins to your account.
- Security Checkup helps you secure your account and manage your online security through personalized guidance.
- 2-step verification strengthens your account security, by adding a second verification step when you sign in, like a prompt from a trusted device or the use of a physical security key.
What is suspicious activity?
Google looks for activity that seems like it isn’t being performed by you. For example, if there’s an attempt to sign into your account from an unrecognized device.
How does 2-step verification protect my account?
2-step verification makes it harder for someone to sign into your account, even if they have your password. When 2-step verification is enabled, anyone signing in to your account will need to complete a second step, or “factor,” before signing in. You can choose from multiple second factors, including a text message, a code from the Google Authenticator app, or a notification from an installed Google app.
I have a Nest Account and use that to sign in to the Nest app. Why should I switch to a Google Account?
Migrating to a Google Account gives you new benefits, like:
- Automatic security protections such as suspicious activity detection, 2-step verification, and Security Checkup.
- Your Google Nest devices and services work together. For example, if you have a Nest Cam and a Chromecast, just say, “Hey Google, show me the backyard camera” to cast your camera stream to your TV without any setup.
- One account to sign into both the Nest and Google Home apps.
- Your homes and home members are aligned across the Nest and Google Home apps.
Anyone with an existing Nest Account can migrate to a Google Account. To migrate your account, in the Nest app, go to Account settings, and then select Migrate to a Google Account.
COMMITMENT
Automatic Security Updates
We provide automatic, critical security updates for Google Nest devices for at least 5 years from the date we start selling them.
Why it matters
We employ many layered defenses to protect users, however, technology changes and new threats arise. So we commit to providing automatic software security updates that address critical issues known to Google Nest. We will publish a list of devices and how long we commit to providing updates for them.
How do I know if my device is getting updates?
We publish a list of Google devices showing the minimum committed date range for critical security updates.
What is outside the scope of security updates?
Security updates don’t address vulnerabilities that result from a device being used in a way that it wasn’t intended, or that might compromise its security. For example:
- Devices that aren’t properly factory reset before being given to someone else
- Accounts that don’t use 2-step verification
- Devices made by other manufacturers that haven't been assessed by Google and may have access to your network and Google Nest devices
COMMITMENT
Verified Software
So that Google Nest devices run only the software they’re supposed to, we verify software before it’s installed. All our devices released in 2019 and after use verified boot.
Why it matters
We take steps to help prevent malicious software from being installed on Google Nest devices. This helps make sure that no one has access to your account or control of your devices without your permission.
How do you prevent malicious software from running on a device?
First, we cryptographically verify software, making sure it’s signed by Google before it’s installed. Second, our hardware released after 2019 uses Verified Boot to check that it’s running the right software every time the device restarts.
COMMITMENT
Device Transparency
Your Google Account device activity page lists the Google Nest devices that are visible in your Google Home app.
Why it matters
All the devices that you’re signed into will show up in your Google Account device activity page. That way, you can make sure your account is connected only to the devices it should be.
How does a device connect to my Google Account?
Any time you use your Google Account to sign into a phone, computer, app, or connected home device, they’re connected. Make sure you sign out of devices you don’t own or control, and check your Google Account for devices you don’t recognize.
What happens if I see a device I don’t recognize in My Account?
Sign out of the device or home to revoke access and change your password.
Cameras
Cameras serve a variety of purposes in the home, such as capturing memories, connecting with loved ones, and helping you feel secure. Devices like Nest Cam use video to help you keep an eye on your home and alert you when things happen, even when you’re not there.
For all our connected home devices with cameras, we commit to you:
Your camera sends video footage to Google only if you or someone in your home has explicitly turned the camera on or enabled a feature that needs it (such as Nest Cam monitoring). You can always turn the camera off.
When your camera is turned on and sending video footage to Google, we will provide a clear visual indicator (such as a green light on your device).
When video footage is stored with your Google Account (for example, via a subscription to Nest Aware), you can access, review, and delete this footage at any time.
We will only share video footage with third-party apps and services that work with our devices if you or a member of your home explicitly gives us permission.
Nest Hub Max offers on-device camera sensing features that help you personalize and control your experience based on what the camera sees, such as Face Match (which helps your device recognize you) and Quick Gestures (which helps you control your device). Once enabled, these on-device camera sensing features don’t send video or images from your Nest Hub Max to Google.
How can I review and delete my stored video footage?
You can review and delete stored video footage either through the Nest app (in the case of Nest Cam recordings) or My Activity (for interactions with Google Assistant).
Do Nest Hub Max’s camera sensing features ever send video or images from my home to Google?
Yes, but only as part of the Face Match setup process, and not after you’ve completed setup. When you set up Face Match on your Nest Hub Max, you use your phone to capture several photos that are combined to create a unique model of your face. These photos are sent to Google, and you can review or delete them anytime by visiting My Activity. After this setup process, Face Match does not send any video or images to Google. And Quick Gestures does not require sending any video or images to Google at all. In addition, we keep the video and images that power these features separate from advertising and don’t use them for ad personalization.
Are there times when video footage is sent to Google servers without a visual indicator?
Some models of our cameras support recording video footage while offline. For these cameras, video footage will be uploaded when the camera goes back online after the video footage has been recorded. That means you may not see a visual indicator when your camera is sending the video footage to our servers -- but in those instances, a visual indicator would have been visible when the camera was actually recording the video footage.
Microphones
Microphones serve a variety of purposes in the home, such as letting you control devices throughout your home using just your voice, detecting unexpected activity in your home when you’re not there, and making a voice call using a smart speaker or display.
For all our connected home devices with microphones, we commit to you:
Your device will only send audio to Google if we detect that you or someone in your home is interacting with your Assistant (for example, by saying “Hey Google”), or if you use a feature that needs it (for example, sound alerts on Nest Cam, or Nest Cam video recording with audio enabled). You can always turn the microphone off.
When your microphone is turned on and sending audio to Google, we will provide a clear visual indicator (such as flashing dots on top of your device or an on-screen indicator).
When audio recordings are stored with your Google Account (for example, the audio from your Nest Cam footage when you’ve subscribed to Nest Aware), you can access, review, and delete your recordings at any time.
We will only share audio recordings from your devices with third-party apps and services that work with our devices if you or a member of your home explicitly gives us permission.
How can I review and delete my stored audio recordings?
You can review and delete stored audio recordings either through the Nest app (in the case of Nest Cam recordings) or My Activity (for interactions with the Google Assistant). You can also delete your Google Assistant activity with voice commands.
Are my Assistant voice queries used to inform ad personalization?
We keep your audio recordings separate from advertising and don’t use them for ad personalization – but when you interact with your Assistant by voice, we may use the text of those interactions to inform your interests for ad personalization. You can always review your Google settings to control the ads you see, including opting out of ad personalization completely. Learn more about Google Assistant and the choices available to you here.
Are there times when audio recordings are sent to Google without a visual indicator?
Sometimes, such as when it is faster to fulfill your Google Assistant request locally, on the device, your audio recording will be transmitted to Google servers only after the visual indicator has turned off and your request has been fulfilled. In these instances, the visual indicator will be visible when the microphone is active, as opposed to when the audio data is transmitted to Google servers.
Home sensors
Some of our devices include sensors that detect information about your home’s environment and what’s happening in it, such as motion, whether or not someone is home, ambient light, temperature, and humidity. These sensors serve a variety of purposes, such as helping your home take better care of you – like when your Nest Learning Thermostat turns itself down when you’re away – and helping us make your devices and services better.
For all our connected home devices with these environmental and activity sensors, we commit to you:
We’ll help you understand how the sensor readings collected from your home environment are used in our devices and services. That’s why we’ve published this guide to sensors in our devices.
We will only share your device sensor data with third-party apps and services that work with our devices if you or a member of your home explicitly gives us permission.
Why does Google collect environmental and activity sensor data from my home, and how is it used?
Our devices include environmental and activity sensors that detect information about your home’s environment and what’s happening in it, such as motion, whether or not someone is home, ambient light, temperature, and humidity. Data from these sensors, which is regularly sent to Google, serves a variety of purposes, such as helping your home take better care of you, helping us make your devices and services better, and keeping you informed. For example:
- The temperature and humidity sensors in your Nest Learning Thermostat help keep your home comfortable while saving energy.
- Home/Away Assist uses activity sensors across multiple Nest devices in your home to automatically switch the behavior of Nest devices in your home when you leave and when you come back.
- We used ambient light and temperature sensor data aggregated from thermostats across our customers to determine that direct sunlight can cause thermostats to think it’s warmer than it actually is, so we introduced Sunblock, a new feature, to help your thermostat adjust for this so it sets the correct temperature.
- We use sensor data to help us troubleshoot and improve the performance, safety, and reliability of our devices and services – for example, we use temperature and humidity data from our devices to measure the impact of environmental conditions on battery life.
- We may also use sensor data to keep you informed of updates on Google services, including connected home services we think may interest you, such as energy and home safety programs – but we’ll always respect your choice about whether or not you want to receive promotional emails from Google.
- We do not use environmental and activity sensor data for ad personalization. For example we don’t use sleep data from your Nest Hub (2nd. gen) for ad personalization. (Remember that to fulfill some requests related to your connected home devices — for example, “Hey Google, what’s the temperature inside?” — your Assistant can retrieve a sensor reading. Learn more about the Google Assistant and the choices available to you here.)
- When you delete your account, this sensor data is deleted from our servers as explained in our retention policy.
Wifi data
Google Wifi devices are router systems that work with your modem and internet service provider to create a whole-home Wi-Fi mesh network. These devices use data about your network performance (for example, network speed and bandwidth usage) to help provide and improve your Wi-Fi coverage and experience. It also allows you to see which devices are connected and how much bandwidth they use.
For Google Wifi devices, we commit to you:
Google Wifi devices do not track the websites you visit, nor do they monitor the content of traffic on your Wi-Fi network.
We keep your Wi-Fi network performance data separate from advertising and don’t use it for ad personalization.
We will only share your Wi-Fi network performance data from your Google Wifi devices with third-party apps and services that work with our connected home devices if you or a manager of your Wi-Fi network gives us permission.
Why is data from my Google Wifi router sent to Google, and how is it used?
Google Wifi collects and uses data as explained here, including information about the types of connected devices you have and their network usage. The cloud services, Wifi point stats, and app stats data described here (which we refer to as “Wi-Fi network performance data”) is not used for ad personalization. We may use this data to keep you informed about updates on Google services, including connected home devices and services we think may help you — such as an additional Wifi point to improve your internet connectivity. You can opt out from certain portions of this data collection as explained here.
Google Wifi does not track the websites you visit, nor does it monitor the content of traffic on your Wi-Fi network. Google Wifi sets your default DNS provider to “Automatic,” which uses Google Public DNS or your Internet Service Provider’s (ISP) DNS if certain conditions are met. More info on what Google Public DNS collects can be found here. You can change your DNS provider in the Advanced Networking settings of the Google Home app at any time.
Google Store.