Duolingo states it does not intentionally collect personal data from children under 13 without a parent's permission, and will delete such data if notified.
This analysis describes what Duolingo's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy asserts COPPA compliance for users under 13, which is significant given Duolingo's broad appeal to younger users; however, the adequacy of age verification mechanisms and parental consent processes is a material compliance question.
Interpretive note: The practical adequacy of Duolingo's age verification and parental consent mechanisms cannot be assessed from the policy text alone; 'knowingly' under COPPA is a legal standard with nuanced enforcement context.
The updated privacy policy no longer contains explicit language stating that Duolingo uses cookies to enhance user experience and analyze performance, or that it shares user information with social media, advertising, and analytics partners. The policy also no longer displays a 'Do Not Sell My Personal Information' button. These removals may affect the transparency of Duolingo's practices as disclosed in the policy document itself, though actual data practices may remain unchanged. Users should review the complete updated privacy policy to understand current disclosures about data collection and sharing.
View change record →The updated policy now discloses a new Math Tutor feature that processes audio through Apple for transcription; audio is deleted but text transcripts may be retained and shared with AI vendors. Duolingo also clarified that IP addresses may be retained longer than 30 days for paying subscribers specifically for payment processing and fraud prevention. The policy changed the Video Call feature from 'Duolingo offers' to 'Duolingo may offer', clarifying it is optional. You can disable FullStory and Session Replay activity recording using the Tracking toggle in app Settings.
View change record →Removed mention of separate experience for younger users and family features management, and added specific contact email (privacy@duolingo.com) for parental concerns instead of proactive deletion language.
View full change record →The policy states that personal data collected from children under 13 without parental consent will be deleted upon notification, and that parents can contact privacy@duolingo.com to report such collection and request deletion.
How other platforms handle this
The Service is intended for general audiences and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your cons...
enableGpcSdk: true, gpcSetting: { privacyPolicyLink: '/Privacy-Security-Policy-a-282.html' }
We process Global Privacy Control signals as opt-out requests for the sale or sharing of personal information.
Monitoring
Duolingo has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We do not knowingly collect personal information from children under 13 without parental consent. If you are a parent or guardian and believe we have collected information from your child without your consent, please contact us at privacy@duolingo.com. We will delete the information as soon as possible.— Excerpt from Duolingo's Duolingo Privacy Policy
REGULATORY LANDSCAPE: This provision directly engages the Children's Online Privacy Protection Act (COPPA), enforced by the FTC, which requires verifiable parental consent before collecting personal information from children under 13 in the United States. GDPR Article 8 and national implementations require parental consent for children under 16 (or a lower age set by member state law) for information society services in EU jurisdictions. The UK Children's Code (Age Appropriate Design Code) imposes additional design and data minimization requirements for services likely to be accessed by children. GOVERNANCE EXPOSURE: High. Duolingo's platform is widely used by minors globally, including as an educational tool. The policy states it does not knowingly collect data from children under 13 without consent, but 'knowingly' is a legal threshold under COPPA that depends on the robustness of age-screening mechanisms. Inadequate age verification has been the basis for FTC enforcement actions against consumer platforms in recent years. JURISDICTION FLAGS: US operations require COPPA compliance for under-13 users. EU operations require compliance with GDPR Article 8 for users under 16 (or the applicable member state threshold). UK operations require compliance with the Children's Code. Schools or educational institutions using Duolingo may implicate FERPA obligations in the US, potentially engaging the Department of Education. CONTRACT AND VENDOR IMPLICATIONS: If Duolingo is deployed in educational settings, school districts or institutional customers should assess whether a Data Processing Agreement compliant with FERPA and COPPA is in place. Third-party advertising partners receiving data should be evaluated for COPPA-compliant restrictions on use of data from verified child accounts. COMPLIANCE CONSIDERATIONS: Legal teams should review the age-gating and parental consent flow for users who indicate they are under 13 during registration, and verify that advertising and analytics data flows are disabled for such accounts. The Children's Code Age Appropriate Design assessment should be conducted or reviewed if not already in place for UK operations.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy asserts COPPA compliance for users under 13, which is significant given Duolingo's broad appeal to younger users; however, the adequacy of age verification mechanisms and parental consent processes is a material compliance question.
The policy states that personal data collected from children under 13 without parental consent will be deleted upon notification, and that parents can contact privacy@duolingo.com to report such collection and request deletion.
ConductAtlas has identified this type of provision across 3 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Duolingo.