Diving into the gem's source code, I now understand how it works: The variables you ask gon to pass on to your JS are tracked by the gem and inserted into a <script /> tag on your view rendered by the erb tag
<%= Gon::Base.render_data %>
which makes the gon object available across your JS since it injects it as a window property.
My question is, how good of practice is this? Quite frankly it seems a bit fishy to dynamically inject JS code into a site just to access some data from the server in the browser. Wouldn't it be a better practice to either
Just make the data available via an endpoint on the RoR server side and an AJAX call from the JS frontend.
Set the needed data on a cookie during the corresponding action on the RoR controller and just read it from the JS.