Walmart states it does not knowingly collect data from children under 13, and requires affirmative opt-in consent before selling or sharing data of California residents aged 13 to 15.
This analysis describes what Walmart's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
COPPA prohibits collection of personal information from children under 13 without verifiable parental consent, and CPRA prohibits the sale or sharing of personal information of consumers aged 13 to 15 without their affirmative opt-in authorization; the policy's disclosure of these practices establishes Walmart's stated compliance posture for minors.
Interpretive note: The adequacy of Walmart's age verification mechanisms to satisfy COPPA's verifiable parental consent standard and the AADC's applicability to Walmart's digital services are not fully addressed in the available policy text.
The policy states that Walmart's services are not directed to children under 13 and that California residents aged 13 to 15 must affirmatively opt in before Walmart will sell or share their personal information, meaning minors in this age range receive a higher level of data sharing protection than adult consumers under California law.
How other platforms handle this
Depending on where you live, you may have certain rights with respect to your personal information. These rights may include: The right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which we collected i...
Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children under the age of 13 without parental consent. If we become aware that we have collected personal information from a child under the age of 13 without parental consent, we wil...
Our online services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information as quickly as possible.
Monitoring
Walmart has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Our services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 without parental consent. California residents between 13 and 15 years of age may opt in to the sale or sharing of their personal information, but we will not sell or share such information without affirmative authorization.— Excerpt from Walmart's Walmart Privacy Policy
1) REGULATORY LANDSCAPE: The Children's Online Privacy Protection Act (COPPA), enforced by the FTC, prohibits collection of personal information from children under 13 without verifiable parental consent. CPRA establishes an affirmative opt-in requirement for the sale or sharing of personal information of consumers aged 13 to 15. The FTC has pursued enforcement actions against major retailers for inadvertent collection of children's data through general consumer-facing services. 2) GOVERNANCE EXPOSURE: Medium. The policy's statement that services are 'not directed to' children under 13 does not fully address situations where minors access Walmart's digital services through a parent's account or through general-purpose store interactions. Age verification mechanisms and their adequacy are a recurring FTC enforcement concern. 3) JURISDICTION FLAGS: COPPA applies nationally. California's CPRA and the California Age-Appropriate Design Code (AADC) create additional design and data handling obligations for services likely to be accessed by minors. The AADC applies to online services likely to be accessed by children under 18 and may create obligations beyond the general COPPA threshold. 4) CONTRACT AND VENDOR IMPLICATIONS: Third-party advertising and analytics partners receiving data from Walmart's digital properties should be contractually prohibited from creating profiles of users known or reasonably suspected to be minors. Walmart Connect advertising partners should have representations about compliance with COPPA and applicable state children's privacy requirements. 5) COMPLIANCE CONSIDERATIONS: Legal teams should review whether Walmart's age-gating mechanisms on its digital properties satisfy COPPA's verifiable parental consent standard and whether the AADC's risk assessment requirements apply to Walmart's digital services given their general consumer audience.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
COPPA prohibits collection of personal information from children under 13 without verifiable parental consent, and CPRA prohibits the sale or sharing of personal information of consumers aged 13 to 15 without their affirmative opt-in authorization; the policy's disclosure of these practices establishes Walmart's stated compliance posture for minors.
The policy states that Walmart's services are not directed to children under 13 and that California residents aged 13 to 15 must affirmatively opt in before Walmart will sell or share their personal information, meaning minors in this age range receive a higher level of data sharing protection than adult consumers under California law.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Walmart.