WhatsApp automatically collects extensive technical information from your device including your IP address, mobile network, battery level, unique device identifiers, and identifiers linked to other Facebook/Meta products on the same device.
This analysis describes what WhatsApp's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The collection of unique identifiers associated with other Facebook Company products on the same device creates a technical linkage between your WhatsApp usage and your activity on other Meta platforms, supporting cross-platform data integration described elsewhere in the policy.
The updated policy removes an unconditional statement of intent and replaces it with conditional language: 'We have no intention to introduce them, but if we ever do, we will update this Privacy Policy.' This revision reserves WhatsApp's right to introduce ad formats in Status and Channels in the future, subject only to updating the privacy policy at that time. The prior language established a stronger commitment; the updated language is more permissive. No specific consumer action is required; the change is informational regarding WhatsApp's future flexibility on advertising formats.
View change record →The updated terms no longer state that WhatsApp has no intention to introduce ads in Status and Channels. Instead, the revised language indicates that if ads are introduced in these features, WhatsApp will update its privacy policy to reflect the change. This means the company has reserved the option to add ads to Status and Channels in the future, subject to policy update notification.
View change record →The updated policy now explicitly discloses that users 'may see other types of ads in Status and Channels,' whereas the prior language stated WhatsApp had 'no intention to introduce' new ad types. This represents a shift from a stated commitment not to expand advertising toward an explicit acknowledgment that new ad categories may appear on WhatsApp's social features. The policy also updated its regional privacy guidance by removing a reference to Thai Personal Data Protection Act rights and adding a new section directing US residents to WhatsApp's United States Regional Privacy Notice for information about their consumer privacy rights under US law.
View change record →WhatsApp collects device identifiers including those shared with Facebook and Instagram on the same device, your IP address, mobile network details, and battery and signal information; this data is collected automatically when you use the app and forms part of the information shared with Meta Companies.
How other platforms handle this
We collect information about your location, such as data from your device's GPS or IP address, when you use our products.
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
Monitoring
WhatsApp has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We collect device and connection-specific information when you install, access, or use our Services. This includes information such as hardware model, operating system information, battery level, signal strength, app version, browser information, mobile network, connection information (including phone number, mobile operator or ISP), language and time zone, IP address, device operations information, and identifiers (including identifiers unique to Facebook Company Products associated with the same device or account).— Excerpt from WhatsApp's WhatsApp Privacy Policy
REGULATORY LANDSCAPE: Automatic collection of device identifiers, IP addresses, and cross-platform linkage identifiers engages GDPR Article 4(1) (personal data definition, as IP addresses and persistent identifiers constitute personal data), Article 5 (data minimization), and ePrivacy Directive requirements for the use of tracking technologies in EU/EEA member states. The UK GDPR and UK PECR impose equivalent requirements. The FTC Act Section 5 is relevant for US users regarding unfair or deceptive data collection practices. GOVERNANCE EXPOSURE: Medium. The collection of identifiers linked to Facebook Company Products on the same device is operationally significant because it creates a technical bridge between WhatsApp usage data and broader Meta user profiles without requiring explicit user action. This linkage supports the Meta-group data sharing described in the policy. JURISDICTION FLAGS: EU and UK users are protected by both GDPR personal data rules and ePrivacy/PECR requirements for device-level data collection. California residents may have CCPA rights regarding device identifier collection and sharing. Illinois BIPA is not directly implicated by these identifiers unless they constitute biometric data. CONTRACT AND VENDOR IMPLICATIONS: Enterprise deployments should note that device-level identifiers tied to Meta products may create unintended linkages between employee WhatsApp accounts and their personal Meta profiles if they share a device. This has implications for bring-your-own-device policies and enterprise privacy programs. COMPLIANCE CONSIDERATIONS: Privacy teams should include device identifier collection in data mapping exercises and assess whether the collection of cross-platform identifiers is necessary for core messaging service delivery, as GDPR data minimization principles may apply. Cookie and tracking technology audits should encompass device-level identifiers collected by WhatsApp.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The collection of unique identifiers associated with other Facebook Company products on the same device creates a technical linkage between your WhatsApp usage and your activity on other Meta platforms, supporting cross-platform data integration described elsewhere in the policy.
WhatsApp collects device identifiers including those shared with Facebook and Instagram on the same device, your IP address, mobile network details, and battery and signal information; this data is collected automatically when you use the app and forms part of the information shared with Meta Companies.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by WhatsApp.