Google was hauled over the coals this week for reportedly giving hundreds of app makers access to millions of inboxes belonging to Gmail users.
The Wall Street Journal reported that users who signed up for "email-based services" like "shopping price comparisons," and "automated travel-itinerary planners" were most at risk of having their private messages read.
In response to the story, Google published a blog on Tuesday detailing how third-party developers have to go through an involved review process before they are given access to Gmail.
Suzanne Frey, Google Cloud's director of security, trust, and privacy, also said that Gmail's 1.4 billion users hold the keys to their own data and can control permissions.
In the same piece, Frey was at pains to point out that Google itself does not read user emails.
Gmail automatically processes emails to filter out spam and phishing messages, which Frey said had "caused some to speculate mistakenly that Google 'reads' your emails."
"To be absolutely clear: No one at Google reads your Gmail," she added, before immediately listing the times Google does allow itself to have a peek at your inbox.
Frey said it is limited to "very specific cases." These include when users give Google permission to access their messages, and when the company needs to investigate a security issue, such as a bug or "abuse."
She did not offer more detail than this, however, meaning it's not clear whether Google has the power to probe Gmail problems without notifying a user. Business Insider contacted Google for comment.
Frey concluded: "The work of privacy and security is never done, and we’re always looking for ways to better protect our users."