CA-C-001884
Headspace — Headspace Privacy Policy
Entity
Date detected
March 19, 2026
Effective date
March 19, 2026
Severity
Low
Direction
Neutral
Affected users
all users EU users US users California residents
Changes
+4 sentences added · −23 sentences removed · 44 sentences modified
Share 𝕏 Share in Share 🔒 PDF
Watch Headspace Get alerts when this policy changes.
Watch — Free

Event Summary

Headspace restructured its privacy policy on March 19, 2026, removing the detailed table of contents and adding navigation links to related privacy documents including a Consumer Health Data Privacy Policy and HIPAA Notice of Privacy Practices. The previous version organized privacy disclosures under ten numbered sections (Collection, Use, Sharing, Security, Rights, Children's Privacy, Cookies, Changes, and Contact). The updated version removes this structural organization, integrating related policies through links instead of a single comprehensive document.

LOW

Consumer Impact

Headspace reorganized how it presents privacy information on March 19, 2026. Rather than a single policy with ten numbered sections covering data collection, use, sharing, security, rights, children's privacy, cookies, and contact information, the updated structure directs users to separate documents: a Consumer Health Data Privacy Policy, a HIPAA Notice of Privacy Practices, and a Cookie Policy. The substantive privacy disclosures and protections described in these sections remain available but are now distributed across multiple linked documents rather than consolidated in one location.

Governance Analysis

The updated privacy policy structure changes how users navigate privacy disclosures and obligations. Rather than consulting a single numbered policy, users seeking information about data collection, retention, security, children's privacy, or their own rights must now reference multiple linked documents. This change is operationally significant for compliance teams monitoring Headspace as a vendor, as privacy obligations are now distributed across at least three separate documents (main privacy policy, Consumer Health Data Privacy Policy, HIPAA Notice), requiring verification that all linked disclosures are accessible and complete.

Available Actions

Review the linked Consumer Health Data Privacy Policy if you use Headspace for health-related purposes

Consult the HIPAA Notice of Privacy Practices if your data may be subject to HIPAA protections

Bookmark or bookmark the navigation links to all three privacy documents for future reference

If No Action Is Taken

Users may not discover privacy disclosures specific to health data processing if they do not access the separate Consumer Health Data Privacy Policy

Those with HIPAA-protected information may miss important protections disclosed only in the HIPAA Notice of Privacy Practices if they rely solely on the main privacy policy

Key Clauses Affected

Policy Structure Reorganization

Removed unified table of contents; introduced separate Consumer Health Data Privacy Policy and HIPAA Notice instead of single comprehensive policy

Health Data Privacy Disclosure

Added explicit link to separate Consumer Health Data Privacy Policy, indicating health data processing is now documented in a dedicated policy

HIPAA Notice Integration

Added link to HIPAA Notice of Privacy Practices, suggesting Headspace may process protected health information subject to HIPAA requirements

Full clause-by-clause analysis available with Compliance.
These clauses may change again. Get alerted when they do. Watch Headspace — Free

This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology

Evidence Verification

✓ Verified
Previous Version
ccdbbe1ba5ddb987597677360d152550ff821f494d6efc235e3e9ee3eb12d839
April 11, 2026 06:05 UTC
✓ Verified
Current Version
70ba5fe181c5fc1d9105f94805d1ec3845f2d05da03e65eb2d9b4879c8852e72
March 19, 2026 14:57 UTC
✓ Verified
Change Detected
March 19, 2026 14:57 UTC
Analysis Methodology
✓ Verified
Source Document
https://www.headspace.com/privacy-policy
Citation Record
Entity: Headspace
Document: Headspace Privacy Policy
Record ID: CA-C-001884
Captured: 2026-03-19 14:57:18 UTC
URL: https://conductatlas.com/change/2026-03-19-headspace-headspace-privacy-policy-1884/
Accessed: July 1, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
For legal and compliance teams

Institutional Analysis

Assessment

This change restructures the architecture of privacy disclosure rather than materially altering substantive privacy rights or obligations. Headspace removed a single-document table of contents and introduced navigation links to separate policies including a Consumer Health Data Privacy Policy and HIPAA Notice. Organizations that monitor Headspace's privacy compliance posture should note that detailed privacy obligations may now be distributed across multiple documents rather than consolidated in a single policy. This affects how privacy obligations are tracked and indexed but does not appear to eliminate or restrict previously disclosed privacy rights. Compliance teams should verify that all linked policies are accessible and that the consolidated privacy obligations remain transparent to users.

Regulatory Exposure

HIPAA (to the extent Headspace processes protected health information), GDPR (EU users), CCPA (California residents), FTC Act Section 5 (unfair or deceptive practices related to privacy disclosures)

Full compliance analysis

Obligation analysis, escalation trigger, board language, and recommended action.

Monitor $19/mo Compliance $249/mo

Monitor: regulatory citations + obligations. Compliance: full compliance memo.

ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-001884.

Full Changes

See the full side-by-side comparison of every sentence added, removed, and modified.

🔒 Full diff — Monitor

Document Context

Version history → Policy drift analysis → Document page →
Document
Headspace Privacy Policy
Entity
Headspace
Captured
March 19, 2026
Source URL
https://www.headspace.com/privacy-policy
Other changes to Headspace Privacy Policy
Next change Mar 31, 2026
Headspace reorganized its privacy policy with a clearer table of contents and restructured 45 existing sentences for readability. The company …
Low Neutral
View full version history →
More from Headspace
Jun 24, 2026 Unknown
Headspace Privacy Policy
Jun 24, 2026 Unknown
Headspace Terms and Conditions
Apr 19, 2026 Low
Headspace Privacy Policy

Headspace's privacy policy footer was reorganized on April 19, 2026. Navigation links were moved and reformatted, but the substantive privacy …

Related Analysis
Privacy · April 22, 2026
Netflix Updated Terms Authorize Voice Data Collection: April 2026

Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the …

Privacy · April 21, 2026
What TikTok Actually Collects Beyond Your Videos

TikTok's data collection extends to device sensors, clipboard content, geolocation, and cross-site tracking. Here is what their Privacy Pol…

Privacy · April 16, 2026
What Google Actually Knows About You

Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.

Track Headspace policy changes

Get alerted when this policy changes again — including what changed and why it matters.

Prefer a weekly summary instead?

Get the biggest policy changes across 320+ platforms every Sunday.