23andMe · 23andMe Terms of Service

Minors and Authorized Representative Provisions

High severity
Share 𝕏 Share in Share 🔒 PDF

What it is

You must be at least 18 to use 23andMe, but parents or legal guardians can submit DNA samples on behalf of minors they are legally responsible for.

Consumer impact (what this means for users)

Parents can submit their minor children's DNA to 23andMe, but once collected, the child's genetic data is subject to all the same data retention, research sharing, and potential third-party transfer provisions as adult user data — with no mechanism for the child to independently revoke consent upon reaching adulthood.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Delete Your Data
    Parents or legal guardians can request deletion of a minor's genetic data through Account Settings. Adults whose data was collected as minors should review their account settings to confirm current data sharing preferences and request deletion if desired.

Cross-platform context

See how other platforms handle Minors and Authorized Representative Provisions and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Allowing minors' genetic data to be collected through parental consent creates long-term privacy risks for those minors, as they cannot independently consent or revoke consent until they reach adulthood, and their genetic data may remain in 23andMe's systems for decades.

View original clause language
You are at least 18 years old; Any sample you provide to 23andMe is either your own, or the sample of a minor for whom you are a parent or legal guardian, or the sample of a person for whom you are a legally authorized representative;

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: This provision implicates COPPA (15 U.S.C. §6501 et seq.) for users under 13, though the 18+ age gate and parental consent mechanism may affect direct COPPA applicability; GINA protections extend to minors; CCPA/CPRA (Cal. Civ. Code §1798.120) provides deletion rights that a minor's parent can exercise and that the minor may exercise upon reaching majority. The FTC is the primary COPPA enforcement authority. California AG enforces CCPA minor protections.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    FTC is the primary COPPA enforcement authority and has jurisdiction over collection and use of genetic data from or on behalf of minors.
    File a complaint →
  • State AG
    State Attorneys General enforce CCPA minor privacy protections and state-specific minor genetic data statutes.
    File a complaint →

Provision details

Document information
Document
23andMe Terms of Service
Entity
23andMe
Document last updated
April 29, 2026
Tracking information
First tracked
April 27, 2026
Last verified
April 27, 2026
Record ID
CA-P-003460
Document ID
CA-D-00147
Evidence Provenance
Source URL
https://www.23andme.com/legal/tos/
Wayback Machine
View archived versions →
SHA-256
16a44b36aa17e55ddf47ae29310c84ef467de0a10b43cf99d04895259b10a9f1
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: 23andMe | Document: 23andMe Terms of Service | Record: CA-P-003460
Captured: 2026-04-27 13:25:11 UTC | SHA-256: 16a44b36aa17e55d…
URL: https://conductatlas.com/platform/23andme/23andme-terms-of-service/minors-and-authorized-representative-provisions/
Accessed: May 2, 2026
Classification
Severity
High
Categories
Unknown

Other provisions in this document