Netflix · Netflix Privacy Statement

Precise Geolocation and Device Data Collection

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

Netflix collects detailed information about your devices — including IP addresses, device identifiers, operating systems, and camera access — alongside your location data, which can be used to determine where you are.

Consumer impact (what this means for users)

Netflix collects device identifiers, IP address, and camera access data that can be used to infer your location, track your activity across sessions, and build a detailed behavioural profile — this data is shared with advertising partners as part of the 'sale or sharing' of personal information.

Cross-platform context

See how other platforms handle Precise Geolocation and Device Data Collection and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

IP addresses and device identifiers can reveal your precise location and are routinely used for advertising profiling and content restriction, and camera access for QR functionality is a particularly sensitive permission that consumers may not realise they have granted.

View original clause language
We collect information about your interaction with the Netflix service... and other information about your use and interaction with the Netflix service (such as app clicks, text input, page views, time and duration of access, and camera/photo access for QR-code functionality and Netflix games features). We also collect information about your network and the devices you use to access Netflix (such as your IP addresses, the types of devices, operating systems, and browsers you use to access our service, device identifiers, and ISP or mobile operator).

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: GDPR Art. 4(1) (IP addresses and device identifiers constitute personal data); GDPR Art. 5(1)(c) (data minimisation); ePrivacy Directive 2002/58/EC (cookie and device fingerprinting rules); CCPA definition of 'geolocation data' and 'unique personal identifiers' as sensitive categories; Illinois BIPA if camera data is used to derive facial geometry. Enforcement: EU/EEA DPAs, California AG/CPPA, FTC. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    The FTC has authority over deceptive device data collection and tracking practices under Section 5 of the FTC Act, including undisclosed geolocation and device identifier collection.
    File a complaint →
  • State AG
    California AG/CPPA have authority over precise geolocation as a sensitive category under CPRA; other state AGs enforce analogous provisions under their respective privacy statutes.
    File a complaint →

Provision details

Document information
Document
Netflix Privacy Statement
Entity
Netflix
Document last updated
April 29, 2026
Tracking information
First tracked
April 28, 2026
Last verified
April 28, 2026
Record ID
CA-P-003917
Document ID
CA-D-00039
Evidence Provenance
Source URL
https://help.netflix.com/legal/privacy
Wayback Machine
View archived versions →
SHA-256
d27224424a6bddb6d5dc00d988f6cb15e4333093145ecdff869901320f146dfb
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Netflix | Document: Netflix Privacy Statement | Record: CA-P-003917
Captured: 2026-04-28 08:58:31 UTC | SHA-256: d27224424a6bddb6…
URL: https://conductatlas.com/platform/netflix/netflix-privacy-statement/precise-geolocation-and-device-data-collection/
Accessed: May 2, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document