X states it may collect your precise GPS location if you grant permission, or estimate your location from your IP address and device settings, and uses this location data to personalize content and serve location-based ads.
This analysis describes what X's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes X's operational authority to gather location signals across multiple data sources and deploy that information for service personalization and ad targeting. The multi-layered collection mechanism means location data accrues through both explicit user actions (permission grants, tagging) and ambient technical signals (IP, device settings).
X may collect your location even if you have not explicitly shared it, by inferring it from your IP address or device settings. This location data is used to serve you location-based advertisements. You can limit precise location sharing by revoking location permissions for X in your device settings.
How other platforms handle this
We collect information about your precise or approximate location as determined through data such as your IP address, GPS, and other inputs from your device, with your permission where required. We may use this information to provide, personalize, and improve our services, and for safety purposes.
Device and Connection Information. Consistent with your device or browser permissions, your device or browser automatically sends us information about when and how you install, access, or use our Services. This includes information such as your device type, operating system information, browser info...
Uber collects precise or approximate location data from riders' and order recipients' mobile devices when the Uber app is running in the foreground (app open and on-screen) or background (app open but not on-screen) of their device. Uber collects this data from the time a ride or order is requested ...
Monitoring
X has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We collect information about your location when you use X. Your location can be determined using precise GPS data if you give us permission, or by less precise means such as your IP address, device settings, or if you tag your location in a post. We may use this location information to personalize our services and show you ads based on your location.— Excerpt from X's X Privacy Policy
REGULATORY LANDSCAPE: Precise location data is classified as sensitive personal information under CPRA, triggering heightened protection and opt-out rights for California residents. GDPR treats location data as personal data subject to Article 6 lawful basis requirements, and precise location data may require explicit consent in some EU supervisory authority interpretations. The FTC has historically scrutinized location data collection practices, particularly where passive collection (via IP inference) may not align with user expectations. GOVERNANCE EXPOSURE: High. The combination of precise GPS data collection (with permission) and passive location inference via IP address and device settings creates a persistent location data collection practice. The use of location data for advertising purposes engages CPRA's sensitive data provisions, which require offering users the right to limit use of sensitive personal information. JURISDICTION FLAGS: California residents have the right to limit use of sensitive personal information under CPRA, which includes precise geolocation. EU and UK users should assess whether X's stated lawful basis for location-based advertising is consent or legitimate interest, as supervisory authorities in several EU member states have taken restrictive positions on legitimate interest as a basis for behavioral advertising involving location data. Illinois and other states with location privacy protections may create additional exposure. CONTRACT AND VENDOR IMPLICATIONS: Organizations using X's advertising platform for location-targeted campaigns should review whether their use of X's location-based targeting tools is consistent with their own privacy disclosures and applicable law. COMPLIANCE CONSIDERATIONS: Compliance teams should verify that location permission requests within the X application satisfy informed consent standards under GDPR and applicable US state law, and that the CPRA right to limit use of precise geolocation is operationally implemented.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes X's operational authority to gather location signals across multiple data sources and deploy that information for service personalization and ad targeting. The multi-layered collection mechanism means location data accrues through both explicit user actions (permission grants, tagging) and ambient technical signals (IP, device settings).
X may collect your location even if you have not explicitly shared it, by inferring it from your IP address or device settings. This location data is used to serve you location-based advertisements. You can limit precise location sharing by revoking location permissions for X in your device settings.
ConductAtlas has identified this type of provision across 16 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by X.