The policy establishes specific child-directed data practices including parental notification, parental consent for data collection and direct communications, data minimization for children's data, and parental access and deletion rights for children's personal information.
This analysis describes what Disney+'s agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision describes COPPA-compliant practices for children under 13 in the United States, including the four procedural requirements of parental notice, verifiable parental consent, data minimization, and parental access and deletion rights. These practices govern children's data across Disney's extensive portfolio of child-oriented digital properties and applications.
Under this clause, parents or legal guardians of children interacting with Disney digital properties that collect children's personal information have rights to receive notice of data practices, provide or withhold consent, and request access to or deletion of their child's personal information. Some site features are age-gated and the policy states Disney does not knowingly collect personal information from children in connection with those features.
How other platforms handle this
You may make a verifiable consumer request related to your personal information twice per 12-month period.
Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.
When we rely on consent as the legal basis, you have the right to withdraw your consent for data processing at any time.
Monitoring
Disney+ has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"When we intend to collect personal information from children, we take additional steps to protect children's privacy, including: Notifying parents about our information practices with regard to children, including the types of personal information we may collect from children, the uses to which we may put that information, and whether and with whom we may share that information; In accordance with applicable law, and our practices, obtaining consent from parents for the collection of personal information from their children, or for sending information about our products and services directly to their children; Limiting our collection of personal information from children to no more than is reasonably necessary to participate in an online activity; and Giving parents access or the ability to request access to personal information we have collected from their children and the ability to request that the personal information be changed or deleted.— Excerpt from Disney+'s Walt Disney Company Privacy Policy
1) REGULATORY LANDSCAPE: This provision directly engages COPPA, enforced by the FTC, which requires verifiable parental consent before collecting personal information from children under 13, parental access and deletion rights, and data minimization. The EU's GDPR and UK GDPR also establish age-based consent thresholds that vary by member state, generally between 13 and 16. The Children's Privacy Policy referenced in this document provides additional detail for US practices. 2) GOVERNANCE EXPOSURE: Medium. Disney operates a large portfolio of child-oriented digital properties under brands such as Disney Junior, Disney Channels, and Disney+, making COPPA compliance a material operational obligation. The policy's reference to a separate Children's Online Privacy Policy indicates a layered notice structure, which is consistent with FTC guidance but requires that the supplemental policy be substantively adequate. 3) JURISDICTION FLAGS: US operations are subject to COPPA enforcement by the FTC. EU and UK operations are subject to GDPR and UK GDPR age-appropriate design requirements, including the UK ICO's Age Appropriate Design Code. Additional state-level children's privacy laws, including California's COPPA-analog statutes and the California Age-Appropriate Design Code Act, may impose additional requirements. 4) CONTRACT AND VENDOR IMPLICATIONS: Third-party service providers processing children's data on behalf of Disney entities must comply with COPPA's restrictions on secondary use and disclosure. The policy states that service providers are prohibited from using personal information for purposes other than those requested by Disney, which aligns with COPPA's operator accountability requirements for third-party disclosure. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should review whether age-gating mechanisms on child-oriented properties are operationally effective and whether verifiable parental consent mechanisms meet current FTC standards. The separate Children's Privacy Policy should be audited for substantive COPPA compliance across all applicable Disney digital properties. EU-facing properties should be assessed against the UK Age Appropriate Design Code and GDPR Article 8 age verification requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision describes COPPA-compliant practices for children under 13 in the United States, including the four procedural requirements of parental notice, verifiable parental consent, data minimization, and parental access and deletion rights. These practices govern children's data across Disney's extensive portfolio of child-oriented digital properties and applications.
Under this clause, parents or legal guardians of children interacting with Disney digital properties that collect children's personal information have rights to receive notice of data practices, provide or withhold consent, and request access to or deletion of their child's personal information. Some site features are age-gated and the policy states Disney does not knowingly collect personal information from children …
ConductAtlas has identified this type of provision across 287 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Disney+.