Google was hauled over the coals this week after The Wall Street Journal reported that it had given hundreds of app makers access to millions of inboxes belonging to Gmail users.
The Journal reported that users who signed up for "email-based services" like "shopping price comparisons" and "automated travel-itinerary planners" were most at risk of having their private messages read.
In response to the story, Google published a blog post on Tuesday describing how third-party developers have to go through an involved review process before they are given access to Gmail inboxes.
Suzanne Frey, Google Cloud's director of security, trust, and privacy, also said in the blog post that Gmail's 1.4 billion users held the keys to their own data and could control permissions.
Frey took pains to point out that Google itself does not read users' emails.
Gmail automatically processes emails to filter out spam and phishing messages, a practice Frey said had "caused some to speculate mistakenly that Google 'reads' your emails."
"To be absolutely clear: No one at Google reads your Gmail," she added, before listing the times Google does allow itself to have a peek at your inbox.
Frey said that was limited to "very specific cases," including when users give Google permission to access their messages and when the company needs to investigate a security issue like "a bug or abuse."
She did not offer more detail, however, meaning it's not clear whether Google has the power to probe Gmail problems without notifying a user. Google did not immediately respond to Business Insider's request for comment.
Frey concluded: "The work of privacy and security is never done, and we're always looking for ways to better protect our users."