top of page

Política de Privacidad de Smart Home

Policies for Actions on Google

Policies for Actions on Google

This policy is designed to provide guidance to developers building on the Actions on Google platform, including Actions that will be published in the Directory. Some partners may have access to additional APIs and be subject to varying policies.

For the purposes of this policy, the term “Action” applies to either the Action project or individual Actions within that project. This policy applies to all aspects of Actions, including their content, advertising content (where permitted), behavior, and listing information in the Directory.

Avoiding a policy violation is always better than managing one, but when violations do occur, we’re committed to ensuring developers understand how they can bring their Action into compliance.

If your Action violates our policy, you may receive an email notification with a specific reason for removal or rejection. Repeated or serious violations of the policy will result in termination of individual, related or partner accounts.

We may also limit the discoverability of your Action if it is low quality (such as failing to gracefully handle user queries), unhealthy (such as crashing or exiting unexpectedly), limited in purpose (only useful to a small set of users), or contains content that is inappropriate for most audiences. Please note that Actions on Google only allows submissions of Actions by developers who are 18 years of age or older at the time of the submission.

Content Restrictions

Sexually explicit

We don't allow Actions that facilitate or promote sexual gratification or sexually explicit content. This includes:

  • Pornographic, sexually explicit, or erotic content.

  • Content that describes sexual acts or sex toys.

  • Escort services or other services that may be interpreted as providing sexual acts in exchange for compensation.

  • Content that describes or encourages bestiality.

Child Safety

Google has a zero-tolerance policy against child sexual abuse content, or Actions promoting the sexual exploitation of minors. If we become aware of content or Actions facilitating or promoting the distribution of child sexual abuse content, we will report it to the appropriate authorities and delete the Google Accounts of those involved with the distribution.

Violence and dangerous activities

We don't allow Actions that facilitate or promote gratuitous violence or dangerous activities. This includes:

  • Graphic descriptions of realistic violence or violent threats to any person or animal.

  • Terrorist groups documenting their attacks.

  • Instructions for engaging in or facilitating violent activities, including bomb-making or weapon-making.

  • Self-harm, including instructions to carry out self-harm.

We don’t allow Actions that facilitate the sale of explosives, weapons, firearms and related components.

If your Action contains content that may be inappropriate for a general audience, discusses mature themes, or contains disturbing or distressing content, it must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Assistant directory description.

Bullying and harassment

We don't allow Actions that facilitate threats, harassment, or bullying. This includes content primarily intended to harass or single out another person for abuse, malicious attack, or ridicule.

Hate speech

We don't allow Actions that facilitate or promote content that advocates hate or violence against groups of people based on their race or ethnic origin, religion, disability, gender, age, nationality, veteran status, sexual orientation, or gender identity.

Actions that facilitate or promote near-hate negativity towards a protected group are prohibited. This includes Actions that make inflammatory or excessively negative statements about:

  • Intelligence.

  • Appearance or hygiene.

  • Socio-economic status.

  • Ethics or morality.

  • Disability or medical condition.

  • Criminal history.

  • Sexual activity.

Sensitive events

We don't allow Actions that lack reasonable sensitivity towards, or capitalize on, a natural disaster, atrocity, conflict, death, or other tragic event.

Gambling

We don't allow Actions that facilitate or promote online gambling services, including but not limited to, online casinos, sports betting, lotteries, or games of skill if they offer prizes of cash or other value.

Illegal activities

We don't allow Actions that facilitate or promote illegal activities You are solely responsible for determining the legality of your Action in its targeted locale. Actions determined to be unlawful in locations where they are published will be removed.

Alcohol & Tobacco

Actions that facilitate or promote the sale of alcohol or tobacco, or related products, are allowed in countries listed in Google’s Alcohol Adwords policy.

All Actions must:

  • Implement account linking and verify user meets legal age requirements

  • Comply with all restrictions or procedures required by an applicable local law

These requirements apply to all alcohol beverage products, including wine, beer, spirits, and alcohol kits, and tobacco products, including cigarettes, cigars, rolling tobacco, and e-cigarettes.

Actions that sell alcohol or tobacco cannot use the Food Order Direct Action API to complete transaction.

Alcohol and tobacco branded Actions must include age verification at the beginning of the conversation.

We don’t allow Actions that promote excessive use of alcohol or tobacco, or use by minors

Recreational Drugs

We don’t allow Actions that facilitate the sale or production of recreational drugs.

Health

We don't allow Actions that involve transmission of information that could be considered protected health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). Google is not able to commit that the Actions on Google platform can meet the requirements of HIPAA or other similar medical data regulations.

We also don’t allow Actions that provide, collect, or store personal medical information, including data that could be considered data concerning health under the General Data Protection Regulation (GDPR).

Actions that provide health information must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Directory description.

Actions providing fitness functionality, including activity monitoring (calories burned, steps taken, etc.), weight data, and BMI are permitted.

Financial Services

We don’t allow Actions that provide services or store sensitive financial data in violation of applicable legal obligations. Google is not able to commit that the Actions on Google platform can meet all requirements set by financial regulations.

Financial data or authentication data cannot be collected via the conversational interface. This includes, for example, bank account or credit card numbers, or PIN/passwords. PIN/passwords that are unique to the Actions on Google platform are allowed.

Peer to peer transfers are not permitted, unless using App Actions. Actions that provide bank account information, such as credit balances, must implement account linking.

Actions providing general financial information, including interest rates and stock prices, are permitted.

Emergency Services

We don’t allow Actions that enable users to contact emergency responders. For example 911 or 999 services.

Language

For each language your Action supports, the Directory listing information (descriptions, privacy policy, etc.), grammars, and text-to-speech-read text must predominantly be in the same language.

Mature Content

If your Action contains content that may be inappropriate for a general audience, discusses mature themes, disturbing or distressing content, or frequently has profanity, it must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Assistant directory description.

User-Generated Content

If your Action contains user-generated content, it must include a warning indicating as such at the beginning of the user’s first conversation with the Action and in the Assistant directory description.

Intellectual Property, Deception, and Spam

Intellectual property

We don't allow Actions or developer accounts that infringe the intellectual property rights of others, including trademark, copyright, patent, trade secret, and other proprietary rights. We also don't allow Actions that encourage or induce infringement of intellectual property rights.

We will respond to clear notices of alleged copyright infringement. For more information or to file a Digital Millennium Copyright Act request, please visit our copyright procedures.

If you are a trademark owner and you believe an Action is infringing on your trademark rights, we encourage you to reach out to the developer directly to resolve your concern. If you can't reach a resolution with the developer, please submit a trademark complaint through this form.

Impersonation

We don't allow Actions that use another Action or entity's brand, title, logo, or name in a manner that may result in misleading users. Impersonation can occur even if there isn't an intent to deceive, so please be careful when referencing any brands that do not belong to you. This applies even if that brand doesn't yet have a presence on the Directory.

Encouraging infringement of copyright

We don't allow Actions that induce or encourage copyright infringement. Before you publish your Action, look for ways it may be encouraging copyright infringement and get legal advice if necessary.

Trademark infringement

We don't allow Actions that infringe on others' trademarks. A trademark is a word, symbol, or combination that identifies the source of a good or service. Once acquired, a trademark gives the owner exclusive rights to the trademark usage with respect to certain goods or services.

Trademark infringement is the improper or unauthorized use of an identical or similar trademark in a way that is likely to cause confusion as to the source of that product. If your Action uses another party's trademarks in a way that is likely to cause confusion, your Action may be removed.

Deceptive behavior

We don't allow Actions that attempt to deceive users. Actions must provide accurate disclosure of their functionality and perform as reasonably expected by the user. Actions must not attempt to mimic system functionality or warnings of any kind. Any changes to device settings must be made with the user's knowledge and consent and be easily reversible by the user.

Misleading claims

We don't allow Actions that contain false or misleading information or claims, including in the trigger phrase, description, title, or icon. Don't try to imply an endorsement or relationship with another entity where none exists.

Examples of misleading claims include:

  • Misrepresenting or not accurately and clearly describing Action functionality, for example:

    • An Action that claims to be a food delivery service in its description or invocation, but is actually a ride-sharing service.

    • An Action that claims to be a restaurant reservation service, but only contains restaurant reviews.

    • An Action that uses a trigger phrase related to coffee, but is actually a pizza delivery service.

  • Misrepresenting the current status or performance on the Directory (e.g. "Editor's Choice," "Number 1 Action").

  • Featuring deceptive content that may interfere with public voting procedures

  • Featuring medical or health-related functionality or content that is misleading or potentially harmful.

  • Claiming functionality that is impossible to implement.

  • Actions that are improperly categorized.

  • Misleading a user as to the content or destination of a link.

Unauthorized use or imitation of system functionality

We don't allow Actions that mimic or interfere with device or Assistant functionality. Examples of prohibited behaviour include:

  • Using a voice for your Action that mimics the Google Assistant's voice.

  • Mimicking system notifications or warnings.

  • Pretending to be Google or another Google Action.

Spam

We don't allow Actions that spam users or the Directory in any way. Examples of spammy behavior include:

  • Actions that push content to users' mobile devices without their permission or send excessive or irrelevant content using the Update API.

  • Actions whose primary purpose is to drive traffic to a website or app.

  • Submitting multiple duplicative Actions to the Assistant directory.

Privacy and Security

User data

You must be transparent in how you handle user data (e.g., information provided by a user, collected about a user, and collected about a user's use of the Action or device). This policy establishes the Directory's minimum privacy requirements; you or your Action may need to comply with additional restrictions or procedures if required by an applicable law. For additional privacy requirements concerning Actions for Families, please refer to the Actions for Families Program Requirements.

All Actions must:

  • Provide a link to a privacy policy in the Directory's designated field

    The privacy policy must, together with any in-Action disclosures, comprehensively disclose how your Action collects, uses, and shares user data, including the types of parties with whom it's shared. It must be written in each of the languages your Action is enabled for. You must limit your use of the data to the activities described in the disclosures.

  • Handle all user data securely

    All transmissions of user data must use modern cryptography, and your Action's interaction with the Actions on Google APIs must use HTTPS.

  • Request sensitive user data via the Permissions API

    All requests for a user's location and name.

  • Accurately describe the reason for requesting user data or implement account linking

    You must clearly and accurately disclose the legitimate business reason for requesting user data including email, telephone number, date of birth, gender or personal preferences. If you are using the Permissions API you must disclose this in the "context" field in the corresponding method.

Actions are prohibited from requesting the following data via the conversational interface (text, image or speech)

  • Payment or financial data

    Examples: credit and bank account numbers. Refer to the Financial Services policy.

  • Authentication data

    Examples: this includes full or partial passwords or PINs.

    Note: One time passwords or answers to security questions may be requested if account linking has been implemented.

  • Identity data

    Examples: passport number, National ID number, Social Security number, Drivers license number or Tax IDs.

  • Healthcare data

    Refer to the Health policy.

  • Sensitive Personal Information

    Examples: requesting an individual's ethnicity, political affiliation, sexual orientation, or religious affiliation.

Account linking and Identity

You may use Google Sign-In and/or the Account Linking API with OAuth 2 to create a link between a Google user and an existing non-Google account on your system. When implementing account linking using OAuth, you must own your OAuth endpoint or have control over it with an OAuth service provider. Do not provide URLs from Identity Providers directly in your Actions on Google configuration. Only one OAuth config per action package is permitted.

Don't use any other method to associate a Google user with an account on your system, including using an association from another Action engaging in account linking. For example, if you offer multiple Actions requiring account linking, each Action must independently use the Account Linking API — using the configuration defined in the respective action package — to associate the Google user with the existing account.

If you initiate account linking mid-conversation, then prior to triggering the account linking process you must explain why you are prompting the user to link their account.

Don't request any OAuth scope from Google unless the user is signing in to your service using Google Sign-In. Don't encourage users to agree to additional Google OAuth scopes by directing them to a website or Action.

Device and network abuse

We don't allow Actions that interfere with, disrupt, damage, or access in an unauthorized manner the user's device or other devices, computers, servers, networks, application programming interfaces (APIs), or services. This includes other Actions, any Google service, and the device's network.

Malicious behavior

We don't allow Actions that steal data, secretly monitor or harm users or that are otherwise malicious.

All Actions that collect user data must comply with the User data policy and fully disclose their functions.

The following are explicitly prohibited:

  • Viruses, trojan horses, malware, spyware, and any other malicious software.

  • Promoting or facilitating the distribution or installation of malicious software.

  • Introducing or exploiting security vulnerabilities.

  • Stealing a user's authentication information (such as usernames or passwords).

  • Tricking users into disclosing personal or authentication information.

  • Running other Actions without the user's prior consent.

  • Secretly collecting device usage.

Actions and their listings on the Directory must not provide any means to activate or access functionality that violate these terms.

Security Vulnerabilities

If your Action is associated with a security vulnerability that could be exploited to compromise another Action, application, device, or service, we may remove it to protect users.

Monetization and Ads

No in-conversation ads are permitted.

Naming, Directory Listing, and Promotion

Your Action’s invocation name and Assistant directory listing is how users interact with and discover Actions. Your Action's listing dramatically affects the directory's quality, so avoid spammy listings, low quality promotion, and anything that artificially boosts your Action's visibility. Fill out all of the details required for the directory listing, including providing visible, non-blank icons.

Your Action’s directory listing (including name, descriptions, etc.) must comply with the Prohibited Content and Intellectual Property policies and not include words that are vulgar, sexually explicit, or offensive.

Name Requirements

All Actions must have a unique invocation name that will allow users to trigger the Action's functionality. Action names are unique within each language, so once a name is approved, no other Action can register the same name in the same language. Your directory listing must have at least one sample invocation, all of which must include your Action’s name, for example "Talk to Google Shopping," and consistently triggers your Action.

Names must meet the following requirements:

  • One-word names are not allowed, unless the name is unique to your brand or trademark within the target country. Instructions to request an exception for individual countries are below. Compound words broken into multiple words will not circumvent this requirement, for example key board counts as one word.

  • Two-word names are not allowed if one of the words is a definite article (the), indefinite article (a or an), pronoun (like my), or preposition (for, to, or of). For example, your name should not be a bicycle, an espresso, to amuse or for fun.

  • A name uniquely identifies your Action, so it must distinguish itself from other Actions and from features of the Assistant. We don’t allow names that are:

    • Common phrases (for example, thank you, how are you?, good morning)

    • Confusingly similar with features of the Assistant (especially with home automation, device control, and media playback commands)

    • Potentially confusing users into thinking they are interacting with Google or that Google is promoting, endorsing, or sponsoring content featured in the Action.

    • Generic, including words or phrases that are categories of products, services, or content. We will consider exceptions to this prohibition on a case-by-case basis. Instructions to request an exception are below.

  • Names of people or places are not allowed unless they also contain other words (for example, Bill's horoscope or New York tourism) or you are a government agency of that location (for example, the City of New York can register the name New York City).

  • Some words and phrases are reserved and cannot be used in names, including, ok, Google, launch, ask, tell, load, exit quit, volume up, game, action, assistant, skill, and app. Test your name in the API dashboard to confirm it doesn't use a reserved word or phrase. We may make exceptions for certain reserved words or phrases if used in a qualifying multi-word combination, if the name isn’t confusing, and if it doesn’t otherwise violate these policies. Instructions to request an exception are below.

  • Depending on the language, some characters may be prohibited in the name pronunciation field; for example, languages using the Latin alphabet must contain only lower-case alphabetic characters, spaces between words, possessive apostrophes (for example, Sam's science trivia), or periods used in abbreviations (for example, a. b. c.). Other characters such as numbers must be spelled out, for example, twenty one.

  • Names must be easy to pronounce correctly and be phonetically distinct to avoid being misinterpreted as similar sounding words and other Action names (within the same language). Don't use names that are phonetically similar to ones prohibited by these policies, such as vulgar, offensive, generic, or common names (even if spelt them differently).

In evaluating these policies, we consider the pronunciation of the word, how it’s spelled in the console, and the commonly accepted way to spell the pronounced word (if there is one).

We will consider exceptions to certain naming policies on a case-by-case basis; you can request an exception filling out this form and requesting an Invocation Name assistance.

Examples of Generic Names

Not allowed:

  • My Travel Agent

  • Smart Home

  • Grocery Store

  • Game Action

Allowed (for illustrative purposes only and subject to other policies)

  • Using or adding made-up words or arbitrary phrases (Foobar Action, Foobar Smart Home)

  • Adding a non-generic brand name (Google Travel, Bob’s Travel Agent)

  • Adding descriptive adjectives and adverbs (Fast Hotel Search, Worldly Traveler)

  • Using your full domain name, including top level domain (SmartHome.com)

Consistent names

Your Action's invocation name must be a phonetic version of its display name. Permitted differences include: punctuation, spaces, and using numerals vs. spelling out numbers and ordinals (such as three vs. 3 or third vs. 3rd).

Description

The description of your Action must accurately describe its functionality and the services or content it provides. Here are a few best practices for writing a description of your Action:

  • Provide a clear, succinct description of how your Action can help users, for example, "You can use this Action to do X." Excessive length, detail, or repetition in your Action description can result in a violation of this policy.

  • Highlight what's great about your Action. Share interesting and exciting facts about to help users understand what makes your Action special.

  • Make sure that your Action's title and description accurately describes its functionality.

  • Avoid using excessive, repetitive, or unrelated keywords or references.

  • Disclose whether your Action requires payment for any of its features.

User testimonials are not allowed in the Action's description.

Privacy Policy

All Actions must include links to their Privacy Policy in their Directory listing, which must comply with the Privacy and Security policies.

Promotion

We don't allow Actions that directly or indirectly engage in or benefit from promotional practices that are deceptive or harmful to users or the developer ecosystem. This includes Actions that engage in the following behavior:

  • Using deceptive ads on websites, Actions, or other properties, including notifications that are similar to system notifications and alerts.

  • Manipulating or inflating usage statistics, and product ratings, ranking or reviews.

  • Engaging in unsolicited promotion via SMS services.

  • Offering compensation for using Actions, including money, digital or physical goods.

It is your responsibility to ensure that any ad networks or affiliates associated with your Action comply with these policies and do not employ any prohibited promotion practices.

Actions for Families

If your Action targets children or provides content explicitly for children, it must participate in the Actions for Families program. This includes both Actions targeting children as their primary audience or as one of their audiences.

The word “child” can mean different things in different locales and in different contexts. It is important that you consult with your legal counsel to help determine what obligations and restrictions may apply to your Action. The Actions for Families program is available in every Actions on Google locale except for the following: Morocco, Tunisia, and Yemen.

Program Requirements

Actions on Google offers a platform for developers to showcase their high-quality, age-appropriate Actions for children and families. Before submitting an Action to the Actions for Families program, you are responsible for ensuring your Action is appropriate for children and compliant with all relevant laws.

Actions participating in the Actions for Families program must meet the eligibility criteria in this section and comply with the Terms of Service for Actions on Google, including the Actions for Families Addendum.

Actions on Google reserves the right to reject or remove any Action determined to be inappropriate for the program.

Eligibility Criteria

  1. Your Action targets children as its primary audience or as one of its audiences.

  2. If your Action is not targeting children as one of its audiences, like general utility Actions such as home automation or productivity Actions, it cannot participate in the Actions for Families program.

  3. All Actions for Families Actions must be appropriate for children. Actions can not contain any inappropriate material, including adult content, crude humor, profane language, violent content, or self harm content.

  4. The primary purpose of the Action cannot be to widely share unmoderated user-generated content, such as a social networking or user-forum Action.

  5. Actions may not collect or solicit any personally identifiable user data.

  6. Actions must not contain ads, including in streaming media. Self-promotional messages are acceptable if the subject matter, content and language is appropriate for children.

  7. Actions may not use Google sign-in (account linking), request OAuth scopes, access most user data APIs (except for coarse device location), or access any transaction APIs.

  8. You represent that your Action, and any APIs or SDKs that your Action calls or uses, are compliant with the U.S. Children’s Online Privacy and Protection Act (COPPA), E.U. General Data Protection Regulation (GDPR), and any other applicable laws or regulations.

Actions accepted to the Actions for Families program are required to continue to meet the program’s standards at all times, including in subsequent updates.

Other

User Experience

To ensure a great user experience, your Action must operate as described, provide a high-quality user experience, and take advantage of the platform's features.

Actions should follow the guidance for Conversation Design. Actions that significantly deviate from the user-interface design guidance or have poor user experiences may be disabled from specific surfaces, be rejected, or removed from the Directory, including for:

  • Suggesting the Action supports a larger scope of commands than it actually does, within the conversation or Directory listing.

    • For example, if the Action says "Ask me anything," but the Action can only answer the question "Who is president of the United States?".

  • Listening for a user command without a prompt such as a greeting, or an implicit or explicit question.

    • For example, if the Action answers a user's question and then starts to listen for an additional command without asking a follow up question.

  • Listening for user responses during an app experience with no implicit or explicit prompts and failing to set expectations with the user about the nature of the interaction

    • For example, a language-learning Action listens for responses without explaining to the user at the beginning how the interaction will take place.

  • Failing to function properly on all Assistant-enabled devices that support the Action’s required capabilities.

    • For example, if the Action functions on the Google Home device but not on the mobile device.

  • Playing a silent sound file without a clear purpose.

    • For example, if the Action opens and plays a silent sound file with no explanation.

  • Misusing interaction features on Assistant-enabled devices.

    • For example, triggering the Google Home LED lights outside of their intended purpose noted here.

  • Continuously playing text-to-speech or recorded audio for longer than 240 seconds unless using the Media Response API.

  • Having broken links or images.

  • Branding or labeling your Action during the user interaction with terminology associated with a non-Google developer platform.

  • Failing to provide alternate text and voice for images in non-graphical interfaces.

  • Audio not matching visual text and via text-to-speech in graphical interfaces.

  • Registering or creating misleading or irrelevant intents to your Action.

    • For example, selecting a built-in intent for ‘Order a Taxi’ when your Action provides weather information.

  • Including unnecessary descriptive words, such as adjectives, adverbs, or ambiguous terminology in suggestion chips.

    • For example, ‘Buy Best Pizza’ or ‘Try your luck’.

In addition, we reserve the right to reject Actions on the basis of content or functionality that are not explicitly prohibited by these policies, but that run contrary to these policies in spirit. In the event that your Action is rejected or removed under this section, we pledge to provide an explanation of our decision.

Special Requirements for Certain Use Cases

Certain APIs have special requirements, if your Action uses them, then it must also comply with those requirements.

Transactions

All Actions must comply with these requirements:

  1. Don’t expressly direct users to a website, phone number, mobile app or alternative payment method to complete a transaction, whether within the Action via links or suggestion chips, or in the Action description. For example, don’t tell a user to visit a website, Action, or physical location (or provide a linkout chip) with a call to action to checkout or pay. This restriction does not apply to App Actions.

  2. If your Action enables users to complete a physical goods or services transaction, or make a reservation or booking, it must implement the Transactions API for Assistant. This does not include adding items to a basket.

  3. If your Actions enables users to complete a digital transaction or buy a subscription, it must implement the Digital Purchase API.

The following purchases and transactions (any agreement between a user and a business to fulfill a good or service) are supported on Actions on Google:

  1. Physical goods or services including:

    • Purchase or sale of physical goods (such as groceries, clothing, housewares)

    • Purchase of physical services (such as car services, cleaning services, airfare, food delivery, tickets for live events)

    • Reservations and bookings (such as hotel rooms)

  2. Digital goods or services including:

    • Purchase of digital goods (such as virtual currencies, extra lives, additional playtime, and special items)

    • Subscription services (such as fitness, dating, education and content subscription services)

    • Access to Action functionality and features (such as content or services)

Currently, Actions on Google does not support money transfers from one user to another, either directly or via a licensed money transmitter or donations to charitable or political entities. This restriction does not apply to App Actions.

Transactions API and Digital Purchase API Requirements

All Actions implementing the Transactions API, Digital Purchase API (a Google Play Billing service), or using Direct Actions (including the Food Order Direct Action API) must comply with these requirements:

  1. Abide by the Transaction Terms in the Terms of Service for Actions on Google.

  2. Implement all of the required methods and parameters, including proper order handling and acknowledgements, and don’t create duplicate orders.

  3. Provide accurate and timely information, including prices, and descriptions

  4. Provide your own customer service, and provide a customer service contact phone number and/or email address.

  5. Only use personal information obtained via the conversational interface to facilitate that transaction, including sending receipts, confirmations, and updates. You must independently obtain the user’s consent (via an opt-in) to use that information for any other purpose, including marketing.

  6. For Actions using the Digital Purchase API only:

    • Only features or services bought within the Action, or on another platform under the same title as the Action, can be accessed by the user on the Actions on Google platform

    • Actions must not directly or indirectly lead users to a payment method other than via the Digital Purchase API, either within or outside of the action.

  7. For Actions using the Transactions API only (as Google does not provide these features):

    • Implement all required callback APIs related to providing transaction status updates within the specified time periods, and any follow-up actions.

    • Provide an accurate and itemized receipt to all users by email and correctly set all related parameters for transactions where money is exchanged.

Data Feeds

If you provide us with catalogs, menus, or other data via a data feed or other mechanism, the data must comply with these policies, including the sections on Prohibited Content and Intellectual Property. You must correctly implement all technical requirements and provide content for all required fields. The data provided must be relevant to the use case of feed and accurate. We may disable the feed (or a portion of it), disable use of the data, or takedown any related Actions for violations of these policies or if they create a poor user experience.

Smart-Enabled Devices

Actions controlling smart devices must ensure minimum security and safety precautions when the Action can:

  • Unlock doors or disable physical security mechanisms.

    • For example, unlocking car doors.

  • Disarm or disable security or surveillance systems.

    • For example, turning off a house alarm system.

  • Operate devices that are capable of causing physical harm.

    • For example, a cooking stove.

While the nature of the security and safety precautions may vary by the type of device, at minimum these devices must require account linking and a secondary user verification, such as confirmation on a secured mobile device or a password/PIN.

Security or surveillance Actions must not log PII of individuals outside the primary user without their consent. For example, doorbell Actions cannot log information about who may be at the door without the express consent of that individual.

We do not allow Actions that instruct passenger transport vehicles to move. We also have additional restrictions related to Actions for passenger transport vehicles.

Conflicting Terms

These policies do not limit or amend any terms of service or other agreements that apply to the user's use of the applicable Google products or services, unless the policies expressly state that they are amending specific terms of service or agreements.

Change Log

  • 10/8/2019 - Updated misleading claims policy.

  • 7/29/2019 - Made changes to the introduction to the Policies for Actions on Google, Child Safety, Financial Services, User Data, Actions for Families, and Transactions sections.

  • 5/7/2019 - Made changes to the transactions policy referencing App Actions.

  • 4/18/2019 - Made changes to health policy.

  • 2/6/2019 - Made changes to user experience policy and violence and dangerous activities.

  • 1/8/2019 - Made minor modifications to the Health policy, Transactions policy, Smart-Enabled device policy, Spam policy, and User Experience policy.

  • 11/6/2018 - Moved list of supported countries for Transactions to the corresponding guides.

  • 10/11/2018 - Updated AFF policy to cover additional locales.

  • 10/4/2018 - Updated Transactions policy to include digital goods, and included Google Sign-In as an option for Account Linking and Identity.

  • 9/25/2018 - Updated AFF policy to include new markets.

  • 9/6/2018 - Updated User Experience policy around implicit and explicit prompts, and made a correction to the transactions policy.

  • 7/17/2018 - Added a security vulnerability policy, and made small amendments to the Promotions policy, Transactions policy, Name requirements, and User Experience policy. In addition, we added an additional introductory language specifying our approach to enforcing our policies and developer communications.

  • 5/22/2018 - Amended the Violence and Dangerous Activities policy to prohibit Actions that facilitate the sale of explosives, weapons, firearms, and related components. We also expanded the availability of the Actions for Family program to include the United Kingdom, France, Italy, Germany, and Japan.

  • 3/27/2018 - Several new policies were added, including a Financial Services policy and Alcohol & Tobacco policy. The Home Automation policy was expanded and re-named the Smart-Enabled Devices policy. Re-formatting or minor changes were made to the Health policy, Transactions policy, User Data policy, and User Experience policy.

  • 2/1/2018 - User Experience, User-generated Content, Mature content, User Data (privacy), Update API (in spam policy), Emergency services apps policy added.

  • 10/4/2017 - The Illegal Activities, Health, Account Linking, Name Requirements, and Transactions sections were updated. The Children section was replaced with the new Apps for Families section.

  • 5/17/2017 - Changes were made to address several new features, including transactions, visual user interfaces, and smart home integrations. We added a policy relating to mature content warnings and clarified parts of the Naming, Directory Listing, and Promotion and User Experience sections.

  • 2/8/2017 - The Gambling, Other Restrictions, and User Experience sections were updated. Several policies were updated and consolidated under the new Naming, Store Listing, and Promotion section. There were also miscellaneous non-substantive changes.

bottom of page