Canva's privacy policy page now displays a cookie banner before the main policy content. The update adds three sentences about cookie usage, stating that Canva uses essential cookies to operate the service and requests consent for additional cookies used for personalization, advertising, and analytics. Users can now accept all cookies or access detailed cookie preferences through a linked cookie policy.
The updated privacy policy page now includes a prominent cookie disclosure banner before the main policy text. The banner states that Canva uses essential cookies required for service operation and requests consent to use additional cookies for personalization, advertising, and site analytics. You can either accept all cookies or access the cookie policy to manage individual preferences.
The updated terms establish an explicit consent mechanism for non-essential cookies, moving from implicit to affirmative consent. This change aligns Canva's privacy policy presentation with GDPR and CCPA requirements for transparent cookie disclosure and user control, and signals that Canva is implementing granular preference management rather than relying on single accept-all mechanisms.
→ Review the cookie policy linked in the banner to understand what cookies Canva uses
→ Select 'Manage cookies' to customize individual cookie preferences rather than accepting all
→ All cookie categories will be enabled as stated in the updated terms if you select 'Accept all cookies'
→ Canva will use essential cookies regardless of preference selection, as these are required for service operation
Canva now displays cookie consent before the privacy policy, with options to accept all cookies or manage preferences individually
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
Canva added a cookie consent interface to its privacy policy landing page, disclosing cookie usage categories and providing consent mechanisms. This change engages GDPR Article 7 (consent) and CCPA disclosure requirements. The implementation appears designed to obtain affirmative consent for non-essential cookies and provide granular preference management. Compliance teams should verify that the cookie banner functions properly, that the referenced cookie policy contains required disclosures, and that consent signals are recorded and honored in the backend. No immediate action is typically required unless the organization's vendor or DPA requires explicit notification of changes to Canva's consent mechanisms.
GDPR (Articles 4, 7, 13 - consent and transparency), CCPA (California Civil Code 1798.100 - consumer rights and disclosure), ePrivacy Directive (consent for non-essential cookies), UK PECR (consent for cookies and electronic marketing)
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-001997.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorNetflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the …
TikTok's data collection extends to device sensors, clipboard content, geolocation, and cross-site tracking. Here is what their Privacy Pol…
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.