Google is furthering its commitment to protecting cloud data by adopting the ISO 27018 privacy standard for Google Apps for Education. The privacy standard applies to Google Core Services only; it does not apply to the additional, Non-Core services. See List of Services and the Sensitive Data Guide for more information on Core and Non-Core services.
ISO 27018 provides guidance for cloud providers on protecting the personally identifiable information of their customers and their customer's users. To ensure that Google Apps for Education is in compliance with ISO 27018, Google engaged with an outside vendor who verified their privacy practices and contractual commitments.
Some examples of how Google Core Services comply with ISO/IEC 27018:2014:
For more detailed information regarding Google's compliance with ISO 27018, please see Google Apps for Work adopts ISO 27018 cloud privacy standard and check out the Google Apps video User Trust & Security.