FAQs: emails

  • Updated on Aug 31, 2025
  • Published on Apr 12, 2024
  • 2 minute(s) read
  • Deborah Landau
  • Jeff Aftel
 Prev Next

Technical

Does Gong import and/or ingest the full email or just the metadata?

Initially, we ingest just the metadata. Once the email is deemed to be relevant to customers (i.e. a company domain record exists in your CRM), the full body is ingested.

How can I make sure only relevant emails are imported?

Team members: Gong only imports emails sent from or to team members specified by administrators.

CRM match: Emails are imported only if senders or recipients belong to an organization in your CRM.

Exclusions: Administrators can block emails by subject line, domain, or individual address.

Manual removal: Team members can delete individual emails from Gong.


Gong provides multiple controls over which emails are imported:

  • Gong only imports emails for team members whose data capture settings are set to import emails

  • Gong only imports emails where at least one of the email participants belong to a company that appears in your CRM

  • Administrators can exclude emails based on subject line, domain, or individual addresses

  • Team members can delete individual emails from Gong

Inbound emails from an address that is not associated with a CRM contact or from a company that is a CRM contact, and that has more than 15 recipients is considered spam and won't be imported.

Who in Gong has access to our data?

Authorized Gong users have access to the emails under the relevant account (i.e., when selling to Company A, the email  appears in the timeline of Company A).

Access to Gong employees is provided on a need-to-know basis to relevant support, customer success, and engineering teams. We don’t yet have a method to request explicit authorization on a case-by-case basis.

Can we manage our data retention?

Contact your CSM or Gong support to set your data retention policies. You can also ask for specific data to be deleted if needed.

Can we import emails to Gong sent from external domains

Gong only imports emails that are sent to or from external domains that are also found in your CRM

Security

Where are emails stored in Gong?

Emails are stored in Gong's database and S3 storage, both on the N. Virginia AWS data center, encrypted in transit and at rest. Our security page has our general security and compliance information: https://www.gong.io/security/.

Can Gong make its SOC2 report available?

Yes, it can be sent to a customer after they sign an NDA.

What is your “Data Retention Policy” for the scoped data?

Our default data retention policy is keeping recordings, emails, and transcripts for three years.

Do you have an “Access Control Policy / Procedure”?

We define user roles. We also have permission profiles and credentials assigned to roles. These are defined by business need and are audited annually and when changed.

What encryption algorithm do you use?

We use AES 256, both in transit and at rest.

Related articles