Peloton's services are not meant for children under 16, and the company says it will delete any data it discovers it has collected from children under that age.
This analysis describes what Peloton's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Setting the age threshold at 16 rather than 13 exceeds the minimum COPPA requirement and aligns with GDPR's default age of digital consent, which provides broader protection but also means Peloton should verify ages where children's participation is possible.
Interpretive note: The specific verbatim children's privacy language was not fully accessible due to HTML truncation; this reflects the substance of Peloton's disclosed children's privacy approach based on available document content.
Peloton restricts its service to users 16 and older, which means parents should ensure minors under 16 are not creating accounts or providing personal data through the platform.
How other platforms handle this
The Service is intended for general audiences and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your cons...
enableGpcSdk: true, gpcSetting: { privacyPolicyLink: '/Privacy-Security-Policy-a-282.html' }
We process Global Privacy Control signals as opt-out requests for the sale or sharing of personal information.
Monitoring
Peloton has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Our Products and Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information as soon as possible.— Excerpt from Peloton's Peloton Privacy Policy
REGULATORY LANDSCAPE: The Children's Online Privacy Protection Act (COPPA) requires verifiable parental consent before collecting personal information from children under 13, enforced by the FTC. Peloton's policy sets its threshold at 16, which exceeds COPPA's minimum requirement and aligns with GDPR Article 8's default age of digital consent for EU users. Several US states have enacted or proposed laws raising the age of digital consent above 13, including California's Age-Appropriate Design Code, which imposes additional protections for users under 18. GOVERNANCE EXPOSURE: Low to medium. Peloton's 16-year threshold reduces COPPA exposure but creates an obligation to implement effective age verification or screening. The FTC has taken enforcement action against platforms that inadequately screen for underage users. California's AADC creates additional obligations for users under 18 that go beyond age-gating. JURISDICTION FLAGS: California's Age-Appropriate Design Code imposes data minimization, default privacy, and algorithmic transparency obligations for users under 18, not just under 16. EU GDPR Article 8 permits member states to set the age of digital consent between 13 and 16, meaning some EU countries require parental consent for users between 13 and 15. UK GDPR and the UK ICO's Children's Code apply to users under 18 in the UK. CONTRACT AND VENDOR IMPLICATIONS: Third-party advertising and analytics vendors should be contractually prohibited from targeting or profiling users identified as minors. Advertising SDK configurations should be reviewed to ensure no behavioral advertising data is collected from users under 16. COMPLIANCE CONSIDERATIONS: Age verification or attestation mechanisms should be evaluated for effectiveness. California AADC compliance obligations for users under 18 should be assessed separately from the under-16 threshold. UK Children's Code compliance for the UK version of the app and website should be reviewed.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Setting the age threshold at 16 rather than 13 exceeds the minimum COPPA requirement and aligns with GDPR's default age of digital consent, which provides broader protection but also means Peloton should verify ages where children's participation is possible.
Peloton restricts its service to users 16 and older, which means parents should ensure minors under 16 are not creating accounts or providing personal data through the platform.
ConductAtlas has identified this type of provision across 26 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Peloton.