This analysis describes what Mixpanel's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision grants Mixpanel a degree of own-use rights over data it originally receives as a processor, which is a common but potentially contested practice under GDPR processor restrictions. The practical scope of what counts as adequately de-identified varies by jurisdiction.
Interpretive note: The specific de-identification standards Mixpanel applies and the precise scope of own-use rights over derived data are not fully detailed in the public-facing policy, creating interpretive uncertainty about compliance with GDPR Article 28.
Mixpanel's policy states that it collects identifiers, device information, IP addresses, behavioral event data, and email addresses from website visitors and customers, and shares this data with advertising, analytics, infrastructure, and professional services vendors. For end users of third-party apps and websites that use Mixpanel's analytics tools, the policy notes that Mixpanel acts as a data processor on behalf of that app or website operator, meaning Mixpanel's direct obligations to those individuals are limited and data rights must generally be exercised through the app or website they interact with. You can submit a data deletion, correction, or opt-out request directly to Mixpanel by emailing privacy@mixpanel.com or by visiting Mixpanel's privacy preference center at mixpanel.com/optout.
How other platforms handle this
We may use and share de-identified or aggregated information for any purpose, including research and analytics. We maintain and use de-identified data without attempting to re-identify it.
We may use aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for any purpose, including sharing it with partners, advertisers, and other third parties. This information is not subject to the restrictions in this Privacy Policy.
We may de-identify, anonymize, or aggregate information we collect so the information cannot reasonably identify you or your device, or we may collect information that is already in de-identified form. For example, we may disclose performance benchmark data and other aggregated, anonymized, or de-id...
Monitoring
Mixpanel has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Mixpanel may use aggregated or de-identified data derived from customer event data for its own purposes, including improving its services, developing new features, and generating analytics insights, provided that such data cannot reasonably be used to identify individual users.— Excerpt from Mixpanel's Mixpanel Privacy Statement
We read the privacy policies and terms of service of 38 AI platforms. Here is what they say about training, retention, arbitration, and liability.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision grants Mixpanel a degree of own-use rights over data it originally receives as a processor, which is a common but potentially contested practice under GDPR processor restrictions. The practical scope of what counts as adequately de-identified varies by jurisdiction.
ConductAtlas has identified this type of provision across 5 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Mixpanel.