Disney+ · Walt Disney Company Privacy Policy · View original document ↗

Children's Privacy and Parental Consent

Medium severity High confidence Explicitdocumentlanguage Common · 287 of 352 platforms
Share 𝕏 Share in Share 🔒 PDF
Monitor governance changes for Disney+ Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

The policy establishes specific child-directed data practices including parental notification, parental consent for data collection and direct communications, data minimization for children's data, and parental access and deletion rights for children's personal information.

This analysis describes what Disney+'s agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision describes COPPA-compliant practices for children under 13 in the United States, including the four procedural requirements of parental notice, verifiable parental consent, data minimization, and parental access and deletion rights. These practices govern children's data across Disney's extensive portfolio of child-oriented digital properties and applications.

Consumer impact (what this means for users)

Under this clause, parents or legal guardians of children interacting with Disney digital properties that collect children's personal information have rights to receive notice of data practices, provide or withhold consent, and request access to or deletion of their child's personal information. Some site features are age-gated and the policy states Disney does not knowingly collect personal information from children in connection with those features.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Delete Your Data
    Parents or legal guardians can submit a request to access or delete a child's personal information through the Disney Data Subject Rights Portal.

How other platforms handle this

Skillshare Medium

You may make a verifiable consumer request related to your personal information twice per 12-month period.

Discord Medium

Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.

GitHub Medium

When we rely on consent as the legal basis, you have the right to withdraw your consent for data processing at any time.

See all platforms with this clause type →

Monitoring

Disney+ has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Get Monitor Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
When we intend to collect personal information from children, we take additional steps to protect children's privacy, including: Notifying parents about our information practices with regard to children, including the types of personal information we may collect from children, the uses to which we may put that information, and whether and with whom we may share that information; In accordance with applicable law, and our practices, obtaining consent from parents for the collection of personal information from their children, or for sending information about our products and services directly to their children; Limiting our collection of personal information from children to no more than is reasonably necessary to participate in an online activity; and Giving parents access or the ability to request access to personal information we have collected from their children and the ability to request that the personal information be changed or deleted.

— Excerpt from Disney+'s Walt Disney Company Privacy Policy

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

1) REGULATORY LANDSCAPE: This provision directly engages COPPA, enforced by the FTC, which requires verifiable parental consent before collecting personal information from children under 13, parental access and deletion rights, and data minimization. The EU's GDPR and UK GDPR also establish age-based consent thresholds that vary by member state, generally between 13 and 16. The Children's Privacy Policy referenced in this document provides additional detail for US practices. 2) GOVERNANCE EXPOSURE: Medium. Disney operates a large portfolio of child-oriented digital properties under brands such as Disney Junior, Disney Channels, and Disney+, making COPPA compliance a material operational obligation. The policy's reference to a separate Children's Online Privacy Policy indicates a layered notice structure, which is consistent with FTC guidance but requires that the supplemental policy be substantively adequate. 3) JURISDICTION FLAGS: US operations are subject to COPPA enforcement by the FTC. EU and UK operations are subject to GDPR and UK GDPR age-appropriate design requirements, including the UK ICO's Age Appropriate Design Code. Additional state-level children's privacy laws, including California's COPPA-analog statutes and the California Age-Appropriate Design Code Act, may impose additional requirements. 4) CONTRACT AND VENDOR IMPLICATIONS: Third-party service providers processing children's data on behalf of Disney entities must comply with COPPA's restrictions on secondary use and disclosure. The policy states that service providers are prohibited from using personal information for purposes other than those requested by Disney, which aligns with COPPA's operator accountability requirements for third-party disclosure. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should review whether age-gating mechanisms on child-oriented properties are operationally effective and whether verifiable parental consent mechanisms meet current FTC standards. The separate Children's Privacy Policy should be audited for substantive COPPA compliance across all applicable Disney digital properties. EU-facing properties should be assessed against the UK Age Appropriate Design Code and GDPR Article 8 age verification requirements.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 3 platforms — free Get Monitor

Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC enforces COPPA, which governs the collection of personal information from children under 13 by online services.
    File a complaint →

Applicable regulations

CCPA/CPRA
California, USA
COPPA
United States Federal
Connecticut Data Privacy Act Amendments
US-CT
CAN-SPAM
United States Federal
FTC Act Section 5
United States Federal
GDPR
European Union
Indiana Consumer Data Protection Act
US-IN
Kentucky Consumer Data Protection Act
US-KY
UK GDPR
United Kingdom
Universal Opt-Out Mechanism Expansion 2026
US
VPPA
United States Federal

Provision details

Document information
Document
Walt Disney Company Privacy Policy
Entity
Disney+
Document last updated
May 5, 2026
Tracking information
First tracked
May 8, 2026
Last verified
July 9, 2026
Record ID
CA-P-009489
Document ID
CA-D-00575
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
00f1d01d84ae9b8dd3f1666ae7de8d1a893a5ebc987b1f6d661ef14d92b34703
Analysis generated
May 8, 2026 08:25 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Disney+
Document: Walt Disney Company Privacy Policy
Record ID: CA-P-009489
Captured: 2026-05-08 08:25:00 UTC
SHA-256: 00f1d01d84ae9b8d…
URL: https://conductatlas.com/platform/disney/walt-disney-company-privacy-policy/provision/CA-P-009489/childrens-privacy-and-parental-consent/
Accessed: July 12, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Medium
Categories

Other risks in this policy

Related Analysis

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Get Compliance

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Disney+'s Children's Privacy and Parental Consent clause do?

This provision describes COPPA-compliant practices for children under 13 in the United States, including the four procedural requirements of parental notice, verifiable parental consent, data minimization, and parental access and deletion rights. These practices govern children's data across Disney's extensive portfolio of child-oriented digital properties and applications.

How does this clause affect you?

Under this clause, parents or legal guardians of children interacting with Disney digital properties that collect children's personal information have rights to receive notice of data practices, provide or withhold consent, and request access to or deletion of their child's personal information. Some site features are age-gated and the policy states Disney does not knowingly collect personal information from children …

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 287 platforms. See the full comparison.

Is ConductAtlas affiliated with Disney+?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Disney+.