Gemini Spark Privacy Review for Solo Freelancers

Google announced Gemini Spark at I/O on May 19, 2026 as a 24/7 personal AI agent that takes action on your behalf inside Gmail, Docs, Drive, and other Workspace apps. For a solo freelancer juggling client briefs, NDAs, and invoicing, an autonomous assistant that opens a remote browser session logged into your accounts is either a productivity unlock or a confidentiality landmine. The privacy hub Google updated the same day spells out what Spark sees, stores, and shares — and the answers matter. Our short verdict: use with caution, and not on accounts that hold paid client material.

What Gemini Spark does with your data

Spark is a beta feature inside the Gemini app that runs a remote browser and a remote computer environment to complete tasks for you. According to the Gemini Apps Privacy Hub (retrieved 2026-06-01, last updated by Google on 2026-05-19), the feature is only available when your Keep Activity setting is on, meaning Google retains the interaction history that powers Spark’s memory across sessions. To understand how we evaluate AI tools like this one, here is what we found in the policy as written.

The remote browser ingests information from your browser session, including cookies that carry your website authentication state, page content, and anything sitting in tabs Spark visits while logged into your accounts. The remote computer environment saves and executes .md files, code, and other task-related artefacts, and Google specifically warns that this saved information can include data you consider sensitive when it comes from sources like Personal Intelligence or Connected Apps. The hub describes these inputs as inseparable from Spark’s job, not as an opt-in extra.

The Privacy Hub also confirms that Spark may share necessary task information with other services and third parties, and that this can include your name, address, or information you find sensitive sourced from your Connected Apps or remote computer files. Human reviewers from Google or its service providers see some Gemini Apps data to improve the underlying machine-learning models, and the broader Gemini Apps Privacy Notice asks you not to enter confidential information you would not want a reviewer to read. Spark inherits that warning because it processes the same data pipeline.

Retention works through two layers. The remote computer pool keeps task artefacts so Spark can pick up where it left off in a future chat, and you control its lifespan inside Spark settings. The remote browser pool keeps your authentication state for the same reason. Turning Spark off purges both pools immediately and signs you out of every site Spark logged into on your behalf. Your chats themselves stay in Gemini Apps Activity until you delete them separately, and that activity log is what powers Spark’s memory of you across sessions. The Hub also notes that Spark only functions when Keep Activity is on, so the feature is structurally incompatible with the privacy-minded freelancer’s instinct to disable that history.

What this means for solo freelancers

Three realistic scenarios make the abstract policy concrete:

• Client onboarding via Gmail. You ask Spark to draft a kickoff reply that pulls context from a thread containing a signed NDA. Spark logs into Gmail through the remote browser, ingests the thread’s page content and any authentication cookies, and may surface that material in future chats. Based on the policy as written, an NDA clause forbidding processor-style sharing with unnamed third parties is hard to reconcile with the disclosure that Spark shares necessary task info with other services and third parties.
• Drive folder summarisation. You point Spark at a client’s Drive folder containing draft contracts. The remote computer saves task artefacts, and Google flags that this can include sensitive Connected App data. Once your engagement ends, the only way to scrub it is to delete remote computer data inside Spark settings — your client cannot audit that step themselves.
• EU client work. Spark is provided by Google Ireland Limited in the EEA. The policy does not commit to a processor-only role for Spark output, and human reviewers may see data to improve ML models. Based on the policy as written, that posture sits uncomfortably with a controller-processor data processing addendum where your client is the controller.

None of these scenarios are theoretical edge cases. They are the daily work of a solo consultant — and they all run through the same pipeline that Google has openly told you trains its models and is reviewed by humans on a sampling basis. A solo freelancer’s exposure is structurally higher than an enterprise user’s, because the freelancer rarely has a Data Protection Officer to negotiate carve-outs, rarely has the budget for an enterprise Workspace tier with admin-level Spark controls, and almost always operates under one Google identity that mixes personal admin with paid client material.

The novelty here is the agentic surface, not the underlying privacy posture. Google’s data practices for consumer Gemini have been public for two years, and a freelancer who has accepted them for chat-style prompting is not facing new policy. What is new is the breadth of access Spark needs to do its job. A chat prompt can leak whatever you paste. An agent that runs a remote browser logged into your accounts can leak whatever your accounts can see — for as long as Spark holds those session cookies. That order-of-magnitude shift is the reason the risk calculus changes for client work, even though the headline privacy notice has not changed.

How to use it safely

If you decide to try Spark, the following settings matter more than the marketing claims:

1. Create a dedicated Google account for Spark experiments. Do not connect it to your primary Workspace identity used for client work. The remote browser stores authentication cookies for sites you log into during Spark sessions — a separate account compartmentalises that exposure.
2. Turn off Personal Intelligence and any Connected Apps you do not strictly need before you grant Spark autonomy. Each Connected App expands the data Spark may pull and share with third parties to complete tasks.
3. Inside Gemini Apps Activity, set the shortest retention window your account allows (Google offers 3-month and 18-month options across regions). Keep Activity must be on for Spark to function, but retention duration is configurable.
4. Review your Spark schedules weekly. Schedules persist when you turn Spark off and resume automatically when you turn it back on — a forgotten weekly summarisation task can quietly run against client material long after you stopped paying attention.
5. Never paste a client NDA, raw payment data, medical record, or signed contract into a Spark prompt. Use Spark for public research and your own admin only.

Privacy-friendlier alternatives

Gemini Spark replaces a Workspace-centred workflow. The alternatives below address the same productivity needs without the same data-sharing default:

• Proton Mail Business + Proton Drive. End-to-end encrypted email and storage, headquartered in Switzerland, with no AI training on user content. Plans start around 7 EUR per user per month for the Mail Essentials tier and 13 EUR for the full Business bundle including Drive, VPN, and Pass. Best fit: freelancers who want a clean Workspace replacement and need the marketing argument of encrypted client storage.
• 1Password Business. Removes the most dangerous Spark exposure — authentication cookies for client sites — by keeping logins inside a zero-knowledge vault that does not require a 24/7 agent to access your accounts. Pricing around 8 USD per user per month. Best fit: any freelancer running multiple client logins who wants to retire the temptation of agent-style autologin.
• Bitwarden Premium. Open-source password manager at 10 USD per year for individuals, 4 USD per user per month for teams. Best fit: freelancers who want auditable code, self-hosting option, and minimal monthly cost. Pair it with manual Workspace use for sensitive client work.

Pick the alternative that matches the bottleneck Spark was supposed to solve. If the appeal was speed, manual Workspace with a strong password manager and disciplined templates closes most of the gap without surrendering control of your authentication state to a beta agent.

The verdict

FAQ

Does Gemini Spark train on my prompts?

The Gemini Apps Privacy Notice that governs Spark says Google processes user data to maintain and improve services and to develop new services, and that human reviewers see some Gemini Apps data to improve underlying machine-learning technologies. Spark inherits this pipeline because it runs inside the Gemini Apps service. Based on the policy as written, prompts you give to Spark are part of the data used to improve Google’s models, with the warning to not enter confidential information.

Is Gemini Spark safe for client work under GDPR?

This is not legal advice — only a policy-as-written reading. Spark is provided by Google Ireland Limited in the EEA, and the Gemini Apps Privacy Notice supplements the Google Privacy Policy. The Hub does not commit Spark to a processor-only role and does not surface a standard data processing addendum tailored to the agentic feature. Based on the policy as written, a freelancer acting as a processor for an EU client controller carries documentable risk if Spark touches that controller’s data without a signed DPA naming the Spark-specific processing.

Can I use Spark for HIPAA-covered data?

No, not in its current form. Google Workspace offers HIPAA-aligned configurations under a Business Associate Agreement for specific Workspace services, but the Gemini Apps Privacy Hub treats Spark as a beta feature with its own data flows, including third-party sharing and remote computer storage. Based on the policy as written, Spark sits outside the Workspace BAA scope, and a freelancer in a healthcare-adjacent role should not route protected health information through Spark.

What happens to my data if I turn Gemini Spark off?

Per the Gemini Apps Privacy Hub, turning Spark off deletes remote browser data and remote computer data immediately and pauses your schedules and tasks without deleting them. Your Gemini chats stay in Gemini Apps Activity until you delete them separately. If you turn Spark back on, paused schedules and tasks resume automatically, which is worth knowing if a forgotten weekly task is still queued against an old client folder.

Does Gemini Spark store my client’s website logins?

Effectively yes, for the duration of a session. The Hub states that the remote browser processes browser session information, including cookies that contain website authentication info, and page content from sites Spark visits. You can clear this by deleting remote browser data inside Spark settings, which signs you out of all sites in the remote browser. Until you do, those cookies persist inside Google’s remote session for use in future Spark chats.

Is Gemini Spark different from Gemini 3.5 or Gemini Live?

Yes. Gemini 3.5 is the underlying model Google announced at I/O 2026. Gemini Live is a conversational voice and video mode. Gemini Spark is the agentic feature that uses a remote browser and remote computer to act on your behalf 24/7. They share a privacy notice, but Spark has its own dedicated section in the Hub because it processes browser cookies and saves executable files in a way the other modes do not.

Sources

• Gemini Apps Privacy Hub — support.google.com/gemini/answer/13594961 (retrieved 2026-06-01, Google last updated 2026-05-19)
• Google Workspace AI Privacy — workspace.google.com/security/ai-privacy (retrieved 2026-06-01)
• Google Privacy Policy — policies.google.com/privacy (effective 2026-04-02, retrieved 2026-06-01)
• Google I/O 2026 announcement of Gemini Spark — blog.google/products-and-platforms/products/workspace/workspace-updates (published 2026-05-19)

[INTERNAL_LINK_TO_CLUSTER_ai-privacy-reviews]

Reviewed by Jérémy, founder of AidTaskPro and GreenBudgetHub. Based in central France. Privacy posture sourced from public policies and vendor documentation as of 2026-06-01.