Policies for Actions on Google

This policy is designed to provide guidance to developers building on the Actions on Google platform, including Actions that will be published in the Directory. Some partners may have access to additional APIs and be subject to varying policies.

For the purposes of this policy, the term “Action” applies to either the Action project or individual Actions within that project. This policy applies to all aspects of Actions, including their content, advertising content (where permitted), behavior, and listing information in the Directory.

Avoiding a policy violation is always better than managing one, but when violations do occur, we’re committed to ensuring developers understand how they can bring their Action into compliance.

If your Action violates our policy, you will receive a notification with a specific reason for removal or rejection. Repeated or serious violations of the policy may result in termination of individual, related or partner accounts.

We may take action based on a number of factors including, but not limited to, a pattern of harmful behavior or high risk of abuse. We identify risk of abuse based on factors including, but not limited to, previous violation history, user feedback, and use of popular brands, characters, and other assets.

We may also limit the discoverability of your Action if it is low quality (such as failing to gracefully handle user queries), unhealthy (such as crashing or exiting unexpectedly), limited in purpose (only useful to a small set of users), or contains content that is inappropriate for most audiences. Please note that Actions on Google only allows submissions of Actions by developers who are 18 years of age or older at the time of the submission. See here for more information about our enforcement process.

Content restrictions

Sexually explicit

We don't allow Actions that contain or promote sexual content, including pornography, or any content or services intended to be sexually gratifying. Content that contains nudity may be allowed if the primary purpose is educational, documentary, scientific, or artistic, and is not gratuitous.

If your Action contains content that may be inappropriate for general audiences, it must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Assistant Directory description.

Here are some examples of violations:

  • Depictions of sexual nudity, or sexally suggestive poses in which the subject is nude, blurred or minimally clothed, and/or where the clothing would not be acceptable in an appropriate public context.
  • Depictions, animations or illustrations of sex acts, or sexually suggestive poses or the sexual depiction of body parts.
  • Content that depicts or are functionally sexual aids, sex toys, sex guides, illegal sexual themes and fetishes.
  • Content that is lewd or profane, including but not limited to content which may contain explicit text or adult/sexual keywords.
  • Content that depicts, describes, or encourages bestiality.
  • Actions that promote sex-related entertainment, escort services, or other services that may be interpreted as providing sexual acts in exchange for compensation.
  • Actions that degrade or objectify people.

Child endangerment

Google has a zero-tolerance policy against child sexual abuse content, or Actions promoting the sexual exploitation of minors. Actions that include content that sexualizes minors are subject to immediate removal, including but not limited to, those that promote pedophilia or inappropriate interaction targeted at a minor (e.g., groping or caressing). If we become aware of content or Actions facilitating or promoting the distribution of child sexual abuse content, we will report it to the appropriate authorities and delete the Google Accounts of those involved with the distribution.

Violence and dangerous activities

We don't allow Actions that depict or facilitate gratuitous violence or other dangerous activities. This includes:

  • Graphic descriptions of realistic violence or violent threats to any person or animal.
  • Self-harm, suicide, eating disorders, choking games or other acts where serious injury or death may result.

Actions that depict fictional or mild violence in the context of a game, such as cartoons, hunting or fishing, are generally allowed.

We do not permit terrorist organizations to publish Actions for any purpose, including recruitment. We don't allow Actions with content related to terrorism, such as content that promotes terrorist acts, incites violence, or celebrates terrorist attacks. If posting content related to terrorism for an educational, documentary, scientific, or artistic purpose, be mindful to provide enough information so users understand the context.

We don't allow Actions that facilitate the sale of explosives, firearms, ammunition, or certain firearms accessories. Restricted accessories include those that enable a firearm to simulate automatic fire or convert a firearm to automatic fire (e.g., bump stocks, gatling triggers, drop-in auto sears, conversion kits), and magazines or belts carrying more than 30 rounds.

We don't allow Actions that provide instructions for the manufacture of explosives, firearms, ammunition, restricted firearm accessories, or other weapons. This includes instructions on how to convert a firearm to automatic, or simulated automatic, firing capabilities.

If your Action contains content that may be inappropriate for general audiences, discusses mature themes, or contains disturbing or distressing content, it must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Assistant Directory description.

Bullying and harassment

We don't allow Actions that contain or facilitate threats, harassment, or bullying. This includes content primarily intended to harass or single out another person for abuse, malicious attack, or ridicule.

Here are some examples of violations:

  • Bullying victims of international or religious conflicts.
  • Content that seeks to exploit others, including extortion, blackmail, etc.
  • Posting content in order to humiliate someone publicly.
  • Harassing victims, or their friends and families, of a tragic event.

Hate speech

We don't allow Actions that facilitate or promote content that advocates hate or violence, or promotes discrimination against groups of people based on their race or ethnic origin, religion, disability, gender, age, nationality, veteran status, sexual orientation, gender identity, or any other characteristic that is associated with systemic discrimination or marginalization.

Actions which contain EDSA (Educational, Documentary, Scientific, or Artistic) content related to Nazis may be blocked in certain countries, in accordance with local laws and regulations.

If your Action contains content that may be inappropriate for general audiences, it must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Assistant Directory description.

Here are some examples of violations:

  • Content or speech asserting that a protected group is inhuman, inferior or worthy of being hated.
  • Actions that contain hateful slurs, stereotypes, or theories about a protected group possessing negative characteristics (e.g., malicious, corrupt, evil, etc.), or explicitly or implicitly claims the group is a threat.
  • Content or speech trying to encourage others to believe that people should be hated or discriminated against because they are a member of a protected group.
  • Content which promotes hate symbols such as flags, symbols, insignias, paraphernalia or behaviors associated with hate groups.

Sensitive events

We don't allow Actions that lack reasonable sensitivity towards, or capitalize on, a natural disaster, pandemic, atrocity, conflict, death, or other tragic event.

Actions with content related to a sensitive event are generally allowed if that content has EDSA (Educational, Documentary, Scientific, or Artistic) value or intends to alert users to or raise awareness for the sensitive event.

If your Action contains content that may be inappropriate for general audiences, it must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Assistant Directory description.

Here are some examples of violations:

  • Lacking sensitivity regarding the death of a real person or group of people due to suicide, overdose, natural causes, etc.
  • Denying a major tragic event.
  • Appearing to profit from a tragic event with no discernible benefit to the victims.

Gambling, games and contests

We don't allow Actions containing content or services that allow users to wager, stake, or participate using real money (including in-Action items purchased with money) to obtain a prize of real-world monetary value. This includes, but is not limited to, online casinos, sports betting, lotteries, and games that offer prizes of cash or other real-world monetary value.

Actions that facilitate user sweepstakes, raffles, or contests where no money is required to participate must tell the user the rules for participation during the first interaction, including the fixed entry deadline and award date, the fixed number of winners, and other relevant information.

Here are some examples of violations:

  • Games that accept money in exchange for an opportunity to win a physical or monetary prize.
  • Games with “loyalty” (e.g., engagement or activity) points that (1) are accrued or accelerated via real-money purchases which (2) can be exchanged for items or prizes of real world monetary value.
  • Actions that accept or manage gambling wagers, in-Action currencies required for participation, winnings, or deposits in order to obtain or accelerate eligibility for a physical or monetary prize.

Illegal activities

We don't allow Actions that facilitate or promote illegal activities You are solely responsible for determining the legality of your Action in its targeted locale.

Here are some examples of violations:

  • Encouraging or providing instructions for manufacturing illegal drugs.
  • Encouraging or providing instructions for money laundering or tax evasion.
  • Encouraging or providing instructions for digital piracy.

Alcohol, tobacco & drugs

Actions that facilitate or promote the sale of alcohol are allowed in countries listed in Google’s Alcohol Ads policy. Please also refer to the brand guidelines to review the branding restrictions for marketing Alcohol and Alcohol-related Actions.

All Actions must:

  • Implement account linking and verify users meet legal age requirements
  • Comply with all restrictions or procedures required by an applicable local law

These requirements apply to all alcohol beverage products, including wine, beer, spirits, and alcohol kits.

The sale of tobacco products, including cigarettes, cigars, rolling tobacco, and e-cigarettes are prohibited.

Alcohol branded Actions must include age verification at the beginning of the conversation, even if the Action does not facilitate or promote the sale of related products.

We don’t allow Actions that promote excessive or inappropriate use of alcohol or tobacco, or use by minors.

We don't allow Actions that facilitate the sale or production of recreational drugs, including marijuana or THC products, regardless of legality. We also don’t allow Actions that facilitate the ordering of drugs or related products or assisting users in arranging delivery or pick up of such products.

Health

We don't allow Actions that involve transmission of information that could be considered protected health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). Google is not able to commit that the Actions on Google platform can meet the requirements of HIPAA or other similar medical data regulations.

We also don’t allow Actions that provide, collect, or store personal medical information, including data that could be considered data concerning health under the General Data Protection Regulation (GDPR).

Actions that provide health information, such as non-personalized information about symptoms, treatments, or medications, must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Directory description.

Actions providing fitness functionality, including activity monitoring (calories burned, steps taken, etc.), weight data, and BMI are permitted, so long as they do not involve the transmission of information that could be considered PHI under HIPAA or data concerning health under GDPR.

Financial services

For the purposes of this policy, we consider financial products and services to be those related to the management or investment of money and cryptocurrencies, including personalized advice.

We don't allow Actions that expose users to deceptive or harmful financial products and services. We also don't allow Actions that enable the mining of cryptocurrency on devices.

If your Action contains or promotes financial products and services, you must comply with state and local regulations for all jurisdictions where your Action is accessible.

We don’t allow Actions that provide services or store sensitive financial data in violation of applicable legal obligations. Google is not able to commit that the Actions on Google platform can meet all requirements set by financial regulations.

Financial data or authentication data cannot be collected via the conversational interface. This includes, for example, bank account or credit card numbers, or PIN/passwords. PIN/passwords that are unique to the Actions on Google platform are allowed with account linking.

Peer to peer transfers are not permitted, unless using App Actions. Actions that provide bank account information, such as credit balances, must implement account linking.

Actions providing general financial information, including interest rates and stock prices, are permitted.

Emergency services

We don’t allow Actions that enable users to contact emergency responders, such as 911 or 999 services.

Language support

For each language your Action supports, the Directory listing information (descriptions, privacy policy, etc.), grammars, and text-to-speech-read text must predominantly be in the same language.

Mature and offensive content

If your Action contains content that may be inappropriate for a general audience, or frequently has profanity, it must include a disclaimer at the beginning of the user’s first conversation with the Action and in the Assistant Directory description.

Here are some examples of content that may require a disclaimer:

  • News reports that include uncensored profane or inflammatory speech.
  • Content that is sexually suggestive or has educational displays of nudity.
  • Content that may be gory, disturbing, or traumatic to users.

If your Action seeks to offend users, including for humour, or includes content that may be offensive for a general audience, your Action’s discoverability may be restricted.

User-generated content

User-generated content (UGC) is content that a user contributes to an Action, and which is visible to or accessible by at least a subset of the Action’s users. If your Action contains UGC, it must include a disclaimer indicating as such at the beginning of the user’s first conversation with the Action and in the Assistant Directory description.

We don’t allow Actions whose primary purpose is featuring objectionable UGC. Similarly, Actions that end up being used primarily for sharing objectionable UGC, or that develop a reputation among users of being a place where such content thrives, will also be removed.

Here are some examples of violations:

  • Promoting sexually explicit user-generated content, including implementing or permitting paid features that principally encourage the sharing of objectionable content.
  • Actions with UGC that lack sufficient safeguards against threats, harassment, or bullying, particularly toward minors.
  • Posts, comments, or photos within an Action that are primarily intended to harass or single out another person for abuse, malicious attack, or ridicule.
  • Actions that continually fail to address user complaints about objectionable content.

Intellectual property

We don't allow Actions or developer accounts that infringe the intellectual property rights of others, including trademark, copyright, patent, trade secret, and other proprietary rights. We also don't allow Actions that encourage or induce infringement of intellectual property rights.

We will respond to clear notices of alleged copyright infringement. For more information or to file a Digital Millennium Copyright Act request, please visit our copyright procedures.

If you are a trademark owner and you believe an Action is infringing on your trademark rights, we encourage you to reach out to the developer directly to resolve your concern. If you can't reach a resolution with the developer, please submit a trademark complaint through this form.

Impersonation

We don't allow Actions that mislead users by impersonating someone else (e.g., another developer, company, entity) or another Action, or falsely applying affiliation. This includes misusing icons, descriptions, display names, or other Action features that could mislead users.

Here are some examples of violations:

  • Claiming to be a supplier or provider of a brand with no authorization from the owner of the brand.
  • Using an icon in your Action that you do not own.
  • Claiming to be the “‘official” Action of a brand or company with no authorization from the owner of the brand.

Unauthorized use of copyrighted content

We don’t allow Actions that infringe copyright. Modifying copyrighted content may still lead to a violation. Developers may be required to provide evidence of their rights to use copyrighted content.

Please be careful when using copyrighted content to demonstrate the functionality of your Action. In general, the safest approach is to create something that’s original.

Here are some examples of copyrighted content that is often used without authorization or a legally valid reason:

  • Cover art for music albums, video games, and books.
  • Marketing images from movies, television, or video games.
  • Artwork or images from comic books, cartoons, movies, music videos, or television.

We don't allow Actions that induce or encourage copyright infringement. Before you publish your Action, look for ways it may be encouraging copyright infringement and get legal advice if necessary.

Here are some examples of violations:

  • Streaming Actions that allow users to download a local copy of copyrighted content without authorization.
  • Actions that encourage users to stream and download copyrighted works, including music and video, in violation of applicable copyright law.

Trademark infringement

We don't allow Actions that infringe on others' trademarks. A trademark is a word, symbol, or combination that identifies the source of a good or service. Once acquired, a trademark gives the owner exclusive rights to the trademark usage with respect to certain goods or services.

Trademark infringement is the improper or unauthorized use of an identical or similar trademark in a way that is likely to cause confusion as to the source of that product. If your Action uses another party's trademarks in a way that is likely to cause confusion, your Action may be removed.

Counterfeit

We don't allow Actions that sell or promote the sale of counterfeit goods. Counterfeit goods contain a trademark or logo that is identical to or substantially indistinguishable from the trademark of another. They mimic the brand features of the product in an attempt to pass themselves off as a genuine product of the brand owner.

Deceptive behavior

We don't allow Actions that attempt to deceive users. Actions must provide accurate disclosure of their functionality and perform as reasonably expected by the user. Actions must not attempt to mimic system functionality or warnings of any kind. Any changes to device settings must be made with the user's knowledge and consent and be easily reversible by the user.

Misleading claims

We don't allow Actions that contain false or misleading information or claims, including pronunciation, description, display name, or icon. Don't try to imply an endorsement or relationship with another entity where none exists.

Examples of misleading claims include:

  • Misrepresenting or not accurately and clearly describing Action functionality, for example:

    • An Action that claims to be a food delivery service in its description or pronunciation, but is actually a ride-sharing service.
    • An Action that claims to be a restaurant reservation service, but only contains restaurant reviews.
    • An Action that uses a display name related to coffee, but is actually a pizza delivery service.
    • An Action that claims to provide animal fun facts, but can only provide facts about cats rather than animals generally.
  • Misrepresenting the current status or performance on the Directory (e.g. "Editor's Choice," "Number 1 Action").

  • Featuring deceptive content that may interfere with engagement in civic events such as census participation or public voting procedures.

  • Falsely claiming affiliation with a government entity or facilitating government services for which they are not properly authorized.

  • Featuring deceptive content that may interfere with public voting procedures.

  • Featuring medical or health-related functionality or content that is misleading or potentially harmful.

  • Claiming functionality that is impossible to implement.

  • Actions that are improperly categorized in the Assistant Directory listing.

  • Misleading a user as to the content or destination of a link.

Manipulated media

We don't allow Actions that promote or help create false or misleading information or claims conveyed through imagery, audio, videos and/or text. We don’t allow Actions determined to promote or perpetuate demonstrably misleading or deceptive imagery, videos and/or text, which may cause harm pertaining to a sensitive event, politics, social issues, or other matters of public concern.

Actions that manipulate or alter media, beyond conventional and editorially acceptable adjustments for clarity or quality, must prominently disclose or watermark altered media when it may not be clear to the average person that the media has been altered. Exceptions may be provided for public interest or obvious satire or parody.

Here are some examples of violations:

  • Actions adding a public figure to a demonstration during a politically sensitive event.
  • Actions that alter media clips to mimic a news broadcast.

Unauthorized use or imitation of system functionality

We don't allow Actions that mimic or interfere with device or Assistant functionality, such as lights, notifications or warnings.

Examples of prohibited behavior include:

  • Using a voice for your Action that mimics the Google Assistant's voice.
  • Mimicking system notifications or warnings.
  • Pretending to be Google.

Spam and minimum functionality

At a minimum, Actions should provide users with a basic degree of functionality and a respectful user experience. Actions that crash, or exhibit other behavior that is not consistent with a functional user experience are not allowed. This includes incomplete Actions that may have been submitted as a test.

We don't allow Actions that spam users or the Directory, through unsolicited or repetitive activity. These Actions do not expand the catalog in a meaningful way.

Here are some examples of violations:

  • Actions that push content to users' mobile devices without their permission or send excessive or irrelevant content using the Update API.
  • Actions whose primary purpose is to drive traffic to a website or app.
  • Submitting multiple duplicative Actions to the Assistant Directory.

We don’t allow Actions that send SMS, email or other messages on behalf of the user without giving the user the ability to confirm the content and intended recipients.

Webviews and affiliate content

We don’t allow Actions whose primary purpose is to drive affiliate traffic to a website or provide a webview of a website without permission from the website owner or administrator.

Here are some examples of violations:

  • An Action whose primary purpose is to drive referral traffic to a website to receive credit for user sign-ups or purchases on that website.
  • Actions whose primary purpose is to provide a webview of a website without permission

Repetitive Content

We don't allow Actions that merely provide the same experience as other Actions already on the Actions on Google platform. Actions should provide value to users through the creation of unique content or services.

Here are some examples of violations:

  • Copying content from other Actions without adding any original content or value.
  • Creating multiple Actions with highly similar functionality, content, and user experience. If these Actions are each small in content volume, developers should consider creating a single Action that aggregates all the content.

Privacy and Security

User data

You must be transparent in how you handle user data (e.g., information provided by a user, collected about a user, and collected about a user's use of the Action or device). This policy establishes the Directory's minimum privacy requirements; you or your Action may need to comply with additional restrictions or procedures if required by an applicable law. For additional privacy requirements concerning Actions for Families, please refer to the Actions for Families Program Requirements.

All Actions must:

  • Provide a link to a privacy policy in the Directory's designated field

    The privacy policy must, together with any in-Action disclosures, comprehensively disclose how your Action collects, uses, and shares user data, including the types of parties with whom it's shared. It must be written in each of the languages your Action is enabled for. You must limit your use of the data to the activities described in the disclosures. You must allow Google crawlers to access and scan the content of the privacy document.

  • Handle all user data securely

    All transmissions of user data must use modern cryptography, and your Action's interaction with the Actions on Google APIs must use HTTPS.

  • Request sensitive user data via the Permissions API

    All requests for a user's location and name.

  • Accurately describe the reason for requesting user data or implement account linking

    You must clearly and accurately disclose the legitimate business reason for requesting user data including email, telephone number, date of birth, gender or personal preferences. If you are using the Permissions API you must disclose this in the "context" field in the corresponding method.

Actions are prohibited from requesting the following data via the conversational interface (text, image or speech) in all scenarios.

  • Payment or financial data

    Examples: credit and bank account numbers. Refer to the Financial Services policy.

  • Authentication data

    Examples: this includes full or partial passwords or PINs.

  • Identity data

    Examples: passport number, National ID number, Social Security number, Drivers license number or Tax IDs.

  • Healthcare data

    Refer to the Health policy.

  • Sensitive Personal Information

    Examples: requesting an individual's ethnicity, political affiliation, sexual orientation, or religious affiliation.

Account linking and identity

You may use Google Sign-In and/or the Account Linking API with OAuth 2 to create a link between a Google user and an existing non-Google account on your system. When implementing account linking using OAuth, you must own your OAuth endpoint or have control over it with an OAuth service provider. Do not provide URLs from Identity Providers directly in your Actions on Google configuration. Only one OAuth config per Action package is permitted.

Don't use any other method to associate a Google user with an account on your system, including using an association from another Action engaging in account linking, or requesting an email or phone number. For example, if you offer multiple Actions requiring account linking, each Action must independently use the Account Linking API — using the configuration defined in the respective Action package — to associate the Google user with the existing account.

If you initiate account linking mid-conversation, then prior to triggering the account linking process you must explain why you are prompting the user to link their account.

Don't request any OAuth scope from Google unless the user is signing in to your service using Google Sign-In. Don't encourage users to agree to additional Google OAuth scopes by directing them to a website or Action.

If Google is unable to review and test the Action’s account linking capability, it will not be approved. This includes Actions that provide invalid credentials for testing, or fail to keep their credentials updated.

Malicious behavior

We don't allow Actions that steal data, secretly monitor or harm users or that are otherwise malicious.

We don't allow Actions that interfere with, disrupt, damage, or access in an unauthorized manner the user's device or other devices, computers, servers, networks, application programming interfaces (APIs), or services. This includes other Actions, any Google service, and the device's network.

All Actions that collect user data must comply with the User data policy and fully disclose their functions.

The following are explicitly prohibited:

  • Viruses, trojan horses, malware, spyware, and any other malicious software.
  • Promoting or facilitating the distribution or installation of malicious software.
  • Introducing or exploiting security vulnerabilities.
  • Stealing a user's authentication information (such as usernames or passwords).
  • Tricking users into disclosing personal or authentication information.
  • Indicating the Action has closed or exited, but continuing to record the user.
  • Running other Actions without the user's prior consent.
  • Secretly collecting device usage.

Actions and their listings on the Directory must not provide any means to activate or access functionality that violate these terms.

Security vulnerabilities

If your Action is associated with a security vulnerability that could be exploited to compromise another Action, application, device, or service, we may remove it to protect users.

Data feeds

If you provide us with catalogs, menus, or other data via a data feed or other mechanism, the data must comply with these policies, including the sections on Prohibited content and Intellectual property. You must correctly implement all technical requirements and provide content for all required fields. The data provided must be relevant to the use case of feed and accurate. We may disable the feed (or a portion of it), disable use of the data, or remove any related Actions for violations of these policies or if they create a poor user experience.

Monetization and ads

Ads

No in-conversation ads are permitted.

Promotion

We don't allow Actions that directly or indirectly engage in or benefit from promotional practices that are deceptive or harmful to users or the developer ecosystem. This includes Actions that engage in the following behavior:

  • Using deceptive ads on websites, Actions, or other properties, including notifications that are similar to system notifications and alerts.
  • Manipulating or inflating usage statistics, and product ratings, ranking or reviews.
  • Promotion or engagement tactics that redirect users to download apps or trigger other Actions without informed user action.
  • Engaging in unsolicited promotion via SMS services.
  • Offering compensation for using Actions, including money, digital or physical goods.

It is your responsibility to ensure that any ad networks or affiliates associated with your Action comply with these policies and do not employ any prohibited promotion practices.

Transactions

All Actions must comply with these requirements:

  1. Don’t expressly direct users to a website, phone number, mobile app or alternative payment method to complete a transaction, whether within the Action via links or suggestion chips, or in the Action description. For example, don’t tell a user to visit a website, Action, or physical location (or provide a linkout chip) with a call to action to checkout or pay. This restriction does not apply to App Actions.
  2. If your Action enables users to complete a physical goods or services transaction, or make a reservation or booking, it must implement the Transactions API for Assistant. Adding items to a basket is not considered a transaction.
  3. If your Actions enables users to complete a digital transaction or buy a subscription, it must implement the Digital Purchase API.

The following purchases and transactions (any agreement between a user and a business to fulfill a good or service) are supported on Actions on Google:

  1. Physical goods or services including:

    • Purchase or sale of physical goods (such as groceries, clothing, housewares)
    • Purchase of physical services (such as car services, cleaning services, airfare, food delivery, tickets for live events)
    • Reservations and bookings (such as hotel rooms)
    • Top-up services
  2. Digital goods or services including:

    • Purchase of digital goods (such as virtual currencies, extra lives, additional playtime, and special items)
    • Subscription services (such as fitness, dating, education and content subscription services)
    • Access to Action functionality and features (such as content or services)

Currently, Actions on Google do not support money transfers from one user to another, either directly or via a licensed money transmitter or donations to charitable or political entities. This restriction does not apply to App Actions.

Transactions API and Digital Purchase API requirements

All Actions implementing the Transactions API, Digital Purchase API (a Google Play Billing service), or using Direct Actions (including the Food Order Direct Action API) must comply with these requirements:

  1. Abide by the Transaction Terms in the terms of service for Actions on Google.
  2. Implement all of the required methods and parameters, including proper order handling and acknowledgements, and don’t create duplicate orders.
  3. Provide accurate and timely information, including prices, and descriptions.
  4. Provide your own customer service, and provide a customer service contact phone number and/or email address.
  5. Only use personal information obtained via the conversational interface to facilitate that transaction, including sending receipts, confirmations, and updates. You must independently obtain the user’s consent (via an opt-in) to use that information for any other purpose, including marketing.
  6. For Actions using the Digital Purchase API only:

    • Only features or services bought within the Action, or on another platform under the same title as the Action, can be accessed by the user on the Actions on Google platform.
    • Actions must not directly or indirectly lead users to a payment method other than via the Digital Purchase API, either within or outside of the Action.
  7. For Actions using the Transactions API only (as Google does not provide these features):

    • Implement all required callback APIs related to providing transaction status updates within the specified time periods, and any follow-up actions.
    • Provide an accurate and itemized receipt to all users by email and correctly set all related parameters for transactions where money is exchanged.

Naming and directory listing

Your Action’s pronunciation and Assistant display name is how users interact with and discover Actions. Your Action's listing dramatically affects the Directory's quality, so avoid spammy listings, low quality promotion, and anything that artificially boosts your Action's visibility. Fill out all of the details required for the Directory listing, including providing visible, non-blank icons.

Your Action’s Directory listing (including name, descriptions, etc.) must comply with the Prohibited content and Intellectual property policies and not include words that are vulgar, sexually explicit, or offensive.

Name requirements

All Actions must have a phonetically unique pronunciation that will allow users to trigger the Action's functionality. Action pronunciations are unique within each language, so once a name is approved, no other Action can register the same phonetic name in the same language. Your Directory listing must have at least one sample pronunciation, all of which must include your Action’s name, for example "Talk to Google Shopping," and consistently triggers your Action.

Names must meet the following requirements:

  • One-word names are not allowed, unless the name is unique to your brand or trademark within the regions in which your Action can be accessed. Instructions to request an exception for individual countries are below. Compound words broken into multiple words will not circumvent this requirement. For example, key board counts as one word.
  • Two-word names are not allowed if one of the words is a definite article (the), indefinite article (a or an), pronoun (like my), or preposition (for, to, or of). For example, your name should not be a bicycle, an espresso, to amuse or for fun.
  • A name uniquely identifies your Action, so it must distinguish itself from other Actions and from the Assistant’s core features. We don’t allow names that are:

    • Common phrases (e.g., thank you, how are you?, good morning)
    • Confusingly similar with core features of the Assistant (e.g., stop, send feedback, turn off the lights, show me videos of, what’s the weather, skip this song, set the temperature to, etc.)
    • Potentially confusing users into thinking they are interacting with Google or that Google is promoting, endorsing, or sponsoring content featured in the Action (e.g., your favorite Action, best music app, most popular Action most searched News)
    • Generic, including words or phrases that are categories of products, services, or content. We will consider exceptions to this prohibition on a case-by-case basis. Instructions to request an exception are below.
  • Names of people or places are not allowed unless they also contain other words (e.g., Bill's horoscope or New York tourism) or you are a government agency of that location (for example, the City of New York can register the name New York City).

  • Some words and phrases are reserved and cannot be used in names, including, ok, Google, launch, ask, tell, load, exit quit, volume up, game, action, assistant, skill, and app. Test your name in the API dashboard to confirm it doesn't use a reserved word or phrase. We may make exceptions for certain reserved words or phrases if used in a qualifying multi-word combination, if the name isn’t confusing, and if it doesn’t otherwise violate these policies. Instructions to request an exception are below.

  • Depending on the language, some characters may be prohibited in the display name field; for example, languages using the Latin alphabet must contain only lower-case alphabetic characters, spaces between words, possessive apostrophes (e.g., Sam's science trivia), or periods used in abbreviations (e.g., a. b. c.). Other characters such as numbers must be spelled out (e.g., twenty one).

  • Names must be easy to pronounce correctly and be phonetically distinct to avoid being misinterpreted as similar sounding words or other Action names (within the same language). Don't use names that are phonetically similar to ones prohibited by these policies, such as vulgar, offensive, generic, or common names, even if spelled differently.

In evaluating these policies, we consider the pronunciation of the display name, how it’s spelled in the console, and the commonly accepted way to spell the pronounced word (if there is one).

We will consider exceptions to certain naming policies on a case-by-case basis; you can request an exception filling out this form and requesting Display Name assistance.

Examples of generic Names:

Not allowed:

  • My Travel Agent
  • Smart Home
  • Grocery Store
  • Game Action

Allowed (for illustrative purposes only and subject to other policies)

  • Using or adding made-up words or arbitrary phrases (Foobar Action, Foobar Smart Home)
  • Adding a non-generic brand name (Google Travel, Bob’s Travel Agent)
  • Adding descriptive adjectives and adverbs (Fast Hotel Search, Worldly Traveler)
  • Using your full domain name, including top level domain (SmartHome.com)

Consistent names

Your Action's pronunciation must be a phonetic version of its display name. Permitted differences include: punctuation, spaces, and using numerals vs. spelling out numbers and ordinals (such as three vs. 3 or third vs. 3rd).

Description

The description and other metadata of your Action must accurately describe its functionality and the services or content it provides. Here are a few best practices for writing a description of your Action:

  • Provide a clear, succinct description of how your Action can help users, for example, "You can use this Action to do X." Excessive length, detail, or repetition in your Action description can result in a violation of this policy.
  • Highlight what's great about your Action. Share interesting and exciting facts about to help users understand what makes your Action special.
  • Make sure that your Action's display name, description, icon and banner images accurately describe its functionality.
  • Avoid using excessive, repetitive, or unrelated keywords or references.
  • Disclose whether your Action requires payment for any of its features.

User testimonials are not allowed in the Action's description.

User Experience

To ensure a great user experience, your Action must operate as described, provide a high-quality user experience, and take advantage of the platform's features.

Actions should follow the guidance for Conversation Design. Actions that significantly deviate from the user-interface design guidance or have poor user experiences may be disabled from specific surfaces, be rejected, or be removed from the Directory, including for:

  • Suggesting the Action supports a larger scope of commands than it actually does, within the conversation or Directory listing.

    • For example, if the Action says "Ask me anything," but the Action can only answer the question "Who is president of the United States?".
  • Listening for a user command without a prompt such as a greeting, or an implicit or explicit question. This includes opening the Action mic to listen or record the user, without setting the expectation. The user must be aware when the Action is recording a response or command. Examples include:

    • The Action answers a user's question and then starts to listen for an additional command without asking a follow up question.
    • The Action makes a closing statement, but continues to record the user.
    • The Action begins to open the microphone and records the user without signalling to the user the Action is listening for a command or response.
  • Listening for user responses during an Action experience by leaving the mic open with no implicit or explicit prompts and failing to set expectations with the user about the nature of the interaction.

    • For example, a language-learning Action listens for responses without explaining to the user at the beginning how the interaction will take place.
  • Failing to function properly on all Assistant-enabled devices that support the Action’s required capabilities.

    • For example, if the Action functions on Google Home devices, but not on mobile devices.
  • Playing a silent sound file without a clear purpose.

    • For example, if the Action opens and plays a silent sound file with no explanation.
  • Misusing interaction features on Assistant-enabled devices.

    • For example, triggering the Google Home LED lights outside of their intended purpose noted here.
  • Continuously playing text-to-speech or recorded audio for longer than 240 seconds unless using the Media Response API.

  • Having broken links or images.

  • Branding or labeling your Action during the user interaction with terminology associated with a non-Google developer platform.

  • Failing to provide alternate text and voice for images in non-graphical interfaces.

  • Audio not matching visual text and via text-to-speech in graphical interfaces.

  • Registering or creating misleading or irrelevant intents to your Action.

    • For example, selecting a built-in intent for ‘Order a Taxi’ when your Action provides weather information.
  • Including unnecessary descriptive words, such as adjectives, adverbs, or ambiguous terminology in suggestion chips.

    • For example, ‘Buy Best Pizza’ or ‘Try your luck’.

Actions for Families

In order to establish that developers in the Actions for Families (AFF) program have demonstrated the ability to create family-friendly experiences, we limit eligibility for the program to developers who have already created a Teacher Approved app on Google Play or have entered into a partnership agreement with Google for their family-friendly Action that is in effect. Developers whose apps are removed from the Teacher Approved program and do not have a currently effective partnership agreement with Google for their family-friendly Action are no longer eligible for Actions for Families.

If your Action targets children or provides content explicitly for children, it must participate in the Actions for Families program under these eligibility requirements, otherwise it will not be approved for release on the platform. This includes both Actions targeting children as their primary audience or as one of their audiences.

The word “child” can mean different things in different locales and in different contexts. It is important that you consult with your legal counsel to help determine what obligations and restrictions may apply to your Action. AFF developers can choose to deploy their AFF action in every Actions on Google supported locale except Morocco, Tunisia, and Yemen.

Program requirements

Before submitting an Action to the Actions for Families program, you are responsible for ensuring your Action is appropriate for children and compliant with all relevant laws, including the U.S. Children’s Online Privacy Protection Act (COPPA) and the EU General Data Protection Regulation (GDPR).

Actions participating in the Actions for Families program must meet the eligibility criteria in this section and comply with the Terms of Service for Actions on Google, including the Actions for Families Addendum.

Eligibility criteria

  1. You demonstrate experience as a developer of family-friendly experiences by submitting a referential link(s) to your Teacher Approved app(s) on Google Play, or you have entered into a partnership agreement with Google for your family-friendly Action that is in effect. Developers that have all of their apps removed from the Teacher Approved program and do not have a currently effective partnership agreement with Google for their AFF Action are not eligible for Actions for Families.
  2. Your Action targets children as its primary audience or as one of its audiences.
  3. If your Action is not targeting children as one of its audiences, such as home automation or productivity Actions, it cannot participate in the Actions for Families program.
  4. All Actions for Families must be appropriate for children. Actions can not contain any inappropriate material, including adult content, crude humor, profane language, violent or disturbing content, or self harm content. Actions cannot contain material that promotes negative body or self image, including depictions for entertainment purposes of plastic surgery, weight loss, and other cosmetic adjustments to a person's physical appearance.
  5. The primary purpose of the Action cannot be to widely share unmoderated user-generated content, such as a social networking or user-forum Action.
  6. Actions may not collect or solicit any personally identifiable user data.
  7. Actions must not contain ads, including in streaming media. Self-promotional messages are acceptable if the subject matter, content and language is appropriate for children.
  8. Actions may not use unmoderated content in the experience, and all Action content will be subject to periodic audit for ongoing compliance.
  9. Actions may not use Google sign-in (account linking), request OAuth scopes, access most user data APIs (except for coarse device location), or access any transaction APIs.
  10. You represent that your Action, and any APIs or SDKs that your Action calls or uses, are compliant with COPPA, the GDPR, and any other applicable laws or regulations.

Actions accepted to the Actions for Families program are required to continue to meet the program’s standards at all times, including in subsequent updates. Actions may only opt out of the AFF program and remain on the Actions on Google platform if the Action no longer targets children as its primary audience or as one of its audiences.

Google reserves the right to reject or remove any Action determined to be inappropriate for the program or ineligible for the Actions for Families program based on the above criteria.

Smart-enabled devices

Security or surveillance Actions must not log personally identifiable information (PII) of individuals outside the primary user without their consent. For example, doorbell Actions cannot log information about who may be at the door without the express consent of that individual.

In addition, audio sent from Google surfaces to third-party (3P) devices via the Two-Way Talk Feature, which is available for doorbells only, may only be used to to serve the experience of Two-Way Talk. Data from Two-Way Talk must only be stored, logged, or recorded for the purpose of this feature functionality and may not be used for any other purpose.

We do not allow Actions that instruct passenger transport vehicles to move.

We will only certify Actions that give users the option to choose which voice assistant they can link to. We will not certify Actions that require users to connect to another voice assistant before connecting to Google Assistant.

Secondary User Verification

Google requires partners to enable a secondary user verification for any operation that may change the Device State to a non-secure or disabled state, such as unlocking a door, turning off a camera, disabling a security system, or opening a device that may have a safety concern.

While the nature of the security and safety precautions may vary by the type of device, at minimum these devices must require account linking and a secondary user verification, such as confirmation on a secured mobile device or a password/PIN. Irrespective of the nature of the Action (Conversational vs. Smart Home API Direct Action), adding the additional layer of security is required to comply with Google’s policy. However, after the user has established a secondary verification, you may provide an opt-out option for the user. The opt-out language should be precise and clear to the user.

Google’s recommendation for smart home devices is to implement a Direct Action using the Smart Home API. For Smart Home integrations, the secondary user verification methods are described here.

Works with Hey Google Certification

When users search for and buy devices labeled with the ‘Works with Hey Google’ badge, they should expect robust functionality and a safe, reliable, and seamless experience. Beyond the secondary user authentication policy above, developers must also meet the following requirements for device certification and use of the ‘Works with Hey Google’ badge:

Functionality

The Google Assistant Smart Home API supports Device Types and Traits to match the functionality of smart home devices. Device type representation should be accurate based on the identity of the device itself. For example, if you have a smart switch that controls lights, then the Device Type that you use is Switch, since that represents the nature of the physical device. Google provides guides on devices and their required functionality here.

Additionally, if new device traits are added to a developer’s device, the developer must make that trait accessible to Google Assistant users at launch. As an example, for color light bulbs, users should be able to change the color of the bulbs, turn the bulbs on and off, adjust the bulbs’ brightness, etc., with Google Assistant.

Google reserves the right to not certify submissions if a developer’s device fails to integrate all functionality present on the device with compatible Smart Home API traits allowing Google Assistant to provide a complete experience.

Reporting State

All devices are expected to report state updates to Google through the HomeGraph API’s Report State, with the exception of command-only devices like IR controllers. Report State is critical to the proper representation of the device’s state across all Assistant surfaces and Assistant services. We require that all partners who have device state implement ReportState. For further details see the ReportStateAndNotifications API in the developer docs.

Reporting User Configuration Changes

Developers shall report device configuration updates in your ecosystem to Google; for example if the developer updates functionality like supported traits, or if the user adds, renames, or removes a device, the developer must report those updates to Google. This eliminates the need for users to unlink and relink their account to receive updates after they make an update in the developer app. This can be accomplished through the Request Sync API.

Persistent Connections

Cloud connected smart devices should have a persistent connection for cloud control, whether that’s through the device itself, or through a stationary partner hub. Mobile Devices and tablets cannot be used as intermediaries for smart home devices. For devices with low power states that disconnect the device from its connectivity protocol such as WiFi, the device should implement methods to enable waking up the device for cloud control.

Google Device Control Authorization Page

In order to comply with our legal and privacy policies, oAuth page should show that your app is linking / sharing data with Google, not Google Home or Google Assistant. You must have a Google authorization statement such as "By signing in, you are authorizing Google to control your devices."

Safety Certificate

There are certain devices that may have safety implications, such as cooking appliances that may get hot enough to be a safety concern. For any device that can potentially pose a heightened safety risk, we ask that you share the UL certificate (or similar safety certification) for that device. Additional details on safety certificate requirements can be found here.

Quality

Maintaining a high level of performance and reliability is key to jointly delivering helpful user experiences. Partners can access metrics on the usage and performance of their integration by visiting their Google Cloud Platform project page. More information on accessing performance metrics can be found here.

After the initial certification, developers should maintain an acceptable level of performance for their devices. There are multiple aspects of performance:

  1. Latency and Reliability associated with issuing commands through Assistant enabled devices.
  2. Reliable account linking and token refresh
  3. Report State accuracy and latency of reporting state changes

Quality expectations are outlined on a device type level in the Smart Home API Documentation. Persistent failure to meet these expectations could result in your integration having reduced visibility, or in extreme cases being disabled, until performance is improved.

Certification Refresh

Smart Home API integrations should be recertified when the API has functionality added, or when your device adds new capabilities that are supported by the Smart Home API. This is inclusive of additional devices that the partner adds to their integration. For example, as new devices are included, the certification requirement must also be met for those devices.

Additionally, integrations must be recertified every 12 months beginning from when the most recent recertification occurred, or when new device functionality is added. This will ensure you maintain eligibility for the Works-With badge and your integration remains in good standing. Failure to recertify, will revoke your approval for use of the Works-With badge and can potentially lead to one or more enforcement actions against your Smart Home API integration.

Conflicting terms

These policies do not limit or amend any terms of service or other agreements that apply to the user's use of the applicable Google products or services, unless the policies expressly state that they are amending specific terms of service or agreements.

Enforcement

If your Action has violated any of our policies, we may take one or more enforcement actions against your Action or your developer account, as outlined below. In addition, we’ll notify you with relevant information about the enforcement action we’ve taken, along with instructions on how to appeal if you believe we’ve taken enforcement action in error.

Please note that removal or administrative notices may not indicate each and every policy violation present in your Action. Developers are responsible for addressing any policy issue and conducting extra due diligence to ensure that the remainder of their Action is fully policy compliant. Failure to address policy violations in all of your Actions may result in additional enforcement actions, including permanent removal of your Action or account termination.

Repeated or serious violations (such as malware, fraud, and Actions that may cause user or device harm) of the terms of service or policies for Actions on Google may result in termination of individual or related Actions on Google developer accounts.

Rejection

  • A new Action or Action update submitted for review will not be made available on Google Assistant.
  • If an update to an existing Action was rejected, the Action version published prior to the update will remain available on Google Assistant.
  • Rejections don’t impact your access to a rejected Action’s existing user installs, statistics, and ratings.
  • Rejections don’t impact the standing of your Actions on Google developer account.
  • If your Action is multi-locale, a rejection in one of the locales will result in the rejection of the Action in any locale.

Removal

  • The Action, along with any previous versions of that Action, are removed from Google Assistant and will no longer be available to users in any locale.
  • Because the Action is removed, users will not be able to see the Action’s Directory listing, user installs, statistics, and ratings or invoke it. This information will be restored once you submit a policy-compliant update for the removed Action.
  • Users may not be able to make any in-Action purchases, or utilize any in-Action billing features in the Action until a policy-compliant version is approved by Google.
  • Removals don’t immediately impact the standing of your Actions on Google Developer account

Limited visibility

  • Your Action’s discoverability on Google Assistant may be restricted. The Action will remain on Google Assistant, and will be accessible to users by explicit pronunciation.
  • Having your Action placed in a limited visibility state doesn’t impact the standing of your other Actions on Google Developer account.

Account termination

  • When your developer account is terminated, all Actions in your catalog will be removed from Google Assistant and you will no longer be able to publish new Actions. This also means that any related Google Assistant developer accounts will also be permanently suspended.
  • Multiple suspensions or suspensions for egregious policy violations may also result in the termination of your Actions on Google account.
  • Because the Actions within the terminated account are removed, users will not be able to see the Action’s existing Directory listing, existing user installs, statistics, and ratings.

Appealing an enforcement action

We will reinstate Actions if an error was made and we find that your Action does not violate the terms of service and policies for Actions on Google. If you’ve reviewed the policies carefully and feel that our enforcement action may have been in error, please follow the instructions provided in our notice to you to appeal our decision. You can also contact us here.

Change log

  • 9/22/2022 - Amended the smart-enabled devices policy to include criteria for the Two-Way Talk feature.
  • 3/11/2021 - Updates to smart-enabled devices policies, and alcohol, tobacco & drugs policies.
  • 1/11/2021 - Updates to Actions for Families policies.
  • 7/10/2020 - Restructured policy page moving certain policies under different categories. This includes moving Transactions and Promotion to Monetization and Ads, and creating new categories for Smart-Enabled Devices and User Experience. Added additional examples and context to all categories under Content Restrictions, Deceptive Behaviour and Intellectual Property. Expanded the Spam policy to include requirements for minimum functionality, and added a new policy on manipulated media. Added a new section outlining our enforcement process.
  • 10/8/2019 - Updated misleading claims policy.
  • 7/29/2019 - Made changes to the introduction to the Policies for Actions on Google, Child Safety, Financial Services, User Data, Actions for Families, and Transactions sections.
  • 5/7/2019 - Made changes to the transactions policy referencing App Actions.
  • 4/18/2019 - Made changes to health policy.
  • 2/6/2019 - Made changes to user experience policy and violence and dangerous activities.
  • 1/8/2019 - Made minor modifications to the Health policy, Transactions policy, Smart-Enabled device policy, Spam policy, and User Experience policy.
  • 11/6/2018 - Moved list of supported countries for Transactions to the corresponding guides.
  • 10/11/2018 - Updated AFF policy to cover additional locales.
  • 10/4/2018 - Updated Transactions policy to include digital goods, and included Google Sign-In as an option for Account Linking and Identity.
  • 9/25/2018 - Updated AFF policy to include new markets.
  • 9/6/2018 - Updated User Experience policy around implicit and explicit prompts, and made a correction to the transactions policy.
  • 7/17/2018 - Added a security vulnerability policy, and made small amendments to the Promotions policy, Transactions policy, Name requirements, and User Experience policy. In addition, we added an additional introductory language specifying our approach to enforcing our policies and developer communications.
  • 5/22/2018 - Amended the Violence and Dangerous Activities policy to prohibit Actions that facilitate the sale of explosives, weapons, firearms, and related components. We also expanded the availability of the Actions for Family program to include the United Kingdom, France, Italy, Germany, and Japan.
  • 3/27/2018 - Several new policies were added, including a Financial Services policy and Alcohol & Tobacco policy. The Home Automation policy was expanded and re-named the Smart-Enabled Devices policy. Re-formatting or minor changes were made to the Health policy, Transactions policy, User Data policy, and User Experience policy.
  • 2/1/2018 - User Experience, User-generated Content, Mature content, User Data (privacy), Update API (in spam policy), Emergency services apps policy added.
  • 10/4/2017 - The Illegal Activities, Health, Account Linking, Name Requirements, and Transactions sections were updated. The Children section was replaced with the new Apps for Families section.
  • 5/17/2017 - Changes were made to address several new features, including transactions, visual user interfaces, and smart home integrations. We added a policy relating to mature content warnings and clarified parts of the Naming, Directory Listing, and Promotion and User Experience sections.
  • 2/8/2017 - The Gambling, Other Restrictions, and User Experience sections were updated. Several policies were updated and consolidated under the new Naming, Store Listing, and Promotion section. There were also miscellaneous non-substantive changes.