If you sign into Medium using Google, Facebook, or another third-party account, Medium receives personal information from that service about you, such as your name and email address.
This analysis describes what Medium's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Linking a third-party account to Medium means that data flows from that platform to Medium, potentially expanding the scope of personal information Medium holds about you beyond what you provided directly.
Signing in with Google or Facebook means Medium receives your name, email, and potentially other profile data from those platforms, which is then incorporated into Medium's own data processing under this privacy policy.
How other platforms handle this
We (or third parties acting on our behalf) may receive or collect additional information about you from public databases, partners, social media platforms, conference hosts, event companies, and other third parties that supplement the information we collect directly or automatically as described abo...
Anthropic obtains personal data from third party sources in order to train our models. Specifically, we train our models using data from the following sources: Publicly available information via the Internet; Datasets that we obtain through commercial agreements with third party businesses; Data tha...
When you visit the Careers portion of our websites, we collect the information that you provide to us in connection with your job application. This includes but is not limited to business and personal contact information, professional credentials and skills, educational and work history and other in...
Monitoring
Medium has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If you connect a third-party service to your Medium account (for example, if you sign in using Google or Facebook), we will receive information about you from that service, such as your name, email address, and profile picture, in accordance with the authorization procedures of that service.— Excerpt from Medium's Medium Privacy Policy
REGULATORY LANDSCAPE: Collection of personal data from third-party platforms implicates GDPR Articles 13 and 14, which require transparency about the sources from which personal data is obtained. Under CCPA, data collected from third-party sources must be included in the categories of personal information disclosed to California residents. The FTC has enforcement authority where data collection from linked accounts exceeds what users reasonably expect. GOVERNANCE EXPOSURE: Low to Medium. The provision is standard for platforms that support third-party authentication, but the scope of data received from linked accounts depends on the authorization scope granted at sign-in and may not be fully transparent to users. JURISDICTION FLAGS: EU/EEA users should be aware that data received from Google or Facebook is subject to Medium's GDPR obligations as a data controller. The authorization scope granted during OAuth-style sign-in may vary by platform and user settings. CONTRACT AND VENDOR IMPLICATIONS: This provision does not create direct B2B compliance obligations but may be relevant for organizations whose employees use Google Workspace or other federated identity systems to access Medium. COMPLIANCE CONSIDERATIONS: Users who want to limit the data Medium receives from third-party platforms should consider creating a Medium account with a standalone email address rather than using social sign-in. Compliance teams should review what authorization scopes Medium requests during OAuth flows and whether they are proportionate to the data processing purposes described in this policy.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Linking a third-party account to Medium means that data flows from that platform to Medium, potentially expanding the scope of personal information Medium holds about you beyond what you provided directly.
Signing in with Google or Facebook means Medium receives your name, email, and potentially other profile data from those platforms, which is then incorporated into Medium's own data processing under this privacy policy.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Medium.