⚠ Key Privacy Concerns

On the consumer Gemini Apps, conversations are saved by default and used to improve Gemini and Google's machine-learning technologies, and a subset is sent to human reviewers, which is why the Gemini Apps Privacy Hub warns you not to enter confidential information. The Keep Activity control lets you turn training off and shorten or disable retention, but it is not zero retention: chats with Keep Activity off are still kept for 72 hours, and any chat that was selected for human review can be retained for up to three years separately, even after you delete your activity. Google states Gemini Apps chats are not currently used to show ads, but your Gemini use still sits inside Google's larger account and advertising ecosystem. Automated assessment, as of June 27, 2026.

What Should I Do?

Pick the row that matches you. The settings paths below are current as of the May 2026 policy versions; Google moves menu labels around, so if a label has changed, look for the closest equivalent under Gemini Apps Activity or your Google Account.

👤 Everyday user

Personal Google account, casual Gemini use
  1. Decide on saving and training: open Gemini Apps Activity at myactivity.google.com and turn Keep Activity off if you do not want chats saved or used to improve Gemini.
  2. If you keep activity on, shorten retention: the default auto-delete is 18 months; you can change it to 3 months (or 36, or off).
  3. Understand "off" is not zero: chats with Keep Activity off are still retained for 72 hours, and submitting feedback re-shares the last 24 hours of chats.
  4. Never paste full names, account numbers, medical details, passwords, or anything you would not want a human reviewer to read.
  5. For a truly sensitive one-off question, use Gemini while signed out (not tied to your account) or use a temporary chat.

💼 Business / professional user

Client data, internal docs, regulated info
  1. Do not run client or regulated data through consumer Gemini on a personal Google account. The default saves chats, a subset goes to human reviewers, and reviewed chats can persist up to three years.
  2. Use Gemini under a Google Workspace (work or school) account where the enterprise terms and admin controls govern, and confirm with your administrator how Gemini is configured.
  3. Get and keep the applicable Workspace data-protection terms or DPA before sending any third-party or personal data.
  4. Map Connected Apps and the Gemini in Chrome integration: connectors can receive conversation context, and Chrome can read the page content and URL of your current tab. Disable what you do not need.
  5. If you are a lawyer, accountant, or clinician, treat consumer Gemini as a public channel for confidentiality purposes until enterprise terms are in place.

⚠ Already affected

Exposed, banned, or data already shared
  1. Document everything now: screenshots, dates, the exact data involved, and any Google emails. You cannot demand what you cannot describe.
  2. Delete what you can in Gemini Apps Activity and keep proof, then file a formal access or deletion request through Google's privacy tools and keep the confirmation.
  3. Know the hard limits: deleting activity does not delete chats already selected for human review (retained up to three years), and deletion does not pull data out of a model already trained on it.
  4. If you believe your data was exposed, or that a rights request was ignored, a written demand letter is often the next lever.
  5. For a California resident, the CCPA/CPRA framework gives access, deletion, and limit-use rights, and a private right of action for certain breaches.

⚠ The 3-year reality

"I deleted it" does not always mean "it is gone." The Gemini Apps Privacy Hub states that chats reviewed by human reviewers are not deleted when you delete your activity and are retained for up to three years (disconnected from your account). Your ordinary chats follow your Keep Activity auto-delete schedule, but a chat that happened to be selected for review can outlive your deletion by years. Plan as if anything sensitive you typed could be read by a person and kept for a long time.

Want the formal-demand route? See my AI training-data-use demand letter templates and CCPA/CPRA privacy-rights demand letters.

Data They Collect

Everything Google gathers through Gemini and combines across its services.

📊 Data Collection Scope (25%) 28/100

What they collect: Your Gemini Apps conversations (text, and for Gemini Live, recordings and transcripts), plus related signals like your language, device type, location info, and feedback. The Google Privacy Policy states Google may use information it collects across its services and devices, so Gemini activity sits alongside the rest of your Google account data.

👥 Third-Party Sharing (20%) 30/100

Who the policy says can get your data: the Privacy Policy describes providing personal information to affiliates and other trusted businesses to process it for Google based on its instructions, sharing for legal reasons, and (for Gemini specifically) trained reviewers at service providers, with chats disconnected from your account before being sent. Connected Apps and the Gemini in Chrome feature add further data flows.

🕐 Retention & Deletion (20%) 35/100

How long: With Keep Activity on, the default auto-delete is 18 months (changeable to 3 or 36 months, or off). With Keep Activity off, chats are still kept for 72 hours. The hardest item: chats selected for human review are retained for up to three years and are not deleted when you delete your activity. And once data has shaped a model, that influence is not cleanly reversible.

☑ User Control & Consent (15%) 38/100

Your control: Real controls exist (Keep Activity on/off, auto-delete period, delete individual activity, signed-out use), but they are spread across Google's dashboards, and turning off Keep Activity still leaves a 72-hour window and a feedback exception. There is no consumer control that removes already-reviewed chats before the three-year period ends.

🔒 Security & Breach (10%) 40/100

Security: Google's infrastructure is mature and well resourced. As with any large platform, the methodology assumes incidents are possible and scores on whether the design limits the blast radius. The concern here is concentration: combining Gemini activity with the rest of a Google profile means a single exposure touches a lot.

🔍 Transparency & Access (10%) 28/100

Clarity: Understanding what actually happens requires reading the main Google Privacy Policy, the Gemini Apps Privacy Hub, and several help-center articles, with the operative retention and review rules split across them. The cross-referenced structure is a transparency cost, even though the individual statements are reasonably clear once you find them.