Spotify uses your personal data for tailored advertising by default, but you can opt out through the 'Tailored Ads' setting in your account or via the 'Your Privacy Choices' link on the website footer.
This analysis describes what Spotify's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Tailored advertising is described as using information about your service use and activity on other websites and apps to serve interest-based ads; this is characterized as 'sharing' under cross-context behavioral advertising definitions, which triggers opt-out rights under CCPA/CPRA and similar state laws.
Unless you actively opt out via the Tailored Ads setting, Spotify processes your usage data and data received from advertising partners to deliver interest-based advertising across its free and, where applicable, paid service options including in podcasts; opting out results in contextual advertising based on registration information and current listening activity rather than behavioral profiles.
How other platforms handle this
If you would like to opt out of the disclosure of your personal information for purposes that could be considered "sales" for those third parties' own commercial purposes, or "sharing" or processing for purposes of targeted advertising, please visit the following link, which is also available in the...
California law gives residents the right to know what personal information we collect, use, share or sell; to delete personal information under certain circumstances; to opt-out of the sale or sharing of their personal information; to correct inaccurate personal information; to limit the use and dis...
T-Mobile collects Customer Proprietary Network Information (CPNI), which is information about the quantity, technical configuration, type, destination, location, and amount of use of your service. T-Mobile may use your CPNI within its family of companies for the purpose of providing wireless telecom...
Monitoring
Spotify has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Request to opt out of the processing of your personal data for tailored advertising. For more information about our processing for these purposes, see the section 'Tailored advertising controls' below. You can exercise your right to opt out through the 'Tailored Ads' setting. If you do not have an account or are not logged in, you can also opt-out by clicking the 'Your Privacy Choices' link at the footer of our website.— Excerpt from Spotify's Spotify Privacy Policy
REGULATORY LANDSCAPE: The opt-out model for tailored advertising directly engages CCPA/CPRA, which defines cross-context behavioral advertising as 'sharing' of personal information requiring a clear opt-out mechanism and disclosure in a Notice at Collection. The policy references a separate California Notice at Collection. The FTC's guidance on online behavioral advertising also applies. States including Virginia, Colorado, and Connecticut require opt-out rights for targeted advertising under their comprehensive privacy laws. GOVERNANCE EXPOSURE: Medium. The policy provides an opt-out mechanism via account settings and the GPC signal, which aligns with CCPA/CPRA requirements. However, the adequacy of the GPC implementation for logged-out users and the consistency of opt-out application across podcast advertising (managed by hosting providers who may not be Spotify) warrant review. JURISDICTION FLAGS: California creates the highest exposure given CPRA's specific requirements for cross-context behavioral advertising opt-out and the requirement that opt-outs be honored via recognized preference signals such as GPC. Colorado, Connecticut, Virginia, and Texas also require opt-out rights for targeted advertising. The policy's podcast advertising carve-out (noting that hosting providers who may not be Spotify manage those controls) may create gaps in opt-out coverage. CONTRACT AND VENDOR IMPLICATIONS: Advertising partner contracts should be reviewed to confirm they honor Spotify's opt-out signals and do not independently use shared data for re-targeting. The disclosure that advertising partners may provide data to Spotify indicating user interests requires data processing agreements that define permissible use and onward transfer restrictions. COMPLIANCE CONSIDERATIONS: Compliance teams should audit whether the 'Tailored Ads' setting correctly suppresses all relevant data sharing with advertising partners upon opt-out, and whether the GPC signal is honored site-wide and in-app. The podcast advertising disclosure that non-Spotify hosting providers manage those opt-out controls should be reviewed to confirm it does not create a compliance gap under applicable state opt-out requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Tailored advertising is described as using information about your service use and activity on other websites and apps to serve interest-based ads; this is characterized as 'sharing' under cross-context behavioral advertising definitions, which triggers opt-out rights under CCPA/CPRA and similar state laws.
Unless you actively opt out via the Tailored Ads setting, Spotify processes your usage data and data received from advertising partners to deliver interest-based advertising across its free and, where applicable, paid service options including in podcasts; opting out results in contextual advertising based on registration information and current listening activity rather than behavioral profiles.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Spotify.