10 Total
1 High severity
8 Medium severity
1 Low severity
Summary

This document establishes WhatsApp's data collection, use, and sharing practices, including the categories of personal information processed and the mechanisms through which data flows to Meta Companies. The policy authorizes WhatsApp to collect phone numbers, device identifiers, usage data, and contact lists, and to share these categories with Meta Companies for use in ad personalization on Facebook and Instagram. The policy specifies data subject rights procedures differentiated by jurisdiction: EU and UK users may exercise access, correction, deletion, and data portability rights through in-app settings or direct request; California users may submit data access requests through designated channels.

Technical / Legal Breakdown

This document is WhatsApp's global Privacy Policy, governing the collection, use, storage, and sharing of personal data by WhatsApp LLC (and WhatsApp Ireland Limited for EU/UK users), with stated legal bases including contract performance, legitimate interests, legal obligations, and user consent depending on jurisdiction. The policy states that WhatsApp collects account registration information (phone number, profile name, picture), device identifiers, IP addresses, battery level, signal strength, browser type, mobile network, connection information, location-related data, usage and log information, cookies and tracking technologies, payment and financial transaction data, contacts from user address books, status information, and the content of messages to the extent necessary to deliver services (noting end-to-end encryption for personal messages). The policy authorizes sharing of user information with the broader Meta Companies family of products for infrastructure, safety, research, and product improvement purposes, as well as with third-party service providers, business partners, and in response to legal requests; this cross-company data sharing with Meta platforms (including Facebook and Instagram) is operationally distinct from messaging-only service expectations and has been subject to regulatory scrutiny in multiple jurisdictions. The policy engages GDPR (for EU and UK users, with WhatsApp Ireland Limited as data controller), CCPA (for California residents), and various national data protection frameworks; EU users retain specific rights including access, rectification, erasure, portability, and objection, while the policy designates the Irish Data Protection Commission as lead supervisory authority for EU matters. Material compliance considerations include the scope of Meta-group data sharing, the adequacy of consent mechanisms for cross-platform data integration, the treatment of contacts data uploaded by users (implicating third-party data subject rights), and WhatsApp's use of data to inform advertising shown on Meta platforms even where WhatsApp itself does not display third-party ads.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

29 important changes detected

30 versions captured · Last updated: July 2026

What changed WhatsApp's privacy policy was updated on July 3, 2026 with three sentences modified in the introductory section. The change does not appear to alter substantive data practices or user rights; instead, it reflects routine website maintenance, including updates to technical page identifiers, CSS asset references, and JavaScript resource hashes used to serve the policy page. No new data collection, processing, or privacy practices were introduced.
Why this matters This change does not materially alter WhatsApp's privacy practices or obligations. The detected modifications consist of technical updates to the web page infrastructure that serves the privacy policy (resource identifiers, CSS and JavaScript links). No new data collection, retention, sharing, or user rights provisions were added or removed.
View full change record →
What changed WhatsApp's privacy policy was updated on June 25, 2026. The update modified 3 sentences in the document. The specific operational changes in the modified sentences are not disclosed in the change summary provided, making it impossible to determine what substantive policy modifications were made or what new operational implications exist for users.
Why this matters WhatsApp's privacy policy was updated on June 25, 2026, with 3 sentences modified. The specific content of these modifications is not disclosed in the available change summary, preventing a clear assessment of what operational impact these changes create for users.
View full change record →

June 24, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 24, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 22, 2026 medium

WhatsApp updated its Privacy Policy on June 22, 2026, making two substantive changes. First, the policy removed language stating 'We have no intention to introduce them, but you may see …

View change record →
June 21, 2026 low

WhatsApp added a new section titled 'Privacy Rights for United States Residents' that directs users to a separate United States Regional Privacy Notice for information about consumer privacy rights available …

View change record →
June 21, 2026 low

The diff context provided contains primarily HTML markup and JavaScript code from WhatsApp's website infrastructure, not substantive policy language changes. The before/after snippets show nearly identical website code with minor …

View change record →
June 19, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 19, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 18, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 18, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 18, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 18, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 16, 2026 low

WhatsApp's Privacy Policy on June 16, 2026 contains changes across 3 sentences within its structure, though the specific content modifications are not clearly evident from the provided HTML diff. The …

View change record →
June 14, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 14, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 13, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 13, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 12, 2026 low

The WhatsApp Privacy Policy was updated on June 12, 2026, but the provided change summary contains only HTML metadata and header/footer markup changes with no substantive privacy policy language modifications …

View change record →
June 12, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 12, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 11, 2026 low

WhatsApp updated the contact form URL in its Privacy Policy from a form identifier ending in '696255948470523' to one ending in '915483389072145', a routine technical update to the support contact …

View change record →
June 11, 2026 low

WhatsApp added two new sections to its privacy policy on June 11, 2026. The first establishes a new 'Privacy Rights for United States Residents' section directing users to a separate …

View change record →
June 10, 2026 low

WhatsApp updated five sentences in its privacy policy on June 10, 2026. The change removed conditional language stating 'We have no intention to introduce [ads] in Status and Channels' and …

View change record →
June 9, 2026 low

WhatsApp's Privacy Policy was updated on June 9, 2026, but the provided diff shows only HTML metadata and JavaScript configuration changes, not substantive policy content. The actual text modifications to …

View change record →
June 8, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 08, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 6, 2026 unknown

WhatsApp updated their WhatsApp Privacy Policy on June 06, 2026. Change detected: 3 sentence(s) modified. Document contained 123 sentences after update.

View change record →
June 6, 2026 low

WhatsApp updated its privacy policy on June 6, 2026 by modifying five sentences. The changes included adding a new section titled 'Privacy Rights for United States Residents' that directs users …

View change record →
June 5, 2026 medium

WhatsApp removed language stating it has no intention to introduce ads in Status and Channels, replacing it with a more conditional statement that reserves the right to introduce ads in …

View change record →
June 5, 2026 low

WhatsApp's privacy policy was updated on June 5, 2026, with three sentences modified in the document. The updated language maintains the core structure of the policy while updating HTML metadata …

View change record →
June 4, 2026 low

WhatsApp's privacy policy was updated on June 4, 2026 to add a new section titled 'Privacy Rights for United States Residents' directing users to a separate California-specific privacy notice for …

View change record →
April 21, 2026 low

WhatsApp modified its language about potential future ad formats in Status and Channels. Previously, the policy stated it had no intention to introduce other types of ads but acknowledged users …

View change record →
April 19, 2026 medium

WhatsApp modified two sections of its Privacy Policy on April 19, 2026. First, the policy changed language about advertising on the platform, removing a statement that WhatsApp had 'no intention' …

View change record →
March 23, 2026 low

WhatsApp added a single sentence to its Privacy Policy on March 23, 2026, providing Thai residents with a direct reference to learn about their rights under Thailand's Personal Data Protection …

View change record →
March 20, 2026 low

WhatsApp modified language describing potential future advertising on its Status and Channels features. The previous version stated the company had no intention to introduce other ad types but said users …

View change record →
March 19, 2026 low

WhatsApp's privacy policy was updated on March 19, 2026 to reflect changes in how ads function on the platform. Previously, the policy stated WhatsApp had no intention to introduce certain …

View change record →

Recent Provision Changes Jul 3, 2026

10 provisions unchanged.

View full change record →
High — 1 provision
Medium — 8 provisions
Low — 1 provision

Monitoring

WhatsApp has updated this document before.

Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

Compliance Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Compliance free trial

Cross-platform context

See how other platforms handle Children's Privacy and Age Restrictions and similar clauses.

Compare across platforms →

Mapped Governance Frameworks

CCPA/CPRA
California, USA
View official text ↗
Connecticut Data Privacy Act Amendments
US-CT
View official text ↗
CAN-SPAM
United States Federal
View official text ↗
DMA
European Union
View official text ↗
FTC Act Section 5
United States Federal
View official text ↗
GDPR
European Union
View official text ↗
Indiana Consumer Data Protection Act
US-IN
View official text ↗
Kentucky Consumer Data Protection Act
US-KY
View official text ↗
UK GDPR
United Kingdom
View official text ↗
Universal Opt-Out Mechanism Expansion 2026
US
View official text ↗
VPPA
United States Federal
View official text ↗
Archival ProvenanceSource & Archival Record
Last Captured July 3, 2026 00:24 UTC
Capture Method Automated scheduled archival capture
Document ID CA-D-000176
Version ID CA-V-004433
SHA-256 d7b8d5fa552390ba3fea20d56bae330fb81e70e25f9120f1b7965649a7e437db
✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Hash verified

Governance Monitoring

Monitor governance changes across the platforms you rely on.

Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.

Create free account Compare plans