Headspace updated their Headspace Privacy Policy on June 24, 2026. Change detected: 1 sentence(s) modified. Document contained 360 sentences after update.
Impact assessment pending documentation review.
Institutional analysis pending. This change has been verified and documented.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
Headspace now explicitly references a separate Consumer Health Data Privacy Policy for state-regulated consumer health data, creating a dual-track governance framework distinct from HIPAA coverage.
New consolidated provision provides jurisdiction-agnostic privacy rights enumeration (access, correction, deletion, restriction, objection, portability, consent withdrawal) with direct exercise mechanism.
New provision establishes English-language precedence and translation disclaimer, potentially limiting liability for non-English translation inaccuracies.
This provision was replaced with more detailed 'Third-Party Advertising and Analytics Data Sharing' provision that explicitly characterizes the practice as potential CCPA/CPRA 'sale' or 'sharing'.
Removal of CPRA-specific provision suggests consolidation into jurisdiction-neutral 'User Privacy Rights and Data Subject Requests' provision rather than state-specific enumeration.
Removal of GDPR-specific provision indicates shift to jurisdiction-agnostic privacy rights language in consolidated provision, potentially reducing explicitness of European regulatory obligations.
Absence of explicit data retention policy in current version may indicate removal or relocation to separate policy document, reducing transparency about retention timelines.
Removal of cross-border data transfer provision eliminates explicit disclosure of international data movement mechanisms and legal frameworks.
Removal of policy change notification provision eliminates explicit user notification mechanisms for privacy policy updates.
Severity downgraded from high to medium and provision expanded with detailed HIPAA coverage explanation and reference to additional Care Provider privacy notices.
Provision now includes specific enumerated examples of sensitive data categories (physical health, medications, emotional state, stress levels) with explicit mental health information specification.
New provision explicitly identifies data sharing categories (advertising technology vendors, analytics providers, social media platforms) and explicitly references CCPA/CPRA 'sale' or 'sharing' classification.
Provision significantly expanded with detailed age restriction statement, affirmative guidance to children, and explicit deletion protocol for inadvertently collected child data.
Provision now includes specific enumerated cookie purposes (login recognition, preference retention, third-party advertising delivery, usage analytics, product improvement) with formal term definition.
Cross-platform context
See how other platforms handle similar provisions across the ConductAtlas archive.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorHeadspace's privacy policy footer was reorganized on April 19, 2026. Navigation links were moved and reformatted, but the substantive privacy …
Headspace removed two footer navigation links from their Terms and Conditions page on April 19, 2026. The "Site Sitemap" and …
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.