Gemini CLI: What exactly is collected and does it access all local files by default?

Hello :slight_smile: I’m excited to try out Gemini CLI, but I have some questions regarding privacy!
I referred to this page: gemini-cli/docs/tos-privacy.md at main · google-gemini/gemini-cli · GitHub

  1. Is the response to FAQ 1 “Is my code, including prompts and answers, used to train Google’s models?” the default setting for each authentication method?
  2. Regarding the FAQ 2 “What are “Usage Statistics” and what does the opt-out control?”, if users opt-out, can they prevent collection of any usage statistics, prompt, answer, response regardless of their authentication method? In other words, if the auth method (a) Google individual login user opted-out, does it prevent collection of every possible usage statistics and records?
  3. Adding on to question 2: FAQ 1 mentions prompts, answers, and related codes, but FAQ 2 only mentions prompts and answers as the target of opt-out. Are related codes collected regardless of the opt-out?
  4. (Not about data collection, but about data access) Does Gemini CLI have access to every file in my home directory? How can I restrict its access?

Thank you so much for your response in advace :slight_smile:

Hello,

Welcome to the Forum,

There are different authentication methods to use Gemini CLI. The links to privacy policy of each authentication method is available on this page itself. I would recommend going through the privacy policy and related documents for more clarity.

Hello! :blush:
Thank you so much for your response and the warm welcome.

I did take a close look at the privacy documents linked on the page—including the one at gemini-cli/docs/tos-privacy.md —and that’s actually what prompted my questions. I completely understand that different authentication methods may follow different privacy policies, but I was hoping to clarify some parts that weren’t fully clear even after reading the documents.

To restate more precisely, please refer to the note I made here:

Authentication Method :pink_heart: Opt-In (FAQ 1) :orange_heart: Opt-Out (FAQ 2) Code Collected if Opt-Out?
Google Account – Individual (Gemini for Individuals) Prompts, Answers, Code collected If opted out, prompts/answers not collected, telemetry off :yellow_heart: Not mentioned clearly
Google Account – Workspace / Enterprise No collection Opt-out only affects telemetry (prompts/answers never collected) Not collected
Gemini API Key – Unpaid Prompts, Answers, Code collected If opted out, prompts/answers not collected, telemetry off :yellow_heart: Not mentioned clearly
Gemini API Key – Paid No collection If opted-out, telemetry off. :green_heart: prompts logged briefly only for abuse detection Not collected
Vertex AI GenAI API No collection Opt-out only affects telemetry (prompts/answers never collected) Not collected

:pink_heart: 1. Is FAQ1 describing the setting when the user opts in for Usage Statistics for each authentication method? I’m a bit confused, as FAQ 1 makes it sound like the data collection rules are fixed and non-configurable, whereas FAQ 2 discusses an opt-out option.

:orange_heart: 2. Just to make sure, if a user opts out, is it guaranteed that no data—usage statistics, prompts, answers, or code—is collected or transmitted, regardless of authentication method?

:yellow_heart: 3. I also noticed that FAQ 2 only mentions prompts and answers, while FAQ 1 mentions prompts, answers, and code.
So I wanted to confirm:
:backhand_index_pointing_right: Even if I opt out, is “code” still collected as part of system usage?

:green_heart: 4. (This wasn’t in my original question) for Gemini API Key - Paid, it states that “This setting [opt-out] only controls the collection of anonymous telemetry. Google logs prompts and responses for a limited period of time, solely for the purpose of detecting violations of the Prohibited Use Policy and any required legal or regulatory disclosures.” Is the log collected regardless of opt-in/out, or is it only collected when opt-in? If it’s collected regardless of opt-in / opt-out, does it only apply to this authentication method or every method?

Thank you for reading such a long follow-up question. A clarification will be highly appreciated. Thank you for all your hard work!

Hello,

For detailed information regarding Gemini-CLI, you can raise you concern at Gemini CLI github.