Equifax states it may collect your precise physical location if you enable location features in its mobile apps, and may also collect your approximate location based on your IP address when you use its services.
This analysis describes what Equifax's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Location data can reveal sensitive patterns about where you live, work, seek medical care, or worship, and precise geolocation is classified as sensitive personal information under California law and several other state privacy frameworks.
Interpretive note: The policy does not specify retention periods for geolocation data or fully enumerate all purposes for which location data may be used, creating some uncertainty about the full scope of this provision's practical impact.
Equifax may collect precise geolocation data through its mobile applications and approximate location through IP address tracking, and this data may be used in profiling or shared with affiliates and partners. California residents have the right to limit use of sensitive personal information including precise geolocation.
How other platforms handle this
We may collect information about your location, including precise geolocation information, when you use our Services. We use this information to provide location-based services, such as showing you products available in your area, and for other purposes described in this Privacy Policy.
We collect precise geolocation data when you use our mobile application or enable location services on your device. We use this information to provide location-based services, improve our services, and for marketing purposes.
Geolocation data, such as device location. Internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer's interaction with an internet website, application, or advertisement. Device identifiers, such as IP address, unique d...
Monitoring
Equifax has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Geolocation data: We may collect precise geolocation data if you enable location-based features in our apps or if you provide your location. We may also collect your approximate location based on your IP address.— Excerpt from Equifax's Equifax Privacy Policy
REGULATORY LANDSCAPE: CPRA classifies precise geolocation data as sensitive personal information and grants California consumers the right to limit its use and disclosure. Colorado, Connecticut, Virginia, and other states with comprehensive privacy laws similarly treat precise geolocation as a sensitive data category requiring heightened protection. The FTC has also identified geolocation data as sensitive in enforcement guidance and consent orders. Collection of geolocation via mobile applications may also implicate mobile platform privacy requirements from Apple and Google. GOVERNANCE EXPOSURE: Medium. The policy distinguishes between precise and approximate geolocation but does not specify the retention period for location data or all the purposes for which it is used. The breadth of potential uses combined with the sensitivity of location data creates moderate compliance exposure, particularly in states with explicit geolocation protections. JURISDICTION FLAGS: California (CPRA sensitive data limitation right), Colorado, Connecticut, Virginia, and Washington (comprehensive privacy laws with geolocation provisions). Illinois and New York also have developing frameworks that may affect geolocation data practices. CONTRACT AND VENDOR IMPLICATIONS: Service providers that process geolocation data on Equifax's behalf should be subject to data processing agreements that limit use to specified purposes and prohibit secondary use. Mobile app distribution agreements should be reviewed for platform-level geolocation consent requirements. COMPLIANCE CONSIDERATIONS: Legal teams should confirm that consent mechanisms for precise geolocation collection in mobile applications comply with platform requirements and applicable state law. A data retention schedule for geolocation data should be established and documented. California residents should be provided with a functional mechanism to limit the use of precise geolocation as sensitive personal information under CPRA.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Location data can reveal sensitive patterns about where you live, work, seek medical care, or worship, and precise geolocation is classified as sensitive personal information under California law and several other state privacy frameworks.
Equifax may collect precise geolocation data through its mobile applications and approximate location through IP address tracking, and this data may be used in profiling or shared with affiliates and partners. California residents have the right to limit use of sensitive personal information including precise geolocation.
ConductAtlas has identified this type of provision across 12 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Equifax.