diff --git a/pkg/controllers/secrets.go b/pkg/controllers/secrets.go
index 8947c325..68e578c7 100644
--- a/pkg/controllers/secrets.go
+++ b/pkg/controllers/secrets.go
@@ -398,11 +398,13 @@ func PrepareSecrets(dopplerSecrets map[string]string, originalEnv []string, pres
 			}
 			// then use existing env vars
 			for name, value := range existingEnvKeys {
-				if preserveEnv != "true" && !utils.Contains(secretsToPreserve, name) {
+				_, isDopplerSecret := secrets[name]
+				preserveEnvVar := preserveEnv == "true" || utils.Contains(secretsToPreserve, name)
+				if isDopplerSecret && !preserveEnvVar {
 					continue
 				}
 
-				if _, found := secrets[name]; found {
+				if isDopplerSecret {
 					utils.LogDebug(fmt.Sprintf("Ignoring Doppler secret %s", name))
 				}
 				secrets[name] = value
diff --git a/tests/e2e/run.sh b/tests/e2e/run.sh
index 9536c2bf..bf169ab8 100755
--- a/tests/e2e/run.sh
+++ b/tests/e2e/run.sh
@@ -140,4 +140,16 @@ beforeEach
 value="$(TEST="foo" "$DOPPLER_BINARY" run --preserve-env="INVALID" -- printenv TEST)"
 [[ "$value" == "abc" ]] || error "ERROR: existing env var not ignored when preserve-env flag passed list of nonexistent secret names"
 
+beforeEach
+
+# verify preserve-env flag preserves env vars that aren't Doppler secrets
+value="$(NOT_DOPPLER_SECRET="foo" "$DOPPLER_BINARY" run --preserve-env="TEST" -- printenv NOT_DOPPLER_SECRET || true)"
+[[ "$value" == "foo" ]] || error "ERROR: existing env var not preserved when preserve-env flag passed unrelated secret name"
+
+beforeEach
+
+# verify preserve-env flag preserves env vars that aren't Doppler secrets when passing false
+value="$(NOT_DOPPLER_SECRET="foo" "$DOPPLER_BINARY" run --preserve-env=false -- printenv NOT_DOPPLER_SECRET || true)"
+[[ "$value" == "foo" ]] || error "ERROR: existing env var not preserved when preserve-env flag passed false"
+
 afterAll