What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This policy operates across multiple regulatory frameworks simultaneously. For EU and EEA users, GDPR applies, requiring a lawful basis for each processing purpose, data subject rights fulfillment, and data transfer safeguards for transfers outside the EEA. For UK users, UK GDPR and the Data Protection Act 2018 govern. For California residents, CCPA and CPRA apply, including rights to know, delete, correct, and opt out of sale or sharing of personal information for cross-c…

How does GOAT's GOAT Privacy Policy affect users?

GOAT collects a wide range of personal data including purchase history, device identifiers, geolocation, and behavioral inferences, and the policy permits sharing this information with third-party business partners for their own marketing and advertising purposes. This means your activity on GOAT may influence advertising you receive on other platforms or services, beyond GOAT's own communications. You can submit a data access, deletion, or opt-out request through GOAT's privacy request portal,…

How often is GOAT's GOAT Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when GOAT updates this document?

Yes. Watcher subscribers ($9.99/month) can add GOAT to their watchlist and receive same-day email alerts whenever this document or any other GOAT document changes.

CA-D-000736

GOAT Privacy Policy

GOAT

Last change detected May 9, 2026 Privacy policy

SHA-256: 0787144e6e94c8f94e2… 2 versions captured 1 change documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at GOAT ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

1 High severity

7 Medium severity

0 Low severity

Summary

This is GOAT's Privacy Policy, explaining what personal information the sneaker and apparel marketplace collects from you when you browse, buy, or sell on its platform, including your name, address, payment details, device data, and behavioral inferences. The most important thing to know is that GOAT may share your data with third-party business partners for their own marketing purposes, meaning your shopping behavior could be used to target you with ads beyond the GOAT platform itself. California residents and EU users have specific rights to access, delete, or opt out of certain data uses, and you can exercise these rights by submitting a request through GOAT's designated privacy request process.

Technical / Legal Breakdown

This document is GOAT's Privacy Policy, governing the collection, use, and sharing of personal information across GOAT's global platform for sneakers, apparel, and accessories, with stated applicability to users in the US, EU, UK, Canada, Australia, and other jurisdictions. The policy states that GOAT collects a broad range of personal data including identifiers, commercial transaction data, device and usage information, geolocation data, payment information, and inferences drawn from user behavior, and the terms authorize use of this data for purposes including marketing, advertising, analytics, and sharing with third-party business partners and service providers. The policy's authorization to share data with 'business partners' for their own marketing purposes, and to derive behavioral inferences from user activity, represents a scope of secondary data use that consumers may not anticipate from a retail platform, though applicable law in various jurisdictions may constrain how broadly these authorizations can be exercised in practice. The policy engages GDPR and UK GDPR for EU and UK residents, the California Consumer Privacy Act and California Privacy Rights Act for California residents, and general FTC Act consumer protection standards; rights afforded vary materially by jurisdiction, with EU and California users receiving more substantive access, deletion, and opt-out entitlements than users in other regions. Compliance teams should note the policy's simultaneous operation across multiple regulatory regimes, the inclusion of targeted advertising opt-out mechanisms, and the broad framing of 'business partners' as data recipients, each of which warrants careful mapping against applicable legal obligations.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

1 important change detected

2 versions captured · Last updated: May 2026

May 9, 2026

low

What changed GOAT updated its privacy policy to clarify how it shares your phone number and other contact information with shipping partners for delivery notifications. The policy now explicitly states that shipping carriers may send you text messages with tracking updates, delivery scheduling, and confirmations directly on GOAT's behalf. The update also specifies that message rates may apply, message frequency varies based on order activity, and you can opt out of delivery texts without affecting security-related messages like authentication codes.

Why this matters The updated policy establishes clearer disclosure of how GOAT handles phone number sharing with shipping partners. Under the revised terms, your phone number and order information may be shared with shipping carriers so they can send you delivery-related text messages, including tracking updates, delivery scheduling, and confirmations. The policy now specifies that message and data rates may apply and that message frequency varies based on your order activity. You can opt out of delivery-related text messages by replying STOP or clicking unsubscribe links, though this does not affect security-related messages such as multifactor authentication codes.

View full change record →

High — 1 provision

Third-Party Business Partner Data Sharing for Marketing Compare →

GOAT can share your personal data with business partners who may use it for their own marketing, meaning companies outside GOAT could receive your information and use it to target you with their own ads or promotions.

Added May 10, 2026 Standard Seen across 246 platforms

Medium — 7 provisions

Behavioral Inference Collection and Use

GOAT builds a profile of your interests and preferences based on how you use the platform, including what you search for, browse, and buy, and uses these inferences to inform how it markets to you.

Added May 10, 2026 Rare
California Opt-Out Rights (Sale and Sharing) Compare →

California users have the legal right to stop GOAT from selling or sharing their personal data for targeted advertising, and can do so by clicking a designated link on the platform.

Added May 10, 2026 Standard Seen across 262 platforms
Geolocation Data Collection Compare →

GOAT may collect your precise location data when you use the app or website, and uses it for both service delivery and other purposes including those described elsewhere in the policy such as advertising and analytics.

Added May 10, 2026 Standard Seen across 251 platforms
Children's Privacy Restriction Compare →

GOAT does not intend its platform for users under 18 and states it will delete any personal information it discovers was collected from someone under 18.

Added May 10, 2026 Standard Seen across 262 platforms
Cookie and Tracking Technology Use Compare →

GOAT uses a range of tracking tools including cookies and pixels to monitor how you use its website and app, collecting technical identifiers and behavioral data about your browsing patterns.

Added May 10, 2026 Standard Seen across 251 platforms
Data Retention Compare →

GOAT keeps your personal data for as long as it considers necessary for business and legal purposes, without specifying a fixed retention period for most data types.

Added May 10, 2026 Standard Seen across 223 platforms
GDPR and UK User Rights Compare →

EU and UK users have specific legal rights over their personal data held by GOAT, including the right to access it, correct it, have it deleted, limit how it is used, and receive a copy in a portable format.

Added May 10, 2026 Standard Seen across 262 platforms