TLDR ToS

Your Favorite App Just Changed Its Privacy Policy โ€” Here's What That Means

TLDR ToS5 min read

You've seen the notification: "We've updated our Privacy Policy." Maybe it popped up when you opened Instagram, or arrived as an email from Google. Most people tap "Accept" without a second thought.

But privacy policy changes are rarely cosmetic. Here's what actually triggers them โ€” and what you should watch for.

Why apps change their privacy policies

There are a few common triggers:

New monetization

The most concerning reason. When a free app needs more revenue, expanding data collection is often the first move. A policy update might introduce language about "sharing data with advertising partners" or "using data to improve personalized experiences across our family of products."

Regulatory compliance

Laws like GDPR, CCPA, and the EU Digital Markets Act force companies to be more transparent. These changes are usually positive โ€” adding clearer language about your rights, data deletion options, or opt-out mechanisms.

New features

When an app adds a feature that collects new types of data (location, biometrics, health data), the privacy policy has to be updated. This is often legitimate, but worth checking whether the new collection is proportional to the feature.

Acquisitions

When a company gets acquired, the new parent company often wants access to the user data. Watch for language changes around "affiliated companies" or "business transfers."

How to tell if a change is bad

The honest answer: it's hard. Privacy policies are written to obscure, not clarify. But here are three signals:

  1. New categories of data collection. If the previous policy mentioned email and name, and the new one adds "device identifiers, browsing history, and location data," that's a significant expansion.

  2. Broader sharing language. Watch for "third-party partners" replacing specific company names, or "business purposes" replacing specific use cases.

  3. Removed rights. If the old policy gave you the right to delete your data on request and the new one says "we will make reasonable efforts," that's a downgrade.

What TLDR ToS does about it

We automatically re-crawl privacy policies on a regular cycle. When an app's policy changes and the new version scores differently than the old one, we flag it.

On each app's page, you'll see a banner showing:

  • Whether the app's privacy score improved or worsened
  • Which specific flags were added or removed
  • The previous score vs. the current score

You can also watch any app to get notified when its privacy policy changes.

The takeaway

A privacy policy update isn't inherently bad โ€” but it's always worth understanding what changed. The fact that companies bury these changes in walls of legal text is itself a red flag.

Search for any app on TLDR ToS to see its current score and whether anything has changed recently.