This analysis describes what Supabase's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The provision operationalizes Supabase's compliance obligations under children's privacy regulations, establishing the procedural mechanism by which parental notification and data removal requests are processed when underage users are identified.
The updated policy discloses that Supabase may use business contact information, including email domains, to identify organizations for sales and marketing outreach. The policy now explicitly states that personal information will be shared with Customer.io, a marketing communications service provider. For marketing communications, the policy relies on user consent for three purposes: sending marketing messages, using approximate location information to determine relevant communications, and combining personal information from different sources for relevance determination. These three consents operate independently, meaning you can grant or withdraw any of them without affecting the others. You can manage these marketing-related consents separately through the consent mechanisms available in your account or in response to marketing communications.
View change record →Parents or guardians of children under 13 must affirmatively contact Supabase if they discover their child has created an account or provided personal information; the service implements age-gating through this notice-and-removal mechanism rather than proactive age verification at account creation.
How other platforms handle this
Our Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete such info...
Our Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 without parental consent. If we become aware that a child under 13 has provided us with personal information without parental consent, we will take steps to remo...
We do not knowingly collect personal information from children under 13 without parental consent. If we learn that we have collected personal information from a child under 13 without parental consent, we will delete that information.
Monitoring
Supabase has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Children's privacy— Excerpt from Supabase's Supabase Privacy Policy
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The provision operationalizes Supabase's compliance obligations under children's privacy regulations, establishing the procedural mechanism by which parental notification and data removal requests are processed when underage users are identified.
Parents or guardians of children under 13 must affirmatively contact Supabase if they discover their child has created an account or provided personal information; the service implements age-gating through this notice-and-removal mechanism rather than proactive age verification at account creation.
ConductAtlas has identified this type of provision across 21 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Supabase.