The policy prohibits advertisers from using targeting parameters based on sensitive personal characteristics including race, religion, health conditions, and sexual orientation when serving paid advertising on X.
This analysis describes what X's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision restricts the use of sensitive data categories for ad targeting, which intersects with GDPR Article 9 special category data protections in the EU and similar frameworks in other jurisdictions; advertisers using audience segmentation tools must verify that their targeting configurations do not rely on prohibited sensitive attributes.
Interpretive note: The full technical scope of prohibited targeting parameters and how X enforces this restriction within its targeting tools is contained in linked external pages and is not fully determinable from this document alone.
This provision establishes that advertisers on X are prohibited from targeting users based on sensitive personal characteristics including race, religion, health, and sexual orientation; users are not able to directly verify advertiser targeting configurations, but the policy states that X's approval process is designed to check compliance with these restrictions.
How other platforms handle this
Advertisers may not use sensitive personal information including health conditions, sexual orientation, religious beliefs, or political views as the basis for ad targeting. Snap's targeting tools do not permit targeting based on these categories, and advertisers may not use custom audience data deri...
When you select a Special Ad Category, some audience selection options won't be available, including options based on age, gender, ZIP code, and some detailed targeting options and some custom audience targeting options.
Ads must not target based on sensitive data or categories, including political affiliation or opinions, racial or ethnic origin, data concerning health (including medical information and consumer health data), genetic data, biometric data, religious or philosophical affiliation or beliefs, data rela...
Monitoring
X has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"X Advertising Policies apply to monetization on X and X's paid advertising products. Advertisers on X are responsible for their X Ads. This means following all applicable laws and regulations, creating honest ads, and advertising safely and respectfully.— Excerpt from X's X Ads Policies
(1) REGULATORY LANDSCAPE: Targeting restrictions on sensitive categories interact directly with GDPR Article 9, which prohibits processing of special category personal data without explicit consent or another lawful basis. The restriction also engages CCPA's treatment of sensitive personal information in California and the FTC's guidance on data-based advertising discrimination. The EU's proposed AI Act and existing non-discrimination frameworks may also apply where algorithmic targeting is involved. (2) GOVERNANCE EXPOSURE: High. Use of sensitive category data for ad targeting without explicit consent is a significant compliance risk under GDPR, with potential fines of up to 4% of global annual turnover for violations. Advertisers who inadvertently configure targeting using sensitive attributes through lookalike audiences or inferred data segments may not be aware of the violation until enforcement action is taken. (3) JURISDICTION FLAGS: EU and EEA advertisers face the highest exposure under GDPR. California advertisers face additional obligations under CCPA's sensitive personal information provisions. Illinois BIPA may apply where biometric data is involved in targeting. (4) CONTRACT AND VENDOR IMPLICATIONS: Data management platforms and audience providers used by advertisers should be audited to confirm they do not supply sensitive category segments for X targeting. Data processing agreements with audience providers should include representations that segments do not constitute special category data under GDPR. (5) COMPLIANCE CONSIDERATIONS: Advertisers should conduct a review of their X audience targeting configurations to confirm that no sensitive category attributes are used directly or indirectly. For advertisers using custom audiences or lookalike modeling, a data mapping review should confirm the absence of sensitive category inputs. DPOs at EU-based advertisers should assess whether current targeting practices require a DPIA.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 10 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision restricts the use of sensitive data categories for ad targeting, which intersects with GDPR Article 9 special category data protections in the EU and similar frameworks in other jurisdictions; advertisers using audience segmentation tools must verify that their targeting configurations do not rely on prohibited sensitive attributes.
This provision establishes that advertisers on X are prohibited from targeting users based on sensitive personal characteristics including race, religion, health, and sexual orientation; users are not able to directly verify advertiser targeting configurations, but the policy states that X's approval process is designed to check compliance with these restrictions.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by X.