American generally does not collect personal data from children under 13, but does collect travel and safety information about minors when required by law or necessary for their transport, and parents can request deletion by emailing privacy@aa.com.
This analysis describes what American Airlines's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Because airline travel legally requires collection of certain personal data for minors, including passport and identification information, children's data is routinely processed even where general COPPA-style restrictions would otherwise apply.
If you travel with a child or book travel for a minor, their personal information including identification and travel details will be collected and retained as required for transportation and legal compliance, and parents can request deletion of any data collected without consent.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
American Airlines has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"American does not knowingly collect personal information directly from children – persons under the age of 13, or another age if required by applicable law – other than when required to comply with the law or for safety and security reasons. Due to the nature of our Services, we may collect travel information, which may include personal information, about children when it is required to comply with the law, including federal aviation or security regulations, as otherwise required to provide transportation needs and services, or for safety or security reasons. If you are a parent or guardian of a child who has provided personal information without your knowledge and consent, you may request we remove this child's information by emailing us at privacy@aa.com.— Excerpt from American Airlines's American Airlines Privacy Policy
REGULATORY LANDSCAPE: COPPA applies to online collection of personal information from children under 13 and requires verifiable parental consent prior to collection where American's services are directed at or knowingly collect data from children. The policy acknowledges a carve-out for legally required data collection, which aligns with COPPA's exception for collection necessary to protect child safety or comply with legal obligations. FTC is the primary COPPA enforcement authority. GDPR Article 8 sets the age of digital consent at 16 in most EU member states, with lower thresholds permitted. GOVERNANCE EXPOSURE: Low to Medium. The policy's carve-out for legally required travel data collection for minors is consistent with COPPA's exemptions, but the breadth of travel data collected about children, including health information and biometric data in some contexts, warrants assessment of whether additional consent or notice requirements apply where data collection exceeds the minimum required for transportation. JURISDICTION FLAGS: EU/EEA jurisdictions impose stricter age-based consent requirements under GDPR Article 8 and national implementing laws. California's CPRA and the California Age-Appropriate Design Code may impose additional requirements for services that are reasonably likely to be accessed by minors. The FTC's COPPA enforcement is the primary U.S. framework. CONTRACT AND VENDOR IMPLICATIONS: Third parties that process children's travel data, such as identity verification or government customs platforms, should be assessed for COPPA and GDPR age-specific compliance. Parental consent mechanisms for optional program enrollments such as AAdvantage junior memberships should be reviewed. COMPLIANCE CONSIDERATIONS: Legal teams should confirm that data collected about minors in connection with travel is limited to what is legally required and does not include optional categories such as behavioral tracking or marketing profiling without explicit parental consent. The deletion request mechanism via email should be evaluated for accessibility and response time compliance.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Because airline travel legally requires collection of certain personal data for minors, including passport and identification information, children's data is routinely processed even where general COPPA-style restrictions would otherwise apply.
If you travel with a child or book travel for a minor, their personal information including identification and travel details will be collected and retained as required for transportation and legal compliance, and parents can request deletion of any data collected without consent.
ConductAtlas has identified this type of provision across 2 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by American Airlines.