By Darren Waters
Technology editor, BBC News website
Google's online influence worries some privacy campaigners
Peter Fleischer said the company "could do better" with policy statements that explained why user information was sometimes shared with third parties.
Mr Fleischer said Google would never give "identifiable personal data" to third parties, including advertisers.
A working party of European Information Commissioners has written to Google to ask the firm to explain why it holds on to users' web history data for up to two years.
Google has said it would respond by the end of June.
There is also growing concern from privacy campaigners over the implication of Google's proposed purchase of advertising firm DoubleClick.
The ad company helps link up advertising agencies, marketers and web site publishers hoping to put adverts online.
Campaigners argue that the two firms will have an unprecedented amount of information on users' web-surfing habits.
In an interview with the BBC News website, Mr Fleischer said: "The general principle is that we are going to maintain the privacy of our users; that is pretty fundamental.
"We will never transfer to third parties, including advertisers, any personally identifiable information about our users.
"Our goal is to be as transparent as possible with our users when it comes to privacy. That transparency builds trust and we will succeed or fail on whether our users trust us."
But he admitted two elements of the policy statement needed attention.
Those elements stated:
We may also share information with third parties in limited circumstances, including when complying with legal process, preventing fraud or imminent harm, and ensuring the security of our network and services.
"There is a constant process of trying to be clear with language and improve notices," said Mr Fleischer.
"We ought to be able to do better than that now that you have drawn my attention to that particular clause," he said, referring to the first clause.
After being questioned on the second element, he said: "It is kind of vague. I wish we could do better on that one."
Mr Fleischer said Google shared data with third parties when it outsourced a part of its operation.
"The clause essentially says that if we hire outsourcing functions to provide something like virus scanning or security models, we at Google would still be responsible for the privacy practices for our end users."
He said the clause also covered the movement of data between Google Inc, the US-registered company, and its affiliates, such as Google in the UK.
"There are some very limited circumstances in which we would share user data with third parties. One of them would be if we were under a legal order from the police to do so.
He added: "Very rarely there will be a case where the police say someone is in actual danger and needs our help.
"We have had a case when someone was kidnapped and Gmail was being used for a hostage ransom demand. These are incredibly rare situations.
"We are not going to hide behind procedures."
Mr Fleischer said the company would also share user data with third-party security experts if Google was the subject of a massive hacker attack.
"This is purely hypothetical but we might need to share user data with security experts to find out who is hacking, and where is this coming from."