Google Gemini · Gemini Apps Privacy Notice

Gemini Extensions Data Sharing with Third Parties

High severity
Share 𝕏 Share in Share 🔒 PDF

What it is

If you connect Gemini to third-party extensions (apps), your conversations and data from your Google services like Gmail may be shared with those third parties under their own privacy policies.

Consumer impact (what this means for users)

This provision means that when you use Gemini with third-party extensions, your private Gmail messages, Google Drive files, and conversation content may be shared with external companies outside Google's privacy framework. Each third party's data handling is governed by their own terms, which users must separately review.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Delete Your Data
    Go to myaccount.google.com, navigate to Data & Privacy, then Third-party apps & services, and review and disconnect any Gemini Extensions you do not want to share data with. Review each connected app's own privacy policy.

Cross-platform context

See how other platforms handle Gemini Extensions Data Sharing with Third Parties and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Enabling Gemini Extensions can expose the contents of your email, documents, or other Google services to third-party companies whose privacy practices may be far less protective than Google's.

View original clause language
If you use Gemini Extensions, your conversations, including relevant information about your Google services (like your Gmail or Google Drive), may be shared with the third-party services you've connected. Third-party extensions are governed by the terms and privacy policies of those third parties, not by Google's privacy policies.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: Implicates GDPR Art. 26 (joint controllers) and Art. 28 (processor obligations) where third-party extension providers process EU user data; Art. 13/14 transparency requirements for third-party data sharing; CCPA §1798.115 (right to know about third-party disclosures). FTC Act Section 5 applies to inadequate disclosure of data flows to third parties. Electronic Communications Privacy Act (ECPA) may apply to sharing of Gmail content with third parties. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    The FTC oversees third-party data sharing practices and can act under Section 5 where consumers are not adequately informed about data flows to third-party extension providers.
    File a complaint →

Provision details

Document information
Document
Gemini Apps Privacy Notice
Entity
Google Gemini
Document last updated
April 29, 2026
Tracking information
First tracked
April 28, 2026
Last verified
April 28, 2026
Record ID
CA-P-003713
Document ID
CA-D-00326
Evidence Provenance
Source URL
https://support.google.com/gemini/answer/13594961
Wayback Machine
View archived versions →
SHA-256
333227d9766dd13895a3d262b607f6646ab2b0e7443bb18fc220b2f501d68d01
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Google Gemini | Document: Gemini Apps Privacy Notice | Record: CA-P-003713
Captured: 2026-04-28 05:22:13 UTC | SHA-256: 333227d9766dd138…
URL: https://conductatlas.com/platform/google-gemini/gemini-apps-privacy-notice/gemini-extensions-data-sharing-with-third-parties/
Accessed: May 2, 2026
Classification
Severity
High
Categories
Unknown

Other provisions in this document