Squarespace can update its privacy policy at any time, and its primary notification method is updating the date at the top of the policy, with additional notice only in some unspecified cases.
This analysis describes what Squarespace's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Because Squarespace is not required to proactively notify all users of every change, material updates to data practices could take effect without users actively realizing the policy has changed.
Interpretive note: The conditions under which 'additional notice' is provided beyond a date update are not defined, creating uncertainty about whether material changes will be proactively communicated.
Squarespace's primary obligation on policy changes is updating the policy date, meaning you may need to proactively monitor the privacy page for changes rather than relying on direct notification of updates that may affect your data.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
Monitoring
Squarespace has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may update this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this policy and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you a notification). We encourage you to review this Privacy Policy whenever you access our services or otherwise interact with us to stay informed about our information practices.— Excerpt from Squarespace's Squarespace Privacy Policy
REGULATORY LANDSCAPE: Policy change notification practices engage GDPR Article 13 and 14 obligations to inform data subjects of material changes to processing, which may require proactive notification rather than passive date-updating for significant changes. The FTC has taken enforcement action against companies that made material privacy policy changes without adequate notice to consumers. CCPA and CPRA require conspicuous disclosure of material changes. GOVERNANCE EXPOSURE: Medium. The policy reserves discretion over when additional notice is provided beyond date updates, which may not satisfy GDPR or CCPA requirements for material changes. Compliance teams should assess whether Squarespace's change notification practices are triggered appropriately when new processing activities or data-sharing arrangements are introduced. JURISDICTION FLAGS: EU and UK users have the strongest notification rights under GDPR, which may require affirmative notice of material changes to processing activities. California users should receive notice of material CCPA-relevant changes. The adequacy of date-only notification for material changes is jurisdiction-dependent. CONTRACT AND VENDOR IMPLICATIONS: B2B customers relying on Squarespace's privacy practices for their own compliance representations should monitor for policy changes that could affect their own customer disclosures or DPA terms. Change management processes should include tracking of Squarespace's privacy policy versioning. COMPLIANCE CONSIDERATIONS: Compliance teams should establish a monitoring process for Squarespace privacy policy changes, particularly for material changes involving new data categories, new sharing arrangements, or changes to lawful bases. For EU-facing operations, assess whether material changes trigger re-notification obligations to data subjects or fresh consent collection.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Because Squarespace is not required to proactively notify all users of every change, material updates to data practices could take effect without users actively realizing the policy has changed.
Squarespace's primary obligation on policy changes is updating the policy date, meaning you may need to proactively monitor the privacy page for changes rather than relying on direct notification of updates that may affect your data.
ConductAtlas has identified this type of provision across 10 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Squarespace.