Disney+ added 64 sentences to its privacy policy on April 22, 2026, significantly expanding the scope and clarity of what information it collects and how it processes it. The new language explicitly states that the policy now covers data collected both online (on Disney+ sites and apps) and offline (in stores, theme parks, resorts, and cruise ships), and clarifies how Disney+ data collection interacts with third-party platforms and sites. The change makes clear that third-party sites may separately collect your information, that Disney+ privacy choices made on those platforms won't automatically apply to Disney+'s direct collection, and that Disney+ isn't responsible for other sites' privacy practices.
Disney+ now explicitly discloses that it collects and processes personal information not only when you use its digital services, but also when you visit Disney physical properties like theme parks, stores, resorts, and cruise ships, or call Disney guest centers. The updated policy clarifies that if you use Disney+ through a third-party platform (such as a mobile app store or smart TV ecosystem), that platform may separately collect your information independently of Disney+, and any privacy settings you configure on that third-party platform will not restrict how Disney+ itself uses the data it collects directly. You can review Disney+'s expanded privacy policy to understand what specific information is collected in physical properties and offline channels, and consider which data collection touchpoints apply to your use of Disney services.
The updated policy makes explicit that Disney collects personal information not only when you stream online, but also when you visit theme parks, stores, resorts, cruise ships, or call Disney guest centers. Understanding the full scope of collection is essential for consumers who visit multiple Disney properties or use Disney+ through third-party platforms, as the policy now clearly states that privacy settings configured on third-party sites will not apply to Disney+'s own collection.
→ Review the full updated Disney+ privacy policy to understand what offline data collection applies to your use of Disney services (theme parks, resorts, stores, cruise ships).
→ If you use Disney+ through a third-party platform or device, note that your privacy choices on that platform will not restrict how Disney+ uses data it collects directly.
→ You may be unaware of data collection occurring in Disney physical properties you visit, since it is now disclosed in the streaming service policy rather than separate property-level privacy notices.
→ If you have configured privacy settings on a third-party platform (such as a mobile app store or smart TV ecosystem) where Disney+ operates, those settings will not apply to data Disney+ collects directly through its own apps or channels.
Policy now explicitly states collection includes data from theme parks, resorts, stores, cruise ships, and call centers in addition to digital properties.
Clarifies that third-party platforms may separately collect data and that Disney+ privacy choices on third-party sites do not restrict Disney+'s use of data collected directly through Disney+ applications.
States that Disney+ is not responsible for privacy practices of linked sites and encourages users to review those sites' policies independently.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
Disney+ substantially expanded the stated scope of its privacy policy to encompass offline and physical property data collection alongside existing online collection. The change does not appear to alter the substantive data-handling practices, but rather formalizes and clarifies their scope in writing. This expansion may trigger review obligations for any organization that has contracted with Disney+ as a data processor, integrated Disney+ into customer loyalty programs, or manages vendor relationships that depend on clear data-handling boundaries. The change engages general privacy frameworks (GDPR, CCPA, state privacy laws) by enlarging the documented scope of processing, which may require corresponding updates to Data Processing Agreements, customer-facing privacy notices, or downstream vendor contracts if Disney+ is a material processor in a supply chain.
GDPR, CCPA/CPRA, state privacy laws (general scope/transparency provisions), FTC Act Section 5 (unfair or deceptive practices standard for privacy disclosures)
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-001374.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — WatcherDisney+ replaced its marketing homepage with a formal legal Subscriber Agreement covering Disney+, ESPN, and Hulu services. The new terms …
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.