WASHINGTON/SAN FRANCISCO (Reuters) – Alphabet Inc’s Google defended how it polices third-party add-ons for Gmail in a letter to U.S. senators made public on Thursday, saying that upfront review catches the “majority” of bad actors.

Google said it uses automated scans and reports from security researchers to monitor third parties with access to Gmail data, but gave no details on how many add-ons have been caught violating its policies.

Google’s privacy practices have been under growing scrutiny. The Senate Commerce Committee has a hearing scheduled for Sept. 26 to question Google, Apple Inc, AT&T Inc, Twitter Inc about their consumer data privacy practices.

Gmail, the Google email service used by 1.4 billion people, enables add-on developers access to users’ emails and the ability to share that data with other parties as “long as they are transparent” with users about how they are using data and get consent, Google said in the letter.

For instance, a program that logs receipts could be allowed to scan Gmail as it searches for receipts.

The company did not immediately respond to a request for comment.

The chairman of the Senate committee, Senator John Thune, and two other Republicans wrote Google in July to ask questions, saying that while no allegations of abuse similar to Facebook’s data sharing with Cambridge Analytica have been raised, “the reported lack of oversight from Google to ensure that Gmail data is properly safeguarded is cause for concern.”

Google’s letter made public on Thursday did not directly answer questions about instances in which apps may have improperly shared user data.

“When we detect anomalous behavior, we investigate. And when we suspend apps, we warn users to remove the apps’ access to their data,” the letter said.

In June 2017 Google said it would stop scanning Gmail content to provide personalize ads, saying it was making the change in the interests of privacy and security.