Gmail collects 26 data points per app

Work apps are supposed to help you send mail, join meetings, and keep projects moving. But they also pull in a surprising amount of personal data — sometimes from the same phone you use for banking, maps, and family chats. That is the point of the new Incogni analysis making the rounds today: the privacy tradeoff in workplace software looks a lot more like consumer ad-tech than most people probably assume. The headline number is simple. Gmail topped the list at 26 declared data types, and the 10 workplace apps in the sample averaged 19 each. (helpnetsecurity.com) ### What exactly was measured? This was not a packet-sniffing teardown of live app traffic. Incogni pulled the privacy labels listed in Google Play on March 20, 2026, then compared 10 common workplace apps used across U.S. companies — including Gmail, Google Meet, Microsoft Teams, Zoom Workplace, Slac(helpnetsecurity.com) store disclosures, not a forensic audit of every byte moving off a phone. (helpnetsecurity.com) ### Why is Gmail the eye-catcher? Because 26 is the highest count in the group, and Gmail is not some obscure enterprise tool — it is one of the default work inboxes for millions of people. The data types tied to Gmail in the coverage include things like approximate location, app interactions, and use(helpnetsecurity.com)n footprint is broad. (helpnetsecurity.com) ### Is collection the same as sharing? No — and that distinction matters. Incogni’s dataset says the average app collected about 19 data types but shared around two with outside parties. Notion stood out on the sharing side, passing along eight data types, nearly half of what it collected. So one app can be the biggest collector, while another is more aggressive about sending information onward. (blog.incogni.com) ### Which apps sat near the top? The cluster at the high end was mostly Google and Microsoft. Gmail led with 26 declared data types, Microsoft Teams followed with 25, and Google Meet collected 21. Zoom Workplace and Microsoft Teams also stood out for collecting precise location — one of the more sensitive categories in the whole comparison. (blog.incogni.com) ### Why does this matter more at work? Because employees usually do not get a clean yes-or-no choice. If your company runs on Teams, Slack, Zoom, Gmail, or Notion, using the app is often part of doing your job. That makes the privacy bargain different from a social app you can just delete. The catch is that the phone(blog.incogni.com) personal-device privacy. (helpnetsecurity.com) ### Does this mean Gmail sells your email? That is too strong based on this research alone. The study is about declared categories of collected and shared data in Google Play labels. Google’s Gmail privacy help pages say Gmail collects things like performance data and crash analytics for reliability, (helpnetsecurity.com)ger point here is not one dramatic gotcha. It is the size of the metadata footprint around routine work. (support.google.com) ### So what should companies do with this? Treat app privacy labels as procurement data, not legal wallpaper. If two tools solve the same problem, the one collecting less or sharing less should get a serious look. IT teams should also separate “needed for the service” from “used for advertising or marketing,” especially on bring-y(support.google.com)ftware is already blurry. (blog.incogni.com) ### Bottom line? The news is not that Gmail suddenly became a surveillance app overnight. It is that a fresh comparison made the scale visible. Work software now lives inside much bigger data ecosystems — and once an app is required, privacy stops being a personal preference and becomes a workplace policy problem. (([blog.incogni.com)ion-privacy/))