CA-C-002221
Google Gemini — Gemini Apps Privacy Notice
Entity
Date detected
May 21, 2026
Effective date
May 19, 2026
Severity
Direction
Neutral
Affected users
all users gemini apps users gemini spark users avatar creators
Taxonomy
Disclosure requirement change
Changes
+36 sentences added · −2 sentences removed · 40 sentences modified
Share 𝕏 Share in Share 🔒 PDF
Watch Google Gemini Get alerts when this policy changes.
Watch — Free

Event Summary

Google Gemini updated its privacy notice on May 19, 2026 to add new disclosure sections, clarify how data collection works with new features like Gemini Spark and Avatars, and refine language around data use and retention. The notice now explicitly describes how the platform collects information about AI reasoning steps, distinguishes between different Connected Apps scenarios, and adds a section on avatar creation data. The operational difference is that users now have more detailed disclosure of what data types are collected and how specific features process information.

MEDIUM

Consumer Impact

The updated notice adds new disclosure sections explaining how data flows when using Gemini Spark (remote browser and computer access), how avatar creation collects and processes information, and clarifies that Google collects information about AI reasoning steps during task execution. The notice also refines language around subscription information to specify 'Google AI plan' rather than just generic 'paid subscription.' These changes do not establish new obligations but rather expand the transparency disclosures provided to users about existing and new features.

Governance Analysis

The updated notice expands transparency around two new Gemini capabilities (Spark with remote access and Avatars) and clarifies that data collection includes information about AI reasoning and task execution steps. This allows users to understand what data flows occur when using these features, though it does not establish new user controls or opt-out mechanisms for the disclosed practices.

Historical Context

ConductAtlas has recorded 4 material changes to this document over 58 days of monitoring (since March 2026). An additional minor or cosmetic changes were excluded.

2 of Google Gemini's significant changes have been classified as negative for consumers.

Key Clauses Affected

Gemini Spark remote access disclosure

New section explicitly describes data collection when using remote browser and remote computer access features.

Avatar creation data handling

New section discloses what data is collected when users create avatars in Gemini Apps.

AI reasoning steps disclosure

Updated language clarifies that Google collects information about AI model thinking steps and task execution processes.

Full clause-by-clause analysis available with Compliance.
These clauses may change again. Get alerted when they do. Watch Google Gemini — Free

This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology

Evidence Verification

✓ Verified
Previous Version
fd7b22574b5472e2537590bed94350cbb806c45779e9cd61cffb084c5622084c
May 13, 2026 00:38 UTC
✓ Verified
Current Version
ca3c9d24a964a9cc2b9bac79956c41492a0a81414d39f223c6b1a931a910d512
May 21, 2026 00:40 UTC
✓ Verified
Change Detected
May 21, 2026 00:40 UTC
Analysis Methodology
Citation Record
Entity: Google Gemini
Document: Gemini Apps Privacy Notice
Record ID: CA-C-002221
Captured: 2026-05-21 00:40:21 UTC
URL: https://conductatlas.com/change/2026-05-21-google-gemini-gemini-apps-privacy-notice-2221/
Accessed: July 8, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
For legal and compliance teams

Institutional Analysis

Assessment

This update primarily represents enhanced privacy notice transparency rather than new operational obligations. Google has added disclosures for two new Gemini features (Spark with remote access capabilities and Avatars) and clarified the scope of data collection related to AI reasoning. Organizations using Gemini in their infrastructure should review whether these new feature disclosures affect their own privacy notices or data processing agreements, particularly if they reference Gemini's practices or offer Gemini to users. No new contractual obligations appear to be imposed on third parties, but DPAs may benefit from review if they contain feature-specific carve-outs or limitations.

Regulatory Exposure

GDPR (Article 13/14 transparency requirements), CCPA (California Consumer Privacy Act disclosure requirements), EU AI Act (transparency regarding AI systems and their outputs). The enhanced disclosures about AI reasoning steps and remote access features may engage regulatory transparency requirements in multiple jurisdictions.

Full compliance analysis

Obligation analysis, escalation trigger, board language, and recommended action.

Monitor $19/mo Compliance $249/mo

Monitor: regulatory citations + obligations. Compliance: full compliance memo.

ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002221.

Clause-Level Changes

New Provisions Added
Three-Year Reviewer Retention After Deletion
High

This reveals that user deletion requests do not actually remove data from reviewer systems, creating a significant privacy gap between user expectations and actual data retention practices.

Full clause text available with Compliance. See Compliance →
Gemini Output Accuracy Disclaimer
Low

This new disclaimer addresses AI hallucination risks and reinforces the human review warning by explicitly cautioning users not to share sensitive information.

Full clause text available with Compliance. See Compliance →
Jurisdiction-Specific Privacy Rights
Low

This addition acknowledges jurisdiction-specific privacy regulations (likely GDPR, CCPA, and similar laws) and informs users of their rights to access, correct, delete, and export personal data.

Full clause text available with Compliance. See Compliance →
Provisions Removed
Data Collected by Gemini Apps
Medium

The removal of detailed collection practices disclosure reduces transparency about the scope of data collection, including location information and usage metrics.

Removed clause text available with Compliance. See Compliance →
Conversation Data Retention Period
Medium

The removal of specific retention timeframes and the clarification that turning off Activity prevents model training use reduces transparency about actual data handling practices.

Removed clause text available with Compliance. See Compliance →
Provisions Modified
Human Reviewer Access to Conversations
High

Removed privacy protections (disconnecting from Google Account), removed mention of Google employees/contractors specificity, and added explicit statement that reviewers access conversations regardless of Activity setting status.

Before/after clause text available with Compliance. See Compliance →
Use of Conversations for AI Model Training
Medium

Expanded scope to explicitly mention AI model improvement, added clarification about conversation history feature, and added information about ability to opt-out via Gemini Apps Activity.

Before/after clause text available with Compliance. See Compliance →
Minor User Restrictions and Age Requirements
Medium

Changed minimum age from 13 to alignment with Google Account management age, and raised minimum age in some countries from undefined 'minors' status to explicit 18.

Before/after clause text available with Compliance. See Compliance →
Data Sharing with Third Parties
Medium

Broadened scope from extension-specific sharing to all third-party sharing governed by Google Privacy Policy, and added explicit mention of sharing with Google affiliates.

Before/after clause text available with Compliance. See Compliance →
Gemini Apps Activity Controls and Opt-Out
Medium

Removed detailed description of on/off behavior and retention periods, added explicit limitation that the setting does not affect data usage across other Google products.

Before/after clause text available with Compliance. See Compliance →

Cross-platform context

See how other platforms handle similar provisions across the ConductAtlas archive.

Compare across platforms → Browse regulations →

Full Changes

See the full side-by-side comparison of every sentence added, removed, and modified.

🔒 Full diff — Monitor

Document Context

Version history → Policy drift analysis → Document page →
Document
Gemini Apps Privacy Notice
Entity
Google Gemini
Captured
May 21, 2026
Source URL
https://support.google.com/gemini/answer/13594961
Other changes to Gemini Apps Privacy Notice
Previous change May 13, 2026
Google Gemini updated its privacy notice on May 13, 2026 to expand the stated purpose of personalizing user experience. The …
Low Neutral
Next change May 24, 2026
Google Gemini updated its privacy notice on May 24, 2026 with two minor language corrections. The first change fixed the …
Low Neutral
View full version history →
More from Google Gemini
Jul 1, 2026 Medium
Gemini Apps Privacy Notice

Google updated its Gemini Apps Privacy Notice on July 1, 2026 to reflect expanded data collection and processing practices. The …

May 24, 2026 Low
Gemini Apps Privacy Notice

Google Gemini updated its privacy notice on May 24, 2026 with two minor language corrections. The first change fixed the …

May 13, 2026 Low
Gemini Apps Privacy Notice

Google Gemini updated its privacy notice on May 13, 2026 to expand the stated purpose of personalizing user experience. The …

Track Google Gemini policy changes

Get alerted when this policy changes again — including what changed and why it matters.

Prefer a weekly summary instead?

Get the biggest policy changes across 352+ platforms every Sunday.