This policy is designed to provide guidance to developers building on the Actions on Google platform, including Assistant Apps that will be published in the Directory. Some partners may have access to additional APIs and be subject to varying policies.
This policy applies to all aspects of apps and actions, including their content, advertising content (where permitted), behavior, and listing information in the Directory.
We don't allow actions that facilitate or promote sexual gratification or sexually explicit content. This includes:
- Pornographic, sexually explicit, or erotic content.
- Content that describes sexual acts or sex toys.
- Escort services or other services that may be interpreted as providing sexual acts in exchange for compensation.
- Content that describes or encourages bestiality.
Google has a zero-tolerance policy against child sexual abuse content. If we become aware of content facilitating or promoting the distribution of child sexual abuse content, we will report it to the appropriate authorities and delete the Google Accounts of those involved with the distribution.
Violence and dangerous activities
We don't allow actions that facilitate or promote gratuitous violence or dangerous activities. This includes:
- Graphic descriptions of realistic violence or violent threats to any person or animal.
- Terrorist groups documenting their attacks.
- Instructions for engaging in or facilitating violent activities, including bomb-making or weapon-making.
- Self-harm, including instructions to carry out self-harm.
Bullying and harassment
We don't allow actions that facilitate threats, harassment, or bullying. This includes content primarily intended to harass or single out another person for abuse, malicious attack, or ridicule.
We don't allow actions that facilitate or promote content that advocates hate or violence against groups of people based on their race or ethnic origin, religion, disability, gender, age, nationality, veteran status, sexual orientation, or gender identity.
Actions that facilitate or promote near-hate negativity towards a protected group are prohibited. This includes actions that make inflammatory or excessively negative statements about:
- Appearance or hygiene.
- Socio-economic status.
- Ethics or morality.
- Disability or medical condition.
- Criminal history.
- Sexual activity.
We don't allow actions that lack reasonable sensitivity towards, or capitalize on, a natural disaster, atrocity, conflict, death, or other tragic event.
We don't allow actions that facilitate or promote online gambling services, including but not limited to, online casinos, sports betting, lotteries, or games of skill if they offer prizes of cash or other value.
We don't allow actions that facilitate or promote illegal activities, including the use or sale of alcohol or tobacco by minors. You are solely responsible for determining the legality of your action in its targeted locale. Actions determined to be unlawful in locations where they are published will be removed.
We don’t allow actions that facilitate the sale or production of recreational drugs.
We don't allow apps that:
- Provide, collect or store medical information in violation of applicable legal obligations. Google is not able to commit that the Actions on Google platform can meet the requirements of HIPAA or other similar medical data regulations.
- Provide health information, without a disclaimer that adequately discloses to the user that it is not a substitute for advice from a medical professional.
Apps providing fitness functionality, including activity monitoring (calories burned, steps taken, etc.), weight data, and BMI are permitted.
Mature Content Warning
If your Action contains content that may be inappropriate for a general audience, discusses mature themes, or frequently has profanity, it must include a warning at the beginning of the user’s first conversation with the action and in the Directory description.
Intellectual Property, Deception, and Spam
We don't allow actions or developer accounts that infringe the intellectual property rights of others, including trademark, copyright, patent, trade secret, and other proprietary rights. We also don't allow actions that encourage or induce infringement of intellectual property rights.
We will respond to clear notices of alleged copyright infringement. For more information or to file a Digital Millennium Copyright Act request, please visit our copyright procedures.
If you are a trademark owner and you believe an action is infringing on your trademark rights, we encourage you to reach out to the developer directly to resolve your concern. If you can't reach a resolution with the developer, please submit a trademark complaint through this form.
We don't allow actions that use another action or entity's brand, title, logo, or name in a manner that may result in misleading users. Don't try to imply an endorsement or relationship with another entity where none exists. Impersonation can occur even if there isn't an intent to deceive, so please be careful when referencing any brands that do not belong to you. This applies even if that brand doesn't yet have a presence on the Directory.
Encouraging infringement of copyright
We don't allow actions that induce or encourage copyright infringement. Before you publish your action, look for ways it may be encouraging copyright infringement and get legal advice if necessary.
We don't allow actions that infringe on others' trademarks. A trademark is a word, symbol, or combination that identifies the source of a good or service. Once acquired, a trademark gives the owner exclusive rights to the trademark usage with respect to certain goods or services.
Trademark infringement is the improper or unauthorized use of an identical or similar trademark in a way that is likely to cause confusion as to the source of that product. If your action uses another party's trademarks in a way that is likely to cause confusion, your action may be removed.
We don't allow actions that attempt to deceive users. Actions must provide accurate disclosure of their functionality and perform as reasonably expected by the user. Actions must not attempt to mimic system functionality or warnings of any kind. Any changes to device settings must be made with the user's knowledge and consent and be easily reversible by the user.
We don't allow actions that contain false or misleading information or claims, including in the trigger phrase, description, title, or icon.
Examples of misleading claims include:
- Misrepresenting or not accurately and clearly describing action functionality, for example:
- An action that claims to be a food delivery service in its description or invocation, but is actually a ride-sharing service.
- An action that claims to be a restaurant reservation service, but only contains restaurant reviews.
- An action that uses a trigger phrase related to coffee, but is actually a pizza delivery service.
- Misrepresenting the current status or performance on the Directory (e.g. "Editor's Choice," "Number 1 Action").
- Featuring medical or health-related functionality that is misleading or potentially harmful.
- Claiming functionality that is impossible to implement.
- Apps that are improperly categorized.
- Misleading a user as to the content or destination of a link.
Unauthorized use or imitation of system functionality
We don't allow actions that mimic or interfere with device or Assistant functionality. Examples of prohibited behaviour include:
- Using a voice for your action that mimics the Google Assistant's voice.
- Mimicking system notifications or warnings.
- Pretending to be Google or another Google action.
We don't allow actions that spam users or the Directory in any way. Examples of spammy behavior include:
- Actions that push content to users' mobile devices without the user's permission.
- Actions whose primary purpose is to drive traffic to a website or another app.
- Submitting multiple duplicative actions to the Directory.
Privacy and Security
You must be transparent in how you handle user data (e.g., information provided by a user, collected about a user, and collected about a user's use of the action or device). This policy establishes the Directory's minimum privacy requirements; you or your action may need to comply with additional restrictions or procedures if required by an applicable law.
All actions must:
Handle all user data securely
All transmissions of user data must use modern cryptography, and your action's interaction with the Actions on Google APIs must use HTTPs.
Accurately describe the reason for requesting user data via a permission API
You must clearly and accurately disclose the reason for requesting user data via a permission API by using the "context" field in the corresponding method.
In addition to the requirements above, the table below describes requirements for specific activities and data types.
|Activity / Data Type||Requirement|
|Payment and Financial Data
(including credit card and bank account numbers)
|Don't collect payment or financial data via the conversational interface (text or speech).|
|Email Addresses||Don't collect email addresses via the conversational interface (text or speech).|
(including passwords, PINs, and answers to security questions)
|Don't collect authentication data via the conversational interface (text or speech).
After a user's account has been linked, actions may permit or require users to setup a different PIN or password to limit access via the conversational interface.
You may use the Account Linking API and OAuth 2 to create a link between a Google user and an existing non-Google account on your system. When implementing account linking using OAuth, you must own your OAuth endpoint, so don't provide URLs from other OAuth providers. Only one OAuth config per action package is permitted.
Don't use any other method to associate a Google user with an account on your system, including using an association from another action engaging in account linking. For example, if you offer multiple apps requiring account linking, each app must independently use the Account Linking API — using the configuration defined in the respective action package — to associate the Google user with the existing account.
If you initiate account linking mid conversation, then prior to triggering the account linking process you must explain why you are prompting the user to link their account.
Don't request any OAuth scope from Google unless the user is signing in to your service using Google Sign-In. Don't encourage users to agree to additional Google OAuth scopes by directing them to a website or app.
Device and network abuse
We don't allow actions that interfere with, disrupt, damage, or access in an unauthorized manner the user's device or other devices, computers, servers, networks, application programming interfaces (APIs), or services. This includes other actions, any Google service, and the device's network.
We don't allow actions that steal data, secretly monitor or harm users or that are otherwise malicious.
All actions that collect user data must comply with the User data policy and fully disclose their functions.
The following are explicitly prohibited:
- Viruses, trojan horses, malware, spyware, and any other malicious software.
- Promoting or facilitating the distribution or installation of malicious software.
- Introducing or exploiting security vulnerabilities.
- Stealing a user's authentication information (such as usernames or passwords).
- Tricking users into disclosing personal or authentication information.
- Running other actions without the user's prior consent.
- Secretly collecting device usage.
Actions and their listings on the Directory must not provide any means to activate or access functionality that violate these terms.
Monetization and Ads
No in-conversation ads are permitted.
Naming, Directory Listing, and Promotion
Your app’s name and Directory listing is how users interact with and discover apps. Your app's listing dramatically affects the Directory's quality, so avoid spammy listings, low quality promotion, and anything that artificially boosts your app's visibility. Fill out all of the details required for the Directory listing, including providing visible, non-blank icons.
Your app’s Directory listing (including name, descriptions, etc.) must comply with the Prohibited Content and Intellectual Property policies and not include words that are vulgar, sexually explicit, or offensive.
All apps must have a unique name that will allow users to trigger the app's functionality. App names are unique within each language, so once a name is approved, no other app can register the same name in the same language. Your Directory listing must have at least one sample invocation, all of which must include your app’s name, for example "Talk to Google Shopping," and consistently triggers your app.
Names must meet the following requirements:
- One-word names are not allowed, unless the name is unique to your brand or trademark within the target country. Instructions to request an exception for individual countries are below. Compound words broken into multiple words will not circumvent this requirement, for example key board counts as one word.
- Two-word names are not allowed if one of the words is a definite article (the), indefinite article (a or an), pronoun (like my), or preposition (for, to, or of). For example, your name should not be a bicycle, an espresso, to amuse or for fun.
- An name uniquely identifies your app, so it must distinguish itself from other apps and from features of the Assistant. We don’t allow names that are:
- Common phrases (for example, thank you, how are you?, good morning)
- Confusingly similar with features of the Assistant (especially with home automation, device control, and media playback commands)
- Generic, including words or phrases that are categories of products, services, or content. We will consider exceptions to this prohibition on a case-by-case basis. Instructions to request an exception are below.
- Names of people or places are not allowed unless they also contain other words (for example, Bill's horoscope or New York tourism) or you are a government agency of that location (for example, the City of New York can register the name New York City).
- Some words and phrases are reserved and cannot be used in names (including, ok, Google, volume up, game, action, and app). Test your name in the API dashboard to confirm it doesn't use a reserved word or phrase. We may make exceptions for certain reserved words or phrases if used in a qualifying multi-word combination, if the name isn’t confusing, and if it doesn’t otherwise violate these policies. Instructions to request an exception are below.
- Depending on the language, some characters may be prohibited in the name pronunciation field; for example, languages using the Latin alphabet must contain only lower-case alphabetic characters, spaces between words, possessive apostrophes (for example, Sam's science trivia), or periods used in abbreviations (for example, a. b. c.). Other characters such as numbers must be spelled out, for example, twenty one.
- Names must be easy to pronounce correctly and be phonetically distinct to avoid being misinterpreted as similar sounding words and other app names (within the same language). Don't use names that are phonetically similar to ones prohibited by these policies, such as vulgar, offensive, generic, or common names (even if spelt them differently).
In evaluating these policies, we consider the pronunciation of the word, how it’s spelled in the console, and the commonly accepted way to spell the pronounced word (if there is one).
We will consider exceptions to certain naming policies on a case-by-case basis; you can request an exception filling out this form and selecting App Name Whitelist.
You app's invocation name must be a phonetic version of its display name. The only permitted differences are: punctuation, spaces, and using numerals vs. spelling out numbers and ordinals (such as three vs. 3 or third vs. 3rd).
The description of your app must accurately describe its functionality and the services or content it provides. Here are a few best practices for writing a description of your app:
- Provide a clear, succinct description of how your app can help users, for example, "You can use this app to do X." Excessive length, detail, or repetition in your app description can result in a violation of this policy.
- Highlight what's great about your app. Share interesting and exciting facts about to help users understand what makes your app special.
- Make sure that your app's title and description accurately describes its functionality.
- Avoid using excessive, repetitive, or unrelated keywords or references.
- Disclose whether your app requires payment for any of its features.
User testimonials are not allowed in the app's description.
We don't allow actions that directly or indirectly engage in or benefit from promotional practices that are deceptive or harmful to users or the developer ecosystem. This includes actions that engage in the following behavior:
- Using deceptive ads on websites, apps, or other properties, including notifications that are similar to system notifications and alerts.
- Engaging in unsolicited promotion via SMS services.
- Offering compensation for using actions, including money, digital or physical goods.
It is your responsibility to ensure that any ad networks or affiliates associated with your action comply with these policies and do not employ any prohibited promotion practices.
Apps for Families
Apps targeting children under 13 or providing content explicitly for children under 13 are only allowed as part of the Apps for Families program (currently only available in the U.S.).
Apps for Families is a mixed-audience program. Apps that are designed for use by mixed audiences that include children under the age of 13 must participate in the Apps for Families program.
Apps participating in the Apps for Families program must meet all the requirements in this section and comply with the Terms of Service for Actions on Google, including the Apps for Families Addendum. The Apps for Families program is currently only available to Assistant Apps offered in the United States.
All apps participating in the Apps for Families Program must be intended for use by families including children under the age of 13 and comply with the eligibility criteria below. Actions on Google reserves the right to reject or remove any app determined to be inappropriate for the program.
- Apps must be generally suitable for all ages including children under the age of 13 and not contain any inappropriate material, including adult themes, crude humor, and violent content.
- Apps must be designed for mixed audiences that include children under the age of 13. We cannot allow apps into the Apps for Families program that are primarily designed for children under the age of 13.
- The primary purpose of the App cannot be:
- To widely share unmoderated user-generated content, such as a social networking or user-forum app, or
- To serve as a general utility, client, or communication app, such as calculator, podcasting, home automation or reminder apps.
Apps may not collect or solicit any personally identifiable user data.
Apps must not contain ads, including in streaming media. Self-promotional messages are acceptable.
- Apps may not use Google sign-in (account linking), request OAuth scopes, access most user data APIs (except for coarse device location), or access any transaction APIs.
- You represent that apps submitted to the Apps for Families Program are compliant with COPPA (Children’s Online Privacy Protection Act) and other relevant statutes, including any APIs that your app uses to provide the service.
Apps accepted to the Apps for Families program are required to continue to meet the program’s standards at all times, including in subsequent updates.
To ensure a great user experience, your action must operate as described, provide a high-quality user experience, and take advantage of the platform's features.
Actions should follow the guidance for Conversation Design. Actions that significantly deviate from the user-interface design guidance or have poor user experiences may be disabled from specific surfaces, be rejected, or removed from the Directory, including for:
- Suggesting the action supports a larger scope of commands than it actually does, within the conversation or Directory listing.
- For example, if the action says "Ask me anything," but the action can only answer the question "Who is president of the United States?".
- Listening for a user command without prompting the user.
- For example, if the action answers a user's question and then starts to listen for an additional command without any prompt to the user suggesting a command or asking question.
- Playing a silent sound file.
- Having query patterns that aren’t relevant and would likely surprise users if your action was recommended or invoked.
- Playing non-streaming media or reading back text to the user for a period in excess of 120 seconds.
- Having broken links or images.
- Failing to provide alternate text for images in graphical interfaces.
- Saying different things in the chat bubble text and via text-to-speech in graphical interfaces.
In addition, we reserve the right to reject apps on the basis of content or functionality that are not explicitly prohibited by these policies, but that run contrary to these policies in spirit. In the event that your action is rejected or removed under this section, we pledge to provide an explanation of our decision.
Special Requirements for Certain Use Cases
Certain APIs have special requirements, if your Action uses them, then it must also comply with those requirements.
All apps must comply with these requirements:
Don’t expressly direct users to a website or mobile app to complete a transaction. For example, don’t tell a user to visit a site, app, or physical location (or provide a linkout chip) with a call to action to checkout, pay, or make a reservation.
If your app enables users to complete a transaction, it must implement the Transactions API and comply with all of the below requirements. A transaction includes any agreement between a user and a business to fulfill a good or service, such as buying or selling products, providing a service, or making reservations.
Transactions API Requirements
All apps implementing the Transactions API must comply with these requirements:
You must abide by the Transaction Terms in the Terms of Service for Actions on Google.
Currently, the Transactions API is only available in the United States; apps in other countries cannot implement the API or complete transactions until the API is available there.
Currently, we only support real-world, physical goods and services; transactions related to software, virtual goods and services, and donations may be supported in the future.
Implement all of the required methods and parameters, including proper order handling and acknowledgements, and don’t create duplicate orders.
Implement all required callback APIs related to providing transaction status updates within the specified time periods.
Implement all required order updates and follow-up actions.
Provide an accurate and itemized receipt and correctly set all related parameters.
Personal information obtained via the conversational interface in connection with a transaction can only be used to facilitate that transaction, including sending receipts, confirmations, and updates. You must independently obtain the user’s consent (via an opt-in) to use that information for any other purpose, including marketing.
Any information provided by you including receipts, prices, descriptions, and fulfillment details must be accurate and timely.
Actions facilitating transactions are responsible for their own customer service and must provide a customer service contact phone number and/or email address.
Developers using Direct Actions (including the Food Order Direct Action API) must also comply with these requirements.
If you provide us with catalogs, menus, or other data via a data feed or other mechanism, the data must comply with these policies, including the sections on Prohibited Content and Intellectual Property. You must correctly implement all technical requirements and provide content for all required fields. The data provided must be relevant to the use case of feed and accurate. We may disable the feed (or a portion of it), disable use of the data, or takedown any related Actions for violations of these policies or if they create a poor user experience.
Actions must not enable the unlocking or opening of doors, disabling of physical security mechanisms, or disarming of the security systems via the conversational interface.
These policies do not limit or amend any terms of service or other agreements that apply to the user's use of the applicable Google products or services, unless the policies expressly state that they are amending specific terms of service or agreements.
- 2/8/2017 - The Gambling, Other Restrictions, and User Experience sections were updated. Several policies were updated and consolidated under the new Naming, Store Listing, and Promotion section. There were also miscellaneous non-substantive changes.
- 5/17/2017 - Changes were made to address several new features, including transactions, visual user interfaces, and smart home integrations. We added a policy relating to mature content warnings and clarified parts of the Naming, Directory Listing, and Promotion and User Experience sections. *10/4/2017 - The Illegal Activities, Health, Account Linking, Name Requirements, and Transactions sections were updated. The Children section was replaced with the new Apps for Families section.