The regulator has asked the company to provide better information to users about how personal data is used after changes were made to its policy.
ICO head of enforcement Steve Eckersley said ensuring data is processed fairly and transparently is a key requirement of the Data Protection Act (DPA).
“Whilst our investigation concluded that this case hasn’t resulted in substantial damage and distress to consumers, it is still important for organisations to properly understand the impact of their actions and the requirement to comply with data protection law," he said.
More on data privacy
According to the regulator, Google has signed a commitment to make more changes to its policy on privacy to meet the DPA. Changes must be implemented by June 2015 and the firm must make continued changes over the next two years.
"This investigation has identified some important learning points not only for Google, but also for all organisations operating online, particularly when they seek to combine and use data across services," said Eckersley.
"It is vital that there is clear and effective information available to enable users to understand the implications of their data being combined.”
The ICO states any company processing and collecting personal information must ensure information is lawfully processed, is accurate and is kept secure – in line with the principals of the DPA.
Following these demands, the Italian data protection watchdog gave the company 18 months to change the way it processes and stores user data. This was after France’s privacy watchdog, CNIL, fined Google €150,000 for failing to conform to local law regarding tracking and storing user information within the three-month deadline it had set.
Over the past year Google has been receiving requests to remove links to personal information from search results after Europe’s top court supported the controversial right to be forgotten in a landmark ruling.