Poshmark collects a broad range of information about you, including your contact details, payment information, photos, shopping behavior, search history, and technical information about the device you use to access the platform.
This analysis describes what Poshmark's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The breadth of data collected means Poshmark has a detailed picture of your identity, financial habits, interests, and device, which is used for personalization, advertising, and sharing with third parties as described elsewhere in the policy.
Poshmark's updated Privacy Policy provides significantly more transparent disclosure about what personal data the company collects, how it uses that data, and how you can exercise your privacy rights…
Poshmark's updated privacy policy provides more explicit detail about what categories of personal data the company collects through the platform, including user-generated content (photos, videos, lis…
Every interaction on Poshmark, from searching for items to completing a purchase, generates data that is collected and retained, creating a comprehensive profile of your behavior, preferences, and identity that may be shared with advertising and business partners.
How other platforms handle this
We collect the following information when you register for and use our services: Account information. You can create a Discord account by providing an email address and creating a username and password. When you create an account, we will assign you a unique identifier. If you choose to, you may pro...
We collect information you provide directly to us, such as when you create an account, contact us for support, sign up for marketing emails, or otherwise communicate with us. The types of information we may collect include your name, email address, postal address, phone number, company name, job tit...
We collect information you provide directly to us, such as when you create an account, use our Services, make a purchase, or contact us for support. The types of information we may collect include your name, email address, password, phone number, credit card and other payment information, and any ot...
Monitoring
Poshmark has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We collect information you provide to us, such as your name, email address, postal address, phone number, credit card and other payment information, and photos. We also collect information about your activity on our platform, including items you view, buy, and sell, searches you conduct, and your interactions with other users. We collect device information such as your IP address, browser type, operating system, and device identifiers.— Excerpt from Poshmark's Poshmark Privacy Policy
REGULATORY LANDSCAPE: The categories of personal information collected, including payment card data, device identifiers, photos, and behavioral data, implicate multiple regulatory frameworks. Payment card data is governed by PCI DSS standards as well as applicable state financial data laws. Photos may constitute biometric data in certain jurisdictions, including Illinois under BIPA, if facial recognition or geometric analysis is applied. Device identifiers and behavioral data are subject to CCPA, CPRA, and state privacy law disclosure and access requirements. The FTC Act governs unfair or deceptive data collection practices. GOVERNANCE EXPOSURE: Medium. The breadth of collection is consistent with a social commerce platform of Poshmark's scale, but the inclusion of photos raises potential biometric data concerns in Illinois and other jurisdictions enacting biometric privacy legislation. Payment data handling obligations under PCI DSS should be verified independently of the privacy policy. JURISDICTION FLAGS: Illinois BIPA creates heightened exposure if Poshmark processes photos in ways that extract biometric identifiers such as faceprints. California CPRA requires disclosure of sensitive personal information categories and provides a right to limit their use, which applies to precise geolocation and certain financial data. EU and UK users have rights to access, correct, and object to processing of all personal data collected. CONTRACT AND VENDOR IMPLICATIONS: Data processing agreements with analytics, cloud hosting, payment processing, and advertising vendors should enumerate the specific categories of personal data processed and restrict use to disclosed purposes. Vendors who process photos should be assessed for biometric data processing capabilities, and contracts should address applicable biometric privacy law requirements. COMPLIANCE CONSIDERATIONS: A data inventory and mapping exercise should document all categories of personal data collected, the legal basis for collection in each jurisdiction, retention periods, and downstream sharing. Particular attention should be paid to photos and device data given their sensitivity and the evolving biometric privacy landscape. Data minimization principles should be evaluated to assess whether all collected data categories are necessary for the stated purposes.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The breadth of data collected means Poshmark has a detailed picture of your identity, financial habits, interests, and device, which is used for personalization, advertising, and sharing with third parties as described elsewhere in the policy.
Every interaction on Poshmark, from searching for items to completing a purchase, generates data that is collected and retained, creating a comprehensive profile of your behavior, preferences, and identity that may be shared with advertising and business partners.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Poshmark.