Google has published a blog post in response to a The Wall Street Journal article which stated the company allows third-party developers to scan Gmail inboxes.
“We make it possible for applications from other developers to integrate with Gmail – like email clients, trip planners and CRM systems – so that you have options around how you access and use your email,” said Google.
The company said before any non-Google app which can access Gmail is published, it goes through a rigorous vetting process. The must:
- Accurately represent themselves. Apps should not misrepresent their identity and must be clear about how they are using your data.
- Only request relevant data. Apps should ask only for the data they need for their specific function.
Google said that users retain full control over who has access to their data at all times.
Before a non-Google app may access data, Google shows a permissions screen that displays the types of data the app can access and how it can use that data.
“In addition, we’ve long had data controls that you can use at any time to manage your information. For example, the Security Checkup shows all non-Google apps that have access to your data.”
“You can also view and control permissions within myaccount.google.com under Apps.”
For G Suite users, Google said admins can control which non-Google apps can access users data.