Data deletion on Chrome Enterprise

All features in Chrome go through stringent privacy reviews that aim to minimize the data collected. Any data collected must be abstracted from the user whenever possible. For that reason, most data is collected pseudonymously (cannot be reasonably or reliably tied to a user) or completely anonymized. Data is only explicitly tied to a user where necessary for a particular feature to function as expected or to provide adequate support. Here are a few examples:

• So that data is accessible across multiple sessions and devices
• For activity logs in Admin console or myactivity.google.com
• When providing feedback or opening support requests that may need follow-ups

Chrome encrypts all data at-rest. We provide various layers of protection without any action required by our customers. On top of that we support the ability to add encryption directly on your device through custom passphrases.

We have strict requirements and reviews to ensure data is only retained as long as it’s necessary for the functionality, quality, and safety of our features. Generally, personal data will not be retained for longer than 18 months unless it is absolutely necessary for security or the provision of the service. In fact, there are several instances in which data is stored for much shorter time periods. For example, customer data collected by Chrome’s AI tools are generally stored for 28 days or less. When a user’s content (for example, bookmarks and passwords) is stored in their account, it will be stored until it’s deleted by the user or their account becomes inactive.

Customer data is stored to optimize performance and availability. This means that data is often stored in the nearest available data centers, but may also be distributed globally for redundancy. Review our SOC3 reports to see all data centers in which data may be stored.

The deletion of customer data begins when you initiate a deletion request. Generally, a deletion request is directed to a specific resource or your Google account. Deletion requests might be handled in different ways depending on the scope of your request:

• Google Account deletion: Deleting a Google account deletes all data that isn't associated with an organization and that is solely owned by that account. When there are multiple owners the data will not be deleted until all owners delete the data or their Google account.
• Activity/Data deletion: A user may use myactivity.google.com to delete data tied to their account without deleting their account. See How Google helps you delete data from your account for more details.

Only data that can be reasonably tied to a users’ account can be deleted. Please note that once the deletion process starts, Chrome makes no guarantees as to the ability to recover data. Chrome may take up to 180 days to fully remove data from all of our systems, but it may also complete much sooner.