Coinbase and its third-party partners use cookies and tracking technologies to collect information about how you use the platform, including your device, IP address, and browsing activity.
This analysis describes what Coinbase's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Tracking technologies may be used by advertising and analytics partners to build profiles of user behavior on and potentially beyond the Coinbase platform, and users in some jurisdictions have the right to opt out of non-essential tracking.
Current version explicitly mentions third-party service providers and tracking technologies like web beacons, removes reference to 'referring URLs' and 'usage patterns/interactions,' and adds 'pages visited' and 'browsing activity.'
View full change record →The policy states that device identifiers, IP address, browser type, operating system, and pages visited are collected via cookies and web beacons, and that third-party service providers have access to this information, which may be used for analytics and marketing purposes.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
Monitoring
Coinbase has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We and our third-party service providers use cookies, web beacons, and similar tracking technologies to collect information about your use of our Services, including your browsing activity, device identifiers, IP address, browser type, operating system, and pages visited.— Excerpt from Coinbase's Coinbase Privacy Policy
REGULATORY LANDSCAPE: EU and UK cookie use is governed by the ePrivacy Directive and national implementing laws, requiring informed consent for non-essential cookies prior to placement. The GDPR's requirements for consent quality apply to cookie consent mechanisms. California CPRA treats certain cookie-based data sharing as a sale or sharing of personal information subject to opt-out rights. The FTC Act governs deceptive practices in online tracking disclosures. GOVERNANCE EXPOSURE: Medium. Cookie consent mechanisms must meet the GDPR standard of freely given, specific, informed, and unambiguous consent. Pre-ticked boxes or consent bundled with terms of service acceptance do not meet this standard. The operational adequacy of Coinbase's cookie consent implementation cannot be fully assessed from the policy text alone. JURISDICTION FLAGS: EU and UK users require a functioning consent mechanism with the ability to reject non-essential cookies. California residents may opt out of sharing via the Global Privacy Control signal, which CPRA requires covered businesses to honor. US states including Colorado, Connecticut, and Virginia have enacted privacy laws requiring opt-out of targeted advertising using tracking data. CONTRACT AND VENDOR IMPLICATIONS: Third-party analytics and advertising vendors receiving cookie data must be identified in a cookie notice and governed by appropriate data sharing or service provider agreements. If cookie data is shared for purposes constituting cross-context behavioral advertising, CPRA service provider restrictions apply. COMPLIANCE CONSIDERATIONS: A cookie audit should identify all first and third-party cookies, categorize them by purpose, and confirm that the consent mechanism blocks non-essential cookies prior to user acceptance. Global Privacy Control signal compliance should be tested and documented for California users. Cookie notices should be updated to reflect the current list of analytics and advertising partners.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Tracking technologies may be used by advertising and analytics partners to build profiles of user behavior on and potentially beyond the Coinbase platform, and users in some jurisdictions have the right to opt out of non-essential tracking.
The policy states that device identifiers, IP address, browser type, operating system, and pages visited are collected via cookies and web beacons, and that third-party service providers have access to this information, which may be used for analytics and marketing purposes.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Coinbase.