OpenAI modified two sentences in its US Privacy Policy on May 19, 2026. The document timestamp was updated from April 30, 2026 to May 18, 2026. More substantially, the opt-out mechanism for users who are not logged in was expanded: users can now opt out either through a new 'Settings > Data Controls' option within ChatGPT or through the existing 'Your Privacy Choices' link on the website.
The updated policy establishes an additional pathway for users who are not logged in to opt out of data practices. Previously, the only stated opt-out mechanism for logged-out users was the 'Your Privacy Choices' link on the website. The revised language now permits logged-out users to access opt-out controls through 'Settings > Data Controls' within ChatGPT itself, in addition to the website link. You can use either method to manage your privacy preferences.
The updated language expands the accessibility of privacy opt-out controls by providing a second pathway (in-app) for users who are not logged in. This clarifies that users have multiple methods to exercise opt-out rights and reduces friction for accessing privacy controls directly within ChatGPT.
→ Access 'Settings > Data Controls' in ChatGPT to opt out if logged out
→ Alternatively, use the 'Your Privacy Choices' link on OpenAI's website to opt out
→ The terms will apply as written; the revised policy establishes multiple opt-out pathways for logged-out users but does not mandate use of either
Expanded to include in-app Settings > Data Controls pathway in addition to website Privacy Choices link
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
This change adds an operational disclosure about opt-out accessibility for logged-out users. It does not materially alter OpenAI's data processing authority or obligations under CCPA, GDPR, or similar regimes. The change appears to be a disclosure clarification indicating that an in-app privacy control pathway now exists alongside the existing web-based mechanism. No new compliance obligation is created; the change reflects an operational enhancement to existing opt-out procedures. Legal review is not likely required unless the organization uses this platform to serve its own customers and needs to verify that downstream privacy notices accurately reflect available user controls.
CCPA (California Consumer Privacy Act), GDPR (General Data Protection Regulation), VCDPA (Virginia Consumer Data Protection Act), and similar state and international privacy regimes that require disclosure of opt-out mechanisms. This change may engage FTC authority over unfair or deceptive practices if opt-out representations are misleading or if promised controls are not functionally available.
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002167.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — WatcherOpenAI updated a hyperlink in its Enterprise Privacy document on May 19, 2026. The previous link text 'Learn more about …
OpenAI modified a single hyperlink in its API Data Usage Policies on May 19, 2026. The phrase 'Learn more about …
OpenAI modified the definition of 'Pricing Page' in their Business Terms on May 19, 2026 by adding a web accessibility …
OpenAI expanded its data sharing terms to include third-party marketing partners. The updated policy authorizes the use of personal data fo…
How Meta, TikTok, and Supabase restructured governance language across documents, jurisdictions, and consent frameworks through incremental…
How 10 AI platforms describe the use of user data for model training, improvement, and development, based on archived governance provisions.
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.