Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
Medium's Privacy Policy describes how A Medium Corporation collects and uses personal data from readers, writers, and subscribers on its publishing platform. The policy authorizes collection of identifiers, reading and browsing activity, payment information, device data, and inferred interests, and discloses that this data may be shared with analytics providers, payment processors, advertising partners, and business transfer recipients. California residents and EU users hold specific rights under the policy, including the ability to access, delete, or correct their data and, for California residents, to opt out of the sale or sharing of personal information.
This document is Medium's Privacy Policy, effective March 24, 2022, governing the collection, use, sharing, and retention of personal data for users of the Medium platform (medium.com), published by A Medium Corporation. The policy states that Medium collects account registration data (name, email, password), payment information, content and activity data (drafts, reading history, search queries, follows), device identifiers, IP addresses, browser type, operating system, referral URLs, and inferred interests, and the terms authorize use of this data for service operation, personalization, analytics, communications, and marketing. The policy discloses sharing of personal data with third-party service providers (analytics, payment processors, infrastructure), business partners, and in the context of corporate transactions such as mergers or acquisitions, and reserves the right to share aggregated or de-identified data without restriction. The policy states that it engages the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), explicitly acknowledging legal bases for processing EU personal data (legitimate interests, contract performance, consent) and granting California residents rights to know, delete, and opt out of data sale; applicable law in these jurisdictions may constrain certain data-sharing or retention assertions beyond what the policy alone establishes. Material compliance considerations include the adequacy of disclosed consent mechanisms for marketing communications, the scope of the legitimate interests basis asserted for behavioral tracking, and the policy's handling of data transfers from the EU to the United States, which engages Standard Contractual Clauses or equivalent transfer mechanisms required under post-Schrems II frameworks.
Institutional analysis available with Compliance
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.
Start Compliance free trial7 important changes detected
7 versions captured · Last updated: July 2026
Medium updated their Medium Privacy Policy on June 19, 2026. Change detected: 1 sentence(s) added, 2 sentence(s) modified. Document contained 104 sentences after update.
View change record →Medium's privacy policy was updated on June 6, 2026 to add engagement metrics (53K views, 13 responses) to the policy document header. The change is purely editorial and adds visible …
View change record →Medium updated its Privacy Policy on May 18, 2026 to add detailed disclosure about its address book contact feature. The new language explains that when users opt in to this …
View change record →Medium's privacy policy was updated on April 26, 2026, but the changes appear to be primarily formatting and structural rather than substantive. The document added a sentence reiterating the categories …
View change record →Medium removed a call-to-action encouraging newsletter sign-up and replaced it with a disclosure statement listing the categories of personal information collected in the preceding 12 months, identifiers, commercial information, internet …
View change record →Monitoring
Medium has updated this document before.
Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Compliance Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Compliance free trialCross-platform context
See how other platforms handle Reading History and Behavioral Data Collection and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.