T-Mobile Privacy Notice — T-Mobile

8 Total

5 High severity

3 Medium severity

0 Low severity

Summary

This is T-Mobile's privacy policy explaining what personal information they collect about you and how they use and share it. The most important thing to know is that T-Mobile collects and may share your precise location data, call records, browsing activity on their network, and financial information with advertising partners and third-party data brokers — and you must actively opt out to limit this. California residents and users in other states with privacy laws can submit a data deletion or opt-out request at T-Mobile's Privacy Center at t-mobile.com/privacy-center.

Technical Summary

This document is T-Mobile's Privacy Notice governing the collection, use, sharing, and retention of personal data for customers, prospective customers, and visitors to T-Mobile's websites, apps, and services, with legal basis rooted in contractual necessity, legitimate interests, and consent under applicable US state and federal telecommunications privacy law. The notice requires T-Mobile to disclose its collection of an exceptionally broad category of personal data including precise geolocation, CPNI (Customer Proprietary Network Information), biometric identifiers, financial data, device identifiers, network usage patterns, and inferred characteristics derived from data analytics. Notably, T-Mobile explicitly reserves the right to share personal data with a wide array of third parties including advertising partners and data aggregators, and uses location and network usage data for targeted advertising — a practice that deviates from consumer expectations for a primary telecommunications provider and carries heightened risk given T-Mobile's prior FCC and FTC enforcement history regarding data breaches and unauthorized data sharing. The notice engages CPNI regulations under 47 U.S.C. § 222, CCPA/CPRA (Cal. Civ. Code §1798.100 et seq.), COPPA (15 U.S.C. § 6501), state biometric privacy statutes including Illinois BIPA (740 ILCS 14), and FTC Act Section 5, with enforcement by the FCC, FTC, and state attorneys general; material compliance considerations include the adequacy of opt-out mechanisms for data sale and sharing, the sufficiency of CPNI consent disclosures, and the lawfulness of using sensitive network-derived data for commercial advertising purposes.

Institutional Analysis

REGULATORY EXPOSURE: This document engages 47 U.S.C. § 222 (CPNI regulations, enforced by the FCC), FTC Act Section 5 (unfair or deceptive acts, enforced by the FTC), CCPA/CPRA Cal. Civ. Code §1798.100–1798.199 (enforced by the California Privacy Protection Agency and California AG), COPPA 15 U.S.C…

🔒

Compliance intelligence locked

Regulatory exposure, material risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Evidence Provenance

Captured March 28, 2026 06:08 UTC

Document ID CA-D-000342

Version ID CA-V-000359

Source URL https://www.t-mobile.com/privacy-center/our-practices/privacy-policy

Wayback Machine View archived versions →

SHA-256 0bea3165472d2af0533c05819d9edd56f0c754476ce59c45045d8a4d270485ea

✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Cryptographically signed

Change Timeline

March 28, 2026 — Document updated low

T-Mobile reorganized the navigation menu listing their various privacy notices on March 28, 2026. The order and names of some notices in the menu were rearranged — for example, 'Financial Privacy Notice' and 'Biometric Information Privacy Notice' appear in different positions, and some notice names were slightly adjusted. This is a cosmetic/structural change to how the privacy center is organized and does not alter any of the actual privacy rights or data practices described in those notices.

· 1 modified
View changes → View record →
0bea3165…
March 19, 2026 — Initial capture

First snapshot archived

929e3338…

Analyzed Changes

1 change analyzed since monitoring began.

Updated March 28, 2026

low

What changed T-Mobile updated their T-Mobile Privacy Notice on March 28, 2026. Change detected: 1 sentence(s) modified. Document contained 315 sentences after update.

Consumer impact T-Mobile reorganized the navigation menu in their Privacy Center, changing the order in which privacy notices appear and slightly renaming one notice ('Biometric Data Privacy Notice' to 'Biometric Information Privacy Notice'). This does not change any rights, data practices, or protections described in the underlying notices. No action is needed from consumers as a result of this change.

Why it matters This change is purely cosmetic and does not affect consumer rights or data practices. Users looking for specific privacy notices in T-Mobile's Privacy Center may find them in a different order than before.

High Severity — 5 provisions

Location Data Collection and Sharing
T-Mobile collects your precise GPS location and network-derived location data and may share it with third-party advertising partners, analytics companies, and affiliated businesses. This happens through your use of their network and apps, not just when you explicitly share your location.

Added April 1, 2026
CPNI Use for Marketing
T-Mobile uses your Customer Proprietary Network Information — which includes records of calls you make, who you called, when, for how long, and from where — to market additional services to you unless you opt out. Federal law gives you the right to restrict this use.

Added April 1, 2026
Third-Party Data Sharing for Advertising
T-Mobile shares your personal data — including device identifiers, browsing behavior, app usage, and demographic inferences — with advertising networks and marketing partners to serve you targeted ads both on and off T-Mobile's own platforms. This constitutes a 'sale' or 'sharing' of personal data under California law.

Added April 1, 2026
Data Security and Breach History
T-Mobile states that it uses reasonable security measures to protect your personal data but does not guarantee the security of your data and acknowledges that no security system is perfect. T-Mobile has experienced multiple major data breaches affecting tens of millions of customers.

Added April 1, 2026
Sensitive Personal Information Collection
T-Mobile collects sensitive categories of personal information including precise geolocation, financial account details, government-issued ID numbers (Social Security numbers), and potentially biometric identifiers, and uses this data for service provision, fraud prevention, and in some cases for marketing purposes.

Added April 1, 2026

Medium Severity — 3 provisions

Children's Privacy and COPPA Compliance
T-Mobile's services are not directed to children under 13, and the company states it does not knowingly collect personal data from children under 13 without verifiable parental consent. However, T-Mobile offers family plans where minors are account lines, creating practical data collection exposure.

Added April 1, 2026
Data Access, Deletion, and Correction Rights
T-Mobile provides customers — and particularly California residents — with rights to access, correct, delete, and obtain a portable copy of their personal data. Requests can be submitted through the Privacy Center online or by phone.

Added April 1, 2026
Data Retention Practices
T-Mobile retains your personal data for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements — but does not commit to specific maximum retention periods for most data categories. This means data may be retained indefinitely in some circumstances.

Added April 1, 2026