Calm may transfer your personal data to another company if Calm is acquired, merges, or sells its assets, even if that company has different privacy practices.
This analysis describes what Calm's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
In a corporate transaction, your personal data including sensitive wellness and mood data could be transferred to a new entity whose privacy practices you have not agreed to.
If Calm is sold or merges with another company, your personal data including sleep habits, mood check-ins, and health app data may be transferred to the acquiring entity as part of that transaction.
How other platforms handle this
By using our Services, you agree to be bound by this Privacy Policy.
By issuing a chargeback or refund request for Premium subscriptions paid for through a third party, you agree to allow Telegram to release necessary data to that third party regarding your account status and Telegram Premium purchases.
We may disclose certain information, in connection with or during negotiations or closing of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Monitoring
Calm has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"In connection with any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company;— Excerpt from Calm's Calm Privacy Policy
(1) REGULATORY LANDSCAPE: Asset transfer clauses in privacy policies are reviewed by the FTC under its authority over unfair or deceptive practices, and by GDPR supervisory authorities where EU/UK user data is involved. GDPR generally requires that data transfers to new controllers maintain adequate protections and that users be notified of changes to the data controller. CPRA similarly requires that consumers' rights be honored by successor entities. (2) GOVERNANCE EXPOSURE: Medium. This is a standard clause across consumer technology platforms, but its significance is elevated here given the sensitive nature of the data Calm holds (sleep, mood, health app data). The policy does not commit to notifying users in advance of a transfer or providing an opt-out mechanism in connection with a corporate transaction. (3) JURISDICTION FLAGS: EU/EEA and UK users: a change of data controller requires legal basis re-evaluation and potentially fresh consent depending on the nature of the new controller's intended processing. California users: CPRA rights must be honored by successor entities. The absence of an explicit notice or opt-out commitment in connection with a transaction creates exposure in these jurisdictions. (4) CONTRACT AND VENDOR IMPLICATIONS: Due diligence in M&A contexts should include a data asset inventory confirming the sensitivity and volume of personal data that would transfer, the applicable regulatory obligations, and any consent dependencies that could affect data usability post-transaction. (5) COMPLIANCE CONSIDERATIONS: Legal teams should assess whether the policy's general notice of potential asset transfer is sufficient under applicable law, particularly GDPR's controller change requirements. A specific notification and re-consent protocol for corporate transactions involving sensitive personal data should be considered.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
In a corporate transaction, your personal data including sensitive wellness and mood data could be transferred to a new entity whose privacy practices you have not agreed to.
If Calm is sold or merges with another company, your personal data including sleep habits, mood check-ins, and health app data may be transferred to the acquiring entity as part of that transaction.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Calm.