Poshmark can share your personal information with outside companies for their own marketing purposes, including companies that run co-branded promotions with Poshmark.
This analysis describes what Poshmark's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision extends the use of your personal data beyond Poshmark itself, allowing outside businesses to market directly to you based on information you provided to Poshmark, which may not match users' reasonable expectations.
Interpretive note: The category of business partners is not exhaustively defined, and the precise scope of data shared and purposes permitted may vary in practice; applicable law may impose additional restrictions on such sharing not fully captured by the policy's disclosures.
Poshmark's updated Privacy Policy provides significantly more transparent disclosure about what personal data the company collects, how it uses that data, and how you can exercise your privacy rights…
Poshmark's updated privacy policy provides more explicit detail about what categories of personal data the company collects through the platform, including user-generated content (photos, videos, lis…
Your name, contact details, purchase history, and behavioral data may be shared with third-party business partners who can use it for their own advertising campaigns, potentially resulting in targeted marketing from companies you have no direct relationship with.
How other platforms handle this
In connection with any reorganization, restructuring, merger or sale, or other transfer of assets, we will transfer information, including personal information, provided that the receiving party agrees to respect your personal information in a manner that is consistent with our Privacy Policy.
We may share your information with third-party advertising partners to provide you with targeted advertising. We also work with third-party analytics providers who help us understand how users interact with our Services. These third parties may use cookies, web beacons, and similar tracking technolo...
We process personal data you provide to Oura to enable third party integrations, services, features, and offerings. For example, with your permission, our Services may integrate with third-party services like Google Health Connect and Apple HealthKit, or those of our partners. Oura takes measures to...
Monitoring
Poshmark has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may share your personal information with our business partners for their own marketing purposes. For example, we may share your information with companies that offer co-branded products or services. We may also allow business partners to collect information directly from you on our platform.— Excerpt from Poshmark's Poshmark Privacy Policy
REGULATORY LANDSCAPE: This provision directly implicates the CCPA and CPRA definitions of sale and sharing of personal information, as disclosure of personal data to third parties for cross-context behavioral advertising or other marketing purposes triggers opt-out obligations regardless of whether monetary consideration is exchanged. The California Privacy Protection Agency and the California Attorney General hold enforcement authority. Under GDPR, sharing personal data with third-party controllers for their own marketing purposes requires a separate lawful basis for each controller, and reliance on legitimate interests for such sharing faces heightened scrutiny. GOVERNANCE EXPOSURE: High. The breadth of the business partner category is not exhaustively defined in the policy, which creates ambiguity about which entities receive data and for what purposes. If business partners are receiving personal data for independent marketing use, they likely fall outside the CCPA service provider exemption, requiring that the sharing be treated as a sale or sharing under California law with corresponding opt-out mechanisms and contractual restrictions. JURISDICTION FLAGS: California presents the highest exposure due to CPRA opt-out requirements for sharing of personal information for cross-context behavioral advertising. Virginia, Colorado, Connecticut, and Utah similarly require opt-out rights for targeted advertising using personal data. EU and UK users are protected by GDPR and UK GDPR, which impose stricter controller-to-controller transfer requirements including separate lawful bases and data sharing agreements. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should verify that all business partner relationships are governed by data sharing agreements that define permitted uses, restrict onward transfer, and align with applicable state law requirements. The absence of an exhaustive list of business partners in the policy may complicate vendor inventory and data mapping exercises. Contracts should specify whether business partners are classified as service providers, contractors, or third parties under CCPA or CPRA, as the classification determines the legal requirements for the sharing arrangement. COMPLIANCE CONSIDERATIONS: Compliance teams should audit whether Poshmark's opt-out mechanisms for data sale and sharing are operationally effective and whether the Global Privacy Control signal is honored for California users as required under CPRA. Data processing agreements with all business partners who receive personal data for marketing purposes should be reviewed and updated. A complete inventory of business partner data sharing relationships should be maintained and reflected in the policy's data practices disclosures.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision extends the use of your personal data beyond Poshmark itself, allowing outside businesses to market directly to you based on information you provided to Poshmark, which may not match users' reasonable expectations.
Your name, contact details, purchase history, and behavioral data may be shared with third-party business partners who can use it for their own advertising campaigns, potentially resulting in targeted marketing from companies you have no direct relationship with.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Poshmark.