This analysis describes what Headspace's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The provision creates a dual privacy framework: HIPAA compliance applies when Care Providers are engaged, while state-specific consumer health data laws apply to other health data collected. This establishes different regulatory obligations and data handling standards depending on the user's interaction type.
Users may be subject to either HIPAA protections (when using Care Provider services) or state consumer health data privacy laws (for other health data), with Care Providers potentially issuing separate privacy notices during enrollment that users should review to understand which framework applies to their data.
How other platforms handle this
We do not share your personal data with any third-party advertisers or ad networks for their advertising except for: (i) hashed or device identifiers (to the extent they are personal data in some countries), (ii) with your separate permission (e.g., in a lead generation form) or (iii) data already v...
Zoom may share personal data with third-party advertising partners and analytics providers to deliver targeted advertising and measure the effectiveness of advertising campaigns. This may include sharing identifiers, device information, and behavioral data with partners such as advertising networks.
We may share your information with advertising partners to deliver personalized advertisements on third-party websites and applications. This includes sharing device identifiers, browsing activity on the Airbnb platform, and inferred interests with advertising networks and analytics providers to sho...
Monitoring
Headspace has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Headspace is subject to HIPAA as our Care Providers' business associate. Our Care Providers may provide you an additional privacy notice during enrollment which we encourage you to review. Depending on how you interact with us, the following may also apply to you: Our Consumer Health Data Privacy Policy applies to certain consumer health data that is regulated under applicable state consumer health data laws.— Excerpt from Headspace's Headspace Privacy Policy
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The provision creates a dual privacy framework: HIPAA compliance applies when Care Providers are engaged, while state-specific consumer health data laws apply to other health data collected. This establishes different regulatory obligations and data handling standards depending on the user's interaction type.
Users may be subject to either HIPAA protections (when using Care Provider services) or state consumer health data privacy laws (for other health data), with Care Providers potentially issuing separate privacy notices during enrollment that users should review to understand which framework applies to their data.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Headspace.