What is the severity of this clause?

ConductAtlas classifies this Children's Data Exclusion (COPPA Compliance) clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Children's Data Exclusion (COPPA Compliance) — Whatnot

Share 𝕏 Share in Share 🔒 PDF

Recent governance activity Whatnot recorded 2 documented changes in the last 30 days.

Start monitoring updates

Monitor governance changes for Whatnot Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

ⓘ

This analysis describes what Whatnot's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

The 'knowingly collect' standard in COPPA places responsibility on Whatnot to implement age verification — if the platform is accessible to minors without robust age gates, this creates significant COPPA enforcement risk.

Consumer impact (what this means for users)

Whatnot collects a wide range of personal data including purchase history, payment information, precise location, device identifiers, and behavioral data, and shares this information with advertising partners, analytics providers, and potential business acquirers. Users should be aware that data shared with third-party advertising networks may be used to build profiles and deliver targeted advertising across other platforms. You can opt out of the sale or sharing of your personal data for advertising purposes by clicking the 'Do Not Sell or Share My Personal Information' link available on the Whatnot platform.

How other platforms handle this

MyFitnessPal Medium

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information.

Miro Medium

Our Services are not directed to children under the age of 16 and we do not knowingly collect personal data from children under 16. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete such information.

American Airlines Medium

American does not knowingly collect personal information directly from children – persons under the age of 13, or another age if required by applicable law – other than when required to comply with the law or for safety and security reasons. Due to the nature of our Services, we may collect travel i...

See all platforms with this clause type →

Monitoring

Whatnot has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
Our Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete such information as soon as possible. If you believe that we may have any information from or about a child under 13, please contact us at privacy@whatnot.com.

— Excerpt from Whatnot's Whatnot Privacy Policy

Applicable regulations

CCPA/CPRA

California, USA

FTC Act Section 5

United States Federal

GDPR

European Union

Provision details

Document information

Document

Whatnot Privacy Policy

Entity

Whatnot

Document last updated

May 5, 2026

Tracking information

First tracked

May 11, 2026

Last verified

May 11, 2026

Record ID

CA-P-007069

Document ID

CA-D-00732

Evidence Provenance

Source URL

https://www.whatnot.com/privacy

Wayback Machine

View archived versions →

Content hash (SHA-256)

b004999cb5790fcea852f2c7a74f97dc701c834bd53dc7719ae5d0ff36889183

Analysis generated

May 11, 2026 06:35 UTC

Methodology

summarize_document-v8

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Whatnot
Document: Whatnot Privacy Policy
Record ID: CA-P-007069
Captured: 2026-05-11 06:35:36 UTC
SHA-256: b004999cb5790fce…
URL: https://conductatlas.com/platform/whatnot/whatnot-privacy-policy/childrens-data-exclusion-coppa-compliance/
Accessed: May 13, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Sale or Sharing of Personal Data with Advertising Partners medium
AI and Machine Learning Training on User Data medium
Data Sharing in Corporate Transactions medium
Children Under 13 and COPPA Compliance medium
Cross-Border Data Transfers medium
Data Retention low

Professional Governance Intelligence

Need to monitor specific governance provisions?

Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Professional free trial

Or start with Watcher →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Whatnot's Children's Data Exclusion (COPPA Compliance) clause do?

Is ConductAtlas affiliated with Whatnot?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Whatnot.