OpenAI removed language describing a separate category of marketing partners and the cookie-based data sharing practices used with those partners. The updated policy now consolidates all third-party recipients under a single "Vendors and Service Providers" category and removes explicit disclosure of cookie-based marketing partner data sharing. Separately, language stating that OpenAI does not process sensitive data for inferring characteristics about users has been deleted.
The updated policy removes explicit language describing how OpenAI shares personal data with marketing partners through cookies and similar technologies. The policy previously stated that 'some of these partners may receive information through cookies and similar technologies' and offered users choices to learn more and control that sharing; this language is now absent. Additionally, the updated policy deletes a statement that OpenAI does not process sensitive data for the purpose of inferring characteristics about users, removing a specific protection that was previously disclosed.
The updated terms remove explicit transparency around how OpenAI shares data with marketing partners via cookies and remove a stated protection against sensitive data inference. These removals reduce explicit consumer-facing disclosure of specific data practices that were previously described. Whether these practices continue under alternative authorization or have ceased is now unclear from the policy text alone, which may affect how consumers and regulators assess data handling practices.
→ The policy terms will apply as written; users will no longer have explicit policy language describing cookie-based marketing partner data sharing or limitations on sensitive data inference
Language describing cookie-based data sharing with marketing partners and user control options is deleted
Statement that sensitive data is not processed for inferring user characteristics is deleted
Separate 'marketing partners' category is removed and consolidated into 'Vendors and Service Providers'
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
OpenAI no longer explicitly states in its policy that cookies may be used to share your data with marketing partners
OpenAI no longer explicitly states it does not use sensitive data to make inferences about your characteristics or interests
OpenAI removed language disclosing cookie-based marketing partner data sharing and a statement that sensitive data is not used for inferential profiling. These deletions reduce explicit transparency disclosures without clarifying whether the practices continue under different language or have ceased. Organizations using OpenAI services should clarify whether these practices persist and how they are now described. Regulatory exposure depends on applicable privacy law (GDPR, CCPA, etc.), which may require affirmative disclosure of such practices regardless of whether OpenAI's policy text describes them. The removal of sensitive data inference language creates potential GDPR/state privacy law compliance questions if the practice was previously subject to heightened restrictions.
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-001863.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — WatcherOpenAI's Privacy Policy was updated on May 9, 2026 with a single language modification in the document header. The change …
OpenAI removed language describing advertiser data partnerships and ad personalization controls for free users, while also removing the specific statement …
OpenAI added a new statement clarifying that sensitive data is not processed to infer characteristics about users. The policy also …
OpenAI expanded its data sharing terms to include third-party marketing partners. The updated policy authorizes the use of personal data fo…
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.