Sandboxed Google Play Profile Questions

On Graphene OS, if you decide to use sandboxed Google play, doesn’t this mean that Google servers can read your signal messages by way of notifications? Without Google Play Services installed, Signal supports its own notifications, but my understanding is that it (and other apps) will use Google Play Services for notifications if available.

I know you can isolate profiles, but realistically, this is a headache to manage. For example, you have a profile with Google Play Services and Android Auto so you can drive with it, but if you want to check a signal message you have to switch profiles while driving - which is not very practical.

Profile isolation seems only useful if you have a narrow one or two necessary apps that require Google Play Services. But even then, the process of signing into those apps is a big headache since you likely need to access a password manager, a 2FA app, a confirmation text message, an email activation link, and soon enough your secondary profile looks identical to your real profile.

So how do you practically use Sandboxed Google Play Services without giving away key privacy gains (like the ability for Google servers to read your notifications)? Or am I misunderstanding something?

Signal implements their notifications so that Googles notification system only notifies the signal app that there is a new message and the app fetches the message content from the signal server itself, so no message content is pushed via google.

For usability I have Mail, Calendar and Password manager installed in all profiles (I use Owner, Private Space and a 2nd Profile). Private Space also adds much to usability compared to a 2nd profile and with GrapheneOS you can also disable clipboard sharing and put the profile fully at rest without a reboot if you want to.

GrapheneOS also allows Notification forwarding to another profile, but I don’t know the full capabilities of that since I don’t use it.