Duolingo collects your account details, learning activity, device information, and other data you provide or that is generated as you use the app.
This analysis describes what Duolingo's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The breadth of data categories collected, including learning performance, streaks, device identifiers, and IP addresses, means Duolingo builds a detailed profile of each user's activity and behavior over time.
Interpretive note: The exact categories of data collected are described in general terms; the full scope of device and behavioral data collected via third-party SDKs may not be fully captured in the visible policy text.
The updated policy now discloses a new Math Tutor feature that processes audio through Apple for transcription; audio is deleted but text transcripts may be retained and shared with AI vendors. Duoli…
The policy states Duolingo collects name, email, age, learning activity, device identifiers, IP address, and payment information; this data is used for service delivery, personalization, advertising, and research, and is shared with third-party partners.
How other platforms handle this
We collect the following information when you register for and use our services: Account information. You can create a Discord account by providing an email address and creating a username and password. When you create an account, we will assign you a unique identifier. If you choose to, you may pro...
"Personal Data" refers to any information associated with an identified or identifiable individual, which can include data that you provide to us, and that we collect about you during your interaction with our Services (such as device information, IP address, etc.).
We collect information you provide directly to us, such as when you create an account, make a purchase, or contact us for support. This includes: Account information (name, email address, password); Payment information (credit card details, billing address); Profile information (company name, job ti...
Monitoring
Duolingo has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We collect information you provide directly to us when you use our services, such as when you create an account, make a purchase, or contact us for support. The types of information we may collect include your name, email address, password, age or date of birth, and any other information you choose to provide. We also collect information about your use of our services, such as the lessons you complete, your streaks, your performance on exercises, and other learning activity.— Excerpt from Duolingo's Duolingo Privacy Policy
REGULATORY LANDSCAPE: The scope of data collection implicates GDPR Articles 5 and 13 for EU and UK users, requiring transparency about categories of personal data collected and the purposes for processing. CCPA and CPRA require disclosure of categories of personal information collected and the business or commercial purposes for collection. The FTC Act applies to the accuracy of disclosures about data collection practices. GOVERNANCE EXPOSURE: Medium. The policy discloses collection of a broad range of data categories including identifiers, performance data, device information, and communications content. While disclosure of these categories is standard practice for consumer apps, the combination of granular learning activity data with device identifiers and IP addresses creates a detailed behavioral profile, which carries heightened sensitivity under GDPR's data minimization principle. JURISDICTION FLAGS: EU and UK users have rights under GDPR to receive specific information about data processing at the time of collection. California residents have rights under CCPA to know what categories of personal information have been collected. Minors in GDPR jurisdictions benefit from enhanced protections under Article 8 and applicable national law. CONTRACT AND VENDOR IMPLICATIONS: Procurement and vendor teams should verify that data processing agreements are in place with all sub-processors who receive personal data, and that such agreements comply with GDPR Article 28 requirements. COMPLIANCE CONSIDERATIONS: Compliance teams should conduct a data mapping exercise to verify that all categories of data disclosed in the policy are captured in records of processing activities under GDPR Article 30. The lawful basis for each processing purpose should be documented and reviewed, particularly where legitimate interests are relied upon.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The breadth of data categories collected, including learning performance, streaks, device identifiers, and IP addresses, means Duolingo builds a detailed profile of each user's activity and behavior over time.
The policy states Duolingo collects name, email, age, learning activity, device identifiers, IP address, and payment information; this data is used for service delivery, personalization, advertising, and research, and is shared with third-party partners.
ConductAtlas has identified this type of provision across 12 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Duolingo.