If you sign into Medium using Google, Facebook, or another third-party account, Medium receives personal information from that service about you, such as your name and email address.
This analysis describes what Medium's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Linking a third-party account to Medium means that data flows from that platform to Medium, potentially expanding the scope of personal information Medium holds about you beyond what you provided directly.
Removal of explicit provision on third-party linked account data collection eliminates transparency about OAuth and social login data sharing practices.
View full change record →Signing in with Google or Facebook means Medium receives your name, email, and potentially other profile data from those platforms, which is then incorporated into Medium's own data processing under this privacy policy.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
Medium has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If you connect a third-party service to your Medium account (for example, if you sign in using Google or Facebook), we will receive information about you from that service, such as your name, email address, and profile picture, in accordance with the authorization procedures of that service.— Excerpt from Medium's Medium Privacy Policy
REGULATORY LANDSCAPE: Collection of personal data from third-party platforms implicates GDPR Articles 13 and 14, which require transparency about the sources from which personal data is obtained. Under CCPA, data collected from third-party sources must be included in the categories of personal information disclosed to California residents. The FTC has enforcement authority where data collection from linked accounts exceeds what users reasonably expect. GOVERNANCE EXPOSURE: Low to Medium. The provision is standard for platforms that support third-party authentication, but the scope of data received from linked accounts depends on the authorization scope granted at sign-in and may not be fully transparent to users. JURISDICTION FLAGS: EU/EEA users should be aware that data received from Google or Facebook is subject to Medium's GDPR obligations as a data controller. The authorization scope granted during OAuth-style sign-in may vary by platform and user settings. CONTRACT AND VENDOR IMPLICATIONS: This provision does not create direct B2B compliance obligations but may be relevant for organizations whose employees use Google Workspace or other federated identity systems to access Medium. COMPLIANCE CONSIDERATIONS: Users who want to limit the data Medium receives from third-party platforms should consider creating a Medium account with a standalone email address rather than using social sign-in. Compliance teams should review what authorization scopes Medium requests during OAuth flows and whether they are proportionate to the data processing purposes described in this policy.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Linking a third-party account to Medium means that data flows from that platform to Medium, potentially expanding the scope of personal information Medium holds about you beyond what you provided directly.
Signing in with Google or Facebook means Medium receives your name, email, and potentially other profile data from those platforms, which is then incorporated into Medium's own data processing under this privacy policy.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Medium.