Poshmark keeps your personal information as long as it needs to for business, legal, or compliance reasons, and will delete or anonymize it when you close your account, unless a legal obligation requires keeping it.
This analysis describes what Poshmark's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
There is no specific retention period stated in the policy, meaning Poshmark may retain your personal data for an extended and indefinite period, and some data may be kept even after you delete your account if a legal reason exists.
Interpretive note: The absence of specific retention periods by data category may not satisfy GDPR Article 13 and CPRA disclosure requirements; the scope of legal retention exceptions is not defined in the policy.
Poshmark's updated Privacy Policy provides significantly more transparent disclosure about what personal data the company collects, how it uses that data, and how you can exercise your privacy rights. The policy now explicitly itemizes data collection points, including photos, videos, payment information, social media accounts, and user interaction data, and provides a dedicated section on consumer rights and choices. The policy also includes a dedicated California Privacy Notice supplement, indicating enhanced compliance with California privacy laws. You can review the full updated policy and California Privacy Notice to understand Poshmark's specific data practices and identify which privacy rights and choices are available to you.
View change record →Poshmark's updated privacy policy provides more explicit detail about what categories of personal data the company collects through the platform, including user-generated content (photos, videos, listings), interaction data (likes, comments, offers), and payment information. The expanded disclosure does not necessarily indicate new data collection practices, but gives users clearer visibility into what information Poshmark holds. You can review the full policy at Poshmark's website to understand which data collection practices apply to your account activity and, if you are a California resident, consult the supplementary California Privacy Notice referenced in the policy.
View change record →Previous version 'Data Retention Practices' and 'Account Closure and Data Handling' had empty excerpts; current version consolidates into single provision with explicit retention criteria and deletion procedures.
View full change record →Your personal data may be retained for an unspecified period after account closure if Poshmark determines a legal or regulatory obligation applies, which limits your ability to fully remove your information from Poshmark's systems.
How other platforms handle this
After your account is deleted, we keep data about interactions you've had on our service to prevent abuse, ban evaders and others in an effort to protect and ensure the safety and security of our service and our members.
We keep information for as long as we need it to provide our products, comply with legal obligations, or for other legitimate purposes, such as to maintain safety, security, and integrity.
We retain your personal information for as long as necessary to provide our Services, comply with our legal obligations, resolve disputes, and enforce our agreements. Even after you close your account, we may retain certain information as required by law or for our legitimate business purposes.
Monitoring
Poshmark has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We retain your personal information for as long as necessary to provide our services, comply with our legal obligations, resolve disputes, and enforce our agreements. When you delete your account, we will delete or anonymize your personal information, unless we are required to retain it for legal or regulatory purposes.— Excerpt from Poshmark's Poshmark Privacy Policy
REGULATORY LANDSCAPE: GDPR Article 5 requires that personal data be kept no longer than necessary for the purposes for which it is processed, and controllers must be able to demonstrate compliance with defined retention periods. The absence of specific retention schedules in the policy may not satisfy GDPR's accountability requirements. CCPA and CPRA require disclosure of the retention period or criteria used to determine retention for each category of personal information, which a general statement may not fully satisfy. GOVERNANCE EXPOSURE: Medium. The retention language is broadly consistent with standard industry practice but does not specify retention periods by data category, which creates ambiguity and potential non-compliance with GDPR and CPRA disclosure requirements. Legal hold and regulatory retention exceptions are appropriate but should be defined with more specificity to be defensible. JURISDICTION FLAGS: EU and UK users face heightened exposure given GDPR's requirement for specific retention criteria. California users have CPRA rights to know the retention period for each category of personal information collected. Any jurisdiction that has enacted data minimization requirements creates risk where retention is not tied to specific demonstrated purposes. CONTRACT AND VENDOR IMPLICATIONS: Data processing agreements with storage, analytics, and backup vendors should include retention schedules that align with the company's internal data retention policy. Vendors should be required to delete personal data upon account closure or upon expiration of the applicable retention period. COMPLIANCE CONSIDERATIONS: A formal data retention schedule that specifies retention periods or criteria for each category of personal information should be developed and maintained, consistent with GDPR Article 13 and 14 requirements and CPRA disclosure obligations. The process for account deletion should be audited to verify that deletion or anonymization is completed within a reasonable and documented timeframe.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
There is no specific retention period stated in the policy, meaning Poshmark may retain your personal data for an extended and indefinite period, and some data may be kept even after you delete your account if a legal reason exists.
Your personal data may be retained for an unspecified period after account closure if Poshmark determines a legal or regulatory obligation applies, which limits your ability to fully remove your information from Poshmark's systems.
ConductAtlas has identified this type of provision across 4 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Poshmark.