Grubhub's platform is not intended for children under 13, and the company states it does not knowingly collect data from this age group; parents who believe their child's data has been collected can contact Grubhub's privacy team.
This analysis describes what Grubhub's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Federal law under COPPA prohibits collecting data from children under 13 without verifiable parental consent; if a minor accesses the platform, the policy's reliance on a 'knowingly' standard means accidental collection of children's data may not be caught proactively.
Parents should be aware that Grubhub does not have active age verification mechanisms beyond a policy statement, and should contact privacy@grubhub.com if they believe their child under 13 has created an account or provided personal information.
How other platforms handle this
The Service is intended for general audiences and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your cons...
Our Services are not directed to children under 13. If you learn that anyone younger than 13 has unlawfully provided us with personal data, please contact us at privacy@medium.com.
To access and use the Services, you must be at least the age of majority in the state, province, or territory where you live or at least 18 years of age. If you are under the age of 13, you may not use the Services and you should not be visiting the Sites or using the Services.
Monitoring
Grubhub has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"The Platform is not directed to children under the age of 13. We do not knowingly collect personal information from children under the age of 13 without verifiable parental consent. If you believe we have collected personal information from a child under 13, please contact us at privacy@grubhub.com.— Excerpt from Grubhub's Grubhub Privacy Policy
1) REGULATORY LANDSCAPE: COPPA, enforced by the FTC, requires verifiable parental consent before collecting personal information from children under 13. The policy's reliance on a 'knowingly' standard without describing active verification mechanisms may create exposure if children access the platform. The FTC has taken enforcement actions against platforms that collect children's data without adequate safeguards. 2) GOVERNANCE EXPOSURE: Medium. The absence of described age verification mechanisms beyond a policy statement is a commonly observed industry practice, but regulators have increasingly scrutinized this approach. If campus programs include users who may be minors, the risk exposure increases materially. 3) JURISDICTION FLAGS: COPPA applies across the United States for users under 13. Several state laws, including California's Age-Appropriate Design Code (if operative), may require additional protections for minors and users under 16. UK GDPR and the UK Age Appropriate Design Code impose heightened standards for services likely to be accessed by minors. 4) CONTRACT AND VENDOR IMPLICATIONS: Advertising partners and data processors receiving user data should be contractually prohibited from targeting minors. Grubhub's advertising pipelines should include age-gating mechanisms that prevent under-13 data from entering behavioral advertising systems. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should evaluate whether the platform's registration flow includes any age verification or age gate beyond a policy assertion. The contact mechanism for parental complaints (privacy@grubhub.com) should be tested for responsiveness and adequacy of remediation. Campus program operators should be specifically assessed for minor user exposure given the university context.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Federal law under COPPA prohibits collecting data from children under 13 without verifiable parental consent; if a minor accesses the platform, the policy's reliance on a 'knowingly' standard means accidental collection of children's data may not be caught proactively.
Parents should be aware that Grubhub does not have active age verification mechanisms beyond a policy statement, and should contact privacy@grubhub.com if they believe their child under 13 has created an account or provided personal information.
ConductAtlas has identified this type of provision across 4 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Grubhub.