Spotify requires users to be at least 13 years old with parental consent, or 18 years old to agree to these Terms independently. Parents who enable kids' access on a family plan confirm they are the legal guardian and consent on behalf of the child.
Minors between 13 and 17 using Spotify are subject to the full Terms — including the mandatory arbitration clause and the broad content license — and their data is collected under representations of parental consent that Spotify cannot independently verify. Parents should actively monitor any minor's Spotify account, particularly use of the Family plan's kids experience.
How other platforms handle this
We share your personal information with third parties to help us use your personal information as described above. We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis an...
Apple may share personal data with companies who provide services on our behalf, with our business partners, and with app developers through the App Store ecosystem. Third-party app developers and partners are subject to their own privacy policies.
We will share individual user information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to: meet any applicable law, regulation, legal process or enforceable govern...
Spotify's self-attestation model for age and parental consent creates compliance risk under COPPA for users aged 13–15, as the law requires verifiable parental consent for children under 13 and has specific obligations regarding data collected from minors. The platform's ability to verify these representations is limited.
REGULATORY FRAMEWORK: This provision directly engages COPPA (15 U.S.C. §6501 et seq.; 16 CFR Part 312), which prohibits collection of personal information from children under 13 without verifiable parental consent — enforced by the FTC with civil penalties up to $51,744 per violation. For users aged 13–17, FTC guidance on teen privacy and GDPR Article 8 (EU, age of digital consent varies 13–16 by member state) apply. California's Age-Appropriate Design Code Act (AB 2273, effective July 2024) imposes additional obligations for platforms likely to be accessed by minors, including data minimization and default privacy settings.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.