Headspace uses cookies and tracking technologies on its platform to personalize your experience, remember your preferences, serve you ads on other websites, and analyze how you use the service.
This analysis describes what Headspace's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The clause establishes the operational scope and authorized purposes for tracking technology deployment. It defines that tracking extends beyond the Headspace platform itself to include advertising delivery on external websites, which expands the data collection infrastructure across multiple digital properties.
Cookies used for advertising on Headspace may track your browsing behavior beyond the Headspace platform and share that data with advertising partners, which may include behavioral signals that reveal or infer mental health status; you can manage cookie preferences through the OneTrust consent management tool deployed on the Headspace website.
How other platforms handle this
We use cookies, web beacons, pixel tags, and other tracking technologies to collect information about your use of our website and Service, including your browser type, referring URL, pages visited, and time spent on pages. We may use this information to analyze trends, administer the site, track use...
We and our third-party partners may use cookies, web beacons, and similar tracking technologies to collect information about your use of the Sites. Cookies are small data files stored on your browser or device. We use both session cookies and persistent cookies. We may also use web beacons, pixel ta...
cookie data, resettable device identifiers, advertising identifiers and other unique identifiers (described below in the section "Cookies and other Technologies").
Monitoring
Headspace has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We use cookies and similar tracking technologies (collectively, "Cookies") to enhance your experience on our Platform... We may use Cookies for purposes such as recognizing you when you log in, remembering your preferences, delivering advertising to you on third-party websites, understanding how you use our Platform, and improving our Products and Services.— Excerpt from Headspace's Headspace Privacy Policy
REGULATORY LANDSCAPE: Cookie and tracking technology practices engage the EU ePrivacy Directive (commonly known as the Cookie Law) and GDPR for EU users, requiring informed consent for non-essential cookies including advertising and analytics cookies. UK PECR applies similarly for UK users. CCPA and CPRA treat certain cookie-based data sharing as a sale of personal information, requiring an opt-out mechanism for California residents. The FTC has authority over deceptive cookie consent practices. GOVERNANCE EXPOSURE: Medium. The use of advertising cookies on a mental health platform creates heightened exposure because the data generated may constitute health-related behavioral data subject to stricter consent standards under GDPR Article 9 and CPRA's sensitive personal information provisions. Consent management platforms must be configured to block advertising and analytics cookies prior to obtaining valid consent, and consent signals must be transmitted to all downstream advertising vendors. JURISDICTION FLAGS: EU and UK users are most affected by consent requirements for non-essential cookies under ePrivacy Directive and GDPR. California residents have opt-out rights for cookie-based data sharing that qualifies as a sale or sharing of personal information under CCPA and CPRA. Global Privacy Control (GPC) signal compliance should be verified for California users. CONTRACT AND VENDOR IMPLICATIONS: Advertising technology vendors receiving cookie data must be assessed for compliance with applicable consent requirements. Programmatic advertising partners should receive consent signals from the OneTrust implementation and contractually commit to honoring opt-out signals including GPC. COMPLIANCE CONSIDERATIONS: Compliance teams should audit the OneTrust implementation to verify that advertising and analytics cookies are blocked prior to consent for EU and UK users, that GPC signals are honored for California users, and that the list of cookie vendors disclosed in the cookie policy is current and complete. Given the mental health context, teams may also want to assess whether any advertising cookies receive data that could qualify as consumer health data under applicable state law.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The clause establishes the operational scope and authorized purposes for tracking technology deployment. It defines that tracking extends beyond the Headspace platform itself to include advertising delivery on external websites, which expands the data collection infrastructure across multiple digital properties.
Cookies used for advertising on Headspace may track your browsing behavior beyond the Headspace platform and share that data with advertising partners, which may include behavioral signals that reveal or infer mental health status; you can manage cookie preferences through the OneTrust consent management tool deployed on the Headspace website.
ConductAtlas has identified this type of provision across 69 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Headspace.