Google provides translated versions of the Advertising Policies Help Center, though they're not meant to change the content of the policies. The English version is the official language used to enforce Google Ads policies. To view this article in a different language, use the language dropdown at the bottom of the page.
Google Ads store sales measurement allows you to measure how your offline sales are influenced by ad campaigns that Google has carried out on your behalf. It uses offline sales data that you upload (or that a third party uploads on your behalf) to produce a privacy-safe report. Google is committed to protecting the confidentiality and security of the data you share with us. This article provides instructions on how to upload your data, and explains how Google handles the data files you upload (or that a third party uploads on your behalf) for use in store sales measurement.
On this page
How Google handles your data
The data files that you upload, or that a third-party uploads on your behalf, will be used to match your customers to Google accounts and report the offline sales influenced by campaigns that Google has run on your behalf using its ads products.
The data files that you upload or that are uploaded on your behalf are kept confidential and secure using the same industry-leading standards that Google uses to protect its own users’ data.
Here’s how the data you upload is handled:
- Limited data use: Google will only use your data files for store sales (uploads) to provide you services, including technical support, and to ensure compliance with our policies. For example, Google will match the transaction data that you upload with the ad click and view data from ad campaigns that Google has run on your behalf to report offline conversions or perform incrementality studies. To improve your store sales measurement, Google may also combine your uploaded transaction data with data from other Google measurement products you use, such as store visits. For some products, you may also instruct Google to generate Customer Match lists using the transaction data uploaded. Google uses privacy-safe conversion data for the overall benefit of advertisers for certain features such as automated Smart Bidding to improve their overall quality and accuracy.
- Limited data access: Google uses employee access controls to protect your data files from unauthorized access.
- Limited data sharing: Google won’t share your data files with any third party, including other advertisers. Where required, Google may share this data to meet any applicable law, regulation, legal process or enforceable governmental request.
- Data security: Google is committed to ensuring that the systems used to store your data files remain secure and reliable. Google has dedicated security engineering teams to protect against external threats to our systems, and it stores all your data files in an encrypted format to protect against unauthorized access. Google only reports privacy-safe data.
Data security certifications
ISO 27001
Google has earned ISO 27001 certification for the systems, applications, people, technology, processes and data centers serving a number of Google products, including store sales (uploads). Download the Google Ads/Analytics Scope Expansion Certificate — ISO27001 (PDF) or learn more about ISO 27001.
Data hashing
You're responsible for putting together your data files. Customer data needs to be hashed using the SHA256 algorithm, which is the industry standard for one-way hashing.
Only the personally identifiable customer data in your files, such as email, phone numbers, first name, and last name should be hashed. Don’t hash country, state, and zip code data.
- If you are performing a one-time upload of a .csv file through the Google Ads interface, you may choose to upload unhashed data since it will be automatically hashed in the browser upon submission.
- For all other file formats, such as XLS or Google Sheets, and for all other upload types, such as Scheduled Uploads or the Google Ads API, the customer data must be manually hashed using the SHA256 algorithm in the source file prior to submission.
- You must upload the data files using Google Ads or the Google Ads API. Google uses Transport Layer Security (TLS) for your upload, which is the industry standard for securely transferring files.
About the matching process
Google will use the matched transaction records to combine with ad click or view information from campaigns you've instructed Google to run, to produce reports demonstrating offline sales driven by Google advertising.
Email matching
For matching based on your customers’ email addresses, after you've uploaded your data file with hashed email addresses, Google Ads will compare each hashed string in your file with the hashed string or email address of Google accounts. If there's a match, Google will mark those transaction records as matched.
Address matching
For matching based on your customers’ mailing addresses, Google joins hashed name and address information for Google accounts to construct a matching key. After you've uploaded your data file with hashed customer names and addresses (don’t hash zip code and country data), Google constructs a similar key based on your data and then compares each key in your file with the keys based on Google accounts. If there's a match, Google will mark those transaction records as matched.
Phone matching
Similar to email matching, after you've uploaded your data file with hashed phone numbers, Google Ads will compare each hashed string in your file with the hashed string or phone numbers of Google accounts. If there's a match, Google will mark those transaction records as matched.
Last updated: January 2024