The Shein US privacy notice page loads advertising and analytics tracking scripts from Taboola, Google Tag Manager (property DC-15299257), four distinct Snapchat pixel configurations, Outbrain, and Pinterest. These scripts are conditionally loaded based on the privacy consent SDK state, as indicated by the data-sheinprivacytype attribute pattern on each script tag.
This analysis describes what Shein's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The deployment of seven or more advertising and analytics tracking integrations on the privacy notice page engages CCPA and CPRA definitions of sale and sharing of personal information with third parties. The data-sheinprivacytype attribute on each script tag indicates these integrations are subject to the consent management SDK, which is operationally significant for compliance with opt-out of sale and sharing obligations.
Interpretive note: Whether data flows to these advertising vendors constitute sale or sharing under CCPA/CPRA depends on the contractual agreements between Shein and each vendor, which are not disclosed in this document.
Previously, Shein asked users to explicitly agree or disagree with account persistence for future logins. The updated terms remove this choice entirely. Instead of a consent decision, users now see a promotional discount offer in that location. This means users lose direct control over whether Shein maintains their login session across device visits, which affects convenience and privacy preferences around authentication persistence.
View change record →Under these terms, visiting the Shein US privacy notice page may result in data transmission to Taboola, Google, four Snapchat pixel endpoints, Outbrain, and Pinterest, subject to consent state managed by the Privacy SDK. The agreement's consent management layer controls whether these scripts execute based on user consent or GPC signal status.
How other platforms handle this
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
(function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ "gtm.start": new Date().getTime(), event: "gtm.js" }); ... j.src = "https://www.googletagmanager.com/gtm.js?id=" + i + dl; ... })(window, document, "script", "dataLayer", 'GTM-5JLZ694');
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
Monitoring
Shein has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"src="https://trc.taboola.com/1142432/trc/3/json" ... src="https://www.googletagmanager.com/gtag/js?id=DC-15299257" ... src="https://tr.snapchat.com/config/com/af90c7f8-bd28-4988-b1ce-1711aad792f4.js" ... src="https://tr.snapchat.com/config/com/8fbe1595-8c5a-46b1-bbb2-66f3d57debde.js" ... src="https://tr.snapchat.com/config/com/61be30a0-f186-4c86-aa42-fede180621d7.js" ... src="https://tr.snapchat.com/config/com/90a6a3ab-e767-459b-a5ce-b259efb872dd.js" ... src="https://wave.outbrain.com/mtWavesBundler/handler/0071bb7c836e84030571c73a47f0588d19" ... src="https://s.pinimg.com/ct/lib/main.8bbbbe54.js"— Excerpt from Shein's Shein Terms and Conditions
1) REGULATORY LANDSCAPE: This provision engages CCPA and CPRA definitions of sale and sharing of personal information with third parties for cross-context behavioral advertising purposes, enforced by the California Privacy Protection Agency and California Attorney General. FTC jurisdiction applies to any deceptive representation of data practices. The deployment of Snapchat, Pinterest, and Taboola pixels may also engage data processing requirements under state privacy laws in Virginia, Colorado, Connecticut, Texas, and Oregon for residents of those states. 2) GOVERNANCE EXPOSURE: High. The simultaneous deployment of four distinct Snapchat pixel IDs on a single page warrants vendor assessment to determine whether each represents a separate data controller relationship, and whether each is covered by a current service provider or contractor agreement limiting use of personal information to Shein's specified purposes. The presence of advertising trackers on the privacy notice page itself may attract regulatory attention. 3) JURISDICTION FLAGS: California creates primary exposure given CPRA sale and sharing opt-out requirements. Illinois users should be assessed for BIPA applicability if any pixel collects biometric identifiers. EU and UK users are addressed by a separate site configuration (siteUid: 'us' suggests this configuration is US-specific). 4) CONTRACT AND VENDOR IMPLICATIONS: Each of the seven-plus third-party tracking integrations requires a current, executed service provider or contractor agreement (under CCPA/CPRA) to avoid classification as a sale or sharing. Procurement teams should audit agreements with Taboola, Google, Snapchat, Outbrain, and Pinterest to confirm appropriate contractual restrictions are in place and that each vendor's data use is limited to providing services to Shein. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should map data flows from each pixel to confirm personal information categories transmitted to each vendor, verify that the Privacy SDK correctly suppresses pixel firing upon receipt of a GPC signal or explicit opt-out, and confirm that the privacy notice accurately discloses all third-party recipients and purposes as required under CCPA Section 1798.100 et seq.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 10 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The deployment of seven or more advertising and analytics tracking integrations on the privacy notice page engages CCPA and CPRA definitions of sale and sharing of personal information with third parties. The data-sheinprivacytype attribute on each script tag indicates these integrations are subject to the consent management SDK, which is operationally significant for compliance with opt-out of sale and sharing …
Under these terms, visiting the Shein US privacy notice page may result in data transmission to Taboola, Google, four Snapchat pixel endpoints, Outbrain, and Pinterest, subject to consent state managed by the Privacy SDK. The agreement's consent management layer controls whether these scripts execute based on user consent or GPC signal status.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Shein.