[kmlx]

https://support.google.com/mail/answer/10434152?hl=en

> We do not scan or read your Gmail messages to show you ads If you have a work or school account, you will never be shown ads in Gmail.

> When you use your personal Google account and open the promotions or social tabs in Gmail, you'll see ads that were selected to be the most useful and relevant for you. The process of selecting and showing personalized ads in Gmail is fully automated. These ads are shown to you based on your online activity while you're signed into Google, however we do not process email content to serve ads.

[clnq]

I know a company that once worked on an unannounced product, X, a few years ago. At the time, you could Google "who made X," and Google would correctly show you that company. It was a start-up size business using GSuite, so far too unlikely to be a lucky guess by Google.

This caused no damage as the public needed to know what X was to Google it, and it was unannounced. But it was suspicious. Either Google was scanning GSuite Gmail or Drive accounts, or perhaps someone stored a document on or sent an email to a personal Google account with some keywords. How these things happen is always very opaque with companies like Google.

[zeven7]

Our maybe an internal page was accidentally externally accessible, someone internal visited it in Chrome, and the URL got added to the list of things to scrape.

[erosenbe0]

I've see this without Gsuite vector. Could be employees logged in to personal device and leaking through those interactions. Or email to external investors, consultants, or contractors? Send something out to your external translation or localization team, ad agency, or copy editor? Difficult not to have some leakage.

[clnq]

All of these could be true. However, the start-up was using GSuite a lot. It constituted about 90% of the company's interactions with Google. It's impossible to certainly know what happened since Google can't be asked where it got its data.

[Scoundreller]

What about the meta data?