Headspace gives all users — regardless of where they live — the right to request access to, deletion of, and corrections to their personal information. Additional rights may apply based on your location, such as California, EU, or UK-specific rights.
Having broad privacy rights regardless of your location means you can take control of your data, including requesting that Headspace delete your information even if you are not in a jurisdiction with legally mandated deletion rights.
The extension of deletion and access rights to all users globally (beyond statutory requirements) reflects GDPR and CCPA influence but creates operational obligations to handle rights requests globally, including verification and response timelines. Teams should confirm response SLAs align with applicable legal requirements (e.g., 45 days under CCPA, one month under GDPR).
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Headspace collects highly sensitive personal data including mental health information, therapy session details, and behavioral data from your use of their app, and may share this with advertising partners and third-party service providers. Users in therapy or psychiatry programs are subject to HIPAA protections, but general app users should be aware their meditation habits and wellness data may be used for targeted advertising. You can request deletion of your personal data or opt out of certain data sharing by visiting Headspace's privacy rights portal or emailing privacy@headspace.com.