This analysis describes what Ancestry's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The clause establishes the scope of data recipients beyond Ancestry itself, defining categories of entities (affiliates and service providers) that may access personal information and specifying that aggregated or de-identified information is excluded from restrictions on third-party sharing.
The updated Privacy Statement clarifies what uses of Ancestry services are permitted and prohibited, establishes that photo face-grouping in your gallery requires your express consent, and introduces SMS messaging as a communication channel for future opt-in communications. The statement now covers Ancestry, AncestryDNA, and Related Brands under a unified framework while noting that other services operated by the company use separate privacy statements. The removal of 'uploaded DNA data' from the account creation section reflects a narrowing of that specific provision's scope, though genetic information processing remains described elsewhere in the policy. You can review the full updated statement to understand how your personal information will be processed and manage your communication preferences when SMS opt-ins become available.
View change record →California residents lose direct navigation to the CCPA-mandated 'Do Not Sell or Share My Personal Information' disclosure page from Ancestry's privacy footer. While California law requires the company to honor data sale opt-out requests, removing the link reduces visibility and accessibility of this right. California residents can locate this right by searching Ancestry's website or contacting the company directly, but the removal creates an additional barrier to exercising a legally protected option.
View change record →Users' personal information may be accessed by Ancestry's corporate affiliates and third-party service providers involved in service delivery and marketing functions. The terms do not restrict sharing of aggregated or de-identified data, which the provision indicates cannot reasonably identify individuals.
How other platforms handle this
We may share personal information with third-party service providers and partners who support our business operations, including identity verification providers, payment processors, analytics providers, marketing partners, and blockchain analytics companies.
You may elect to use or integrate platforms, add-ons, services, or products not provided by Exafunction ("Third-Party Platforms") (e.g. User IDE's, Web Search, MCP Servers) subject to your agreement with the relevant provider and not this Agreement. We do not control nor shall we have liability for ...
We receive some of the data mentioned above from third parties... If you connect your Spotify account to a third party application, service or device, we may collect and use information from them. This collection is to make the integration possible... We work with technical service partners that giv...
Monitoring
Ancestry has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may share your personal information with our parent company, subsidiaries, and affiliated companies for the purposes described in this Privacy Statement. We do not sell personal information to third parties. We may share personal information with trusted third-party service providers who help us operate, provide, improve, integrate, customize, support, and market our services. We may also share aggregated or de-identified information that cannot reasonably be used to identify you.— Excerpt from Ancestry's Ancestry Privacy Statement
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The clause establishes the scope of data recipients beyond Ancestry itself, defining categories of entities (affiliates and service providers) that may access personal information and specifying that aggregated or de-identified information is excluded from restrictions on third-party sharing.
Users' personal information may be accessed by Ancestry's corporate affiliates and third-party service providers involved in service delivery and marketing functions. The terms do not restrict sharing of aggregated or de-identified data, which the provision indicates cannot reasonably identify individuals.
ConductAtlas has identified this type of provision across 6 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Ancestry.