Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC has jurisdiction over inadequate disclosure of third-party data sharing as unfair or deceptive practices under FTC Act Section 5.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Third-Party Services and Business Interactions clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Third-Party Services and Business Interactions — WhatsApp

Share 𝕏 Share in Share 🔒 PDF

What it is

When you interact with businesses or third-party apps connected to WhatsApp, those external parties receive your phone number and interaction data.

Consumer impact (what this means for users)

Interacting with businesses, bots, or third-party apps through WhatsApp can result in your phone number, message initiation data, and shared information being transmitted to those external parties, who have their own separate privacy policies that WhatsApp does not control.

Cross-platform context

See how other platforms handle Third-Party Services and Business Interactions and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Third-party integrations with WhatsApp can result in your phone number and behavioral data being shared with businesses and app developers beyond Meta's ecosystem, potentially without clear user awareness.

View original clause language

Third-Party Services. When you or others use third-party services or other Meta Company Products that are integrated with our Services, those third-party services may receive information about what you or others share with them. For example, if you use a third-party app, website, or other service that is integrated with our Services, they may receive your phone number, the fact that you've initiated communication, and other information you choose to share with them.

Institutional analysis (Compliance & legal intelligence)

1. REGULATORY FRAMEWORK: GDPR Art. 13/14 transparency obligations require clear disclosure of third-party data recipients. GDPR Art. 28 requires data processing agreements with processors. Where third parties act as independent controllers, GDPR Art. 26 joint controller or separate controller analysis applies. CCPA/CPRA disclosure obligations for third-party sharing apply to California residents. FTC Act Section 5 prohibits deceptive practices regarding third-party data sharing. 2.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC has jurisdiction over inadequate disclosure of third-party data sharing as unfair or deceptive practices under FTC Act Section 5.
File a complaint →

Provision details

Document information

Document

WhatsApp Privacy Policy

Entity

Document last updated

April 29, 2026

Tracking information

First tracked

April 27, 2026

Last verified

April 27, 2026

Record ID

CA-P-003495

Document ID

CA-D-00176

Evidence Provenance

Source URL

https://www.whatsapp.com/legal/privacy-policy

Wayback Machine

View archived versions →

SHA-256

da3747c89494f5bc1ac42196c98a312f3a8f2653a848eb7d232db53b79597ebe

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: WhatsApp | Document: WhatsApp Privacy Policy | Record: CA-P-003495
Captured: 2026-04-27 13:47:46 UTC | SHA-256: da3747c89494f5bc…
URL: https://conductatlas.com/platform/whatsapp/whatsapp-privacy-policy/third-party-services-and-business-interactions/
Accessed: May 2, 2026

Classification

Severity

Medium

Third-Party Services and Business Interactions