Comcast Privacy Policy

This is Comcast's Xfinity Privacy Policy, explaining what personal data Xfinity collects about you when you use internet, TV, mobile, home security, or voice services — including your location, browsing habits, TV viewing history, voice commands, and financial information. The single most important thing to know is that Xfinity shares your data across its entire family of companies (including NBCUniversal and Sky) and with third-party advertisers, but you can opt out of targeted advertising and certain data sharing through the Xfinity Privacy Center at xfinity.com/privacy. Visit xfinity.com/privacy/your-privacy-choices to review your opt-out options, especially if you live in California, Maine, Washington, or another state with enhanced privacy rights.

This document is the Xfinity Privacy Policy (effective November 17, 2025), governing Comcast's collection, use, disclosure, and retention of personal information across Xfinity-branded, Comcast-branded, and Xumo-branded services, websites, mobile apps, and devices, with its legal basis rooted in the Cable Communications Policy Act (CPPA/Cable Act, 47 U.S.C. § 551), CPNI rules under the Communications Act, COPPA, and applicable state privacy statutes. The policy creates significant obligations including mandatory opt-in consent for sharing sensitive personal information, opt-out rights for targeted advertising and data sale under state laws, and data subject access/deletion rights for residents of California, Colorado, Connecticut, Delaware, Iowa, Maine, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, Virginia, Washington, Nevada, and EEA/UK/Switzerland jurisdictions. Notable deviations from typical ISP privacy policies include explicit acknowledgment of cross-family sharing across NBCU, Sky, and other Comcast-related businesses, collection of highly granular data categories including location, voice commands, TV viewing history, financial information, biometric-adjacent data, and Wi-Fi network details, and the application of state-specific privacy regimes to residents across 18+ states simultaneously. The policy engages CPPA/Cable Act (47 U.S.C. § 551), CPNI (47 C.F.R. Part 64), COPPA (15 U.S.C. § 6501), CCPA/CPRA (Cal. Civ. Code § 1798.100 et seq.), Maine Broadband Privacy Law (Me. Rev. Stat. Title 35-A § 9301), Washington My Health Data Act, EU GDPR, UK GDPR, and numerous state consumer privacy acts; material compliance considerations include managing divergent opt-in versus opt-out consent standards across jurisdictions, cable subscriber data protections for television viewing data, and cross-border data transfer mechanisms for EEA/UK users.