We make it possible for applications from other developers to integrate with Gmail—like email clients, trip planners and customer relationship management (CRM) systems—so that you have options around how you access and use your email. We continuously work to vet developers and their apps that integrate with Gmail before we open them for general access, and we give both enterprise admins and individual consumers transparency and control over how their data is used.

You can visit the Security Checkup to review what permissions you have granted to non-Google apps, and revoke them if you would like. For G Suite users, admins can control which non-Google apps can access their users’ data through whitelisting.

Keeping your data secure is our top priority, so we want to provide you with details about our vetting process and user controls for both enterprise and consumer accounts:





Giving consumers choice and protecting them from malicious or deceptive apps

A vibrant ecosystem of non-Google apps gives you choice and helps you get the most out of your email. However, before a published, non-Google app can access your Gmail messages, it goes through a multi-step review process that includes automated and manual review of the developer, assessment of the app’s privacy policy and homepage to ensure it is a legitimate app, and in-app testing to ensure the app works as it says it does.

In order to pass our review process, non-Google apps must meet two key requirements:

Accurately represent themselves: Apps should not misrepresent their identity and must be clear about how they are using your data. Apps cannot pose as one thing and do another, and must have clear and prominent privacy disclosures.

Only request relevant data: Apps should ask only for the data they need for their specific function—nothing more—and be clear about how they are using it.

We review non-Google applications to make sure they continue to meet our policies, and suspend them when we are aware they do not.





You control your data

Transparency and control have always been core data privacy principles, and we're constantly working to ensure these principles are reflected in our products.

Before a non-Google app is able to access your data, we show a permissions screen that clearly shows the types of data the app can access and how it can use that data.

We strongly encourage you to review the permissions screen before granting access to any non-Google application.