If you live in California, you have additional legal rights regarding your personal data at Asana, including the right to know what data is collected, to delete it, and to correct it.
This analysis describes what Asana's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
California residents have some of the strongest statutory privacy rights in the US. Understanding these rights and how to exercise them is practically important for CCPA-protected users.
Interpretive note: The full CCPA rights framework is contained in Asana's separate California Privacy Notice, which is linked from but not reproduced in the hub page analyzed here.
The provision was significantly condensed from a detailed enumeration of CCPA rights to a general reference statement, removing explicit mention of opt-out rights, non-discrimination protections, and limitations on sensitive personal information disclosure.
View full change record →California residents using Asana can exercise CCPA rights including access, deletion, and correction of personal information by contacting privacy@asana.com. The effective scope of these rights for workspace data may depend on the organization's role as controller.
How other platforms handle this
If you are a California resident, you may have the right to: Know what personal information we collect, use, disclose, sell, or share. Correct inaccurate personal information. Delete your personal information. Opt out of the sale or sharing of your personal information. Limit the use and disclosure ...
If you are a California resident, you have the right to: Know what personal information is being collected about you; Know whether your personal information is sold or disclosed and to whom; Say no to the sale of personal information; Access your personal information; Request deletion of your person...
If you are a California resident, you have the right to know what personal information we collect, use, and disclose about you; the right to request deletion of your personal information; the right to opt out of the sale or sharing of your personal information; the right to correct inaccurate person...
Monitoring
Asana has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Asana's policy references specific privacy rights for California residents including rights to know, delete, and correct personal information as required under the CCPA.— Excerpt from Asana's Asana Privacy Statement
(1) REGULATORY LANDSCAPE: The California Consumer Privacy Act as amended by the California Privacy Rights Act grants California residents rights to know, delete, correct, and opt out of sale or sharing of personal information. The California Privacy Protection Agency and California Attorney General have enforcement authority. Asana's classification as a service provider or business under CCPA determines the scope of obligations. (2) GOVERNANCE EXPOSURE: Medium. Asana's CCPA compliance framework must distinguish between data for which it is a business (controller) and data for which it is a service provider (processor). Failure to maintain this distinction in practice, or to honor valid consumer requests within 45-day statutory deadlines, creates regulatory exposure. (3) JURISDICTION FLAGS: Applies specifically to California residents. Organizations with California employees using Asana should assess their own CCPA compliance obligations as controllers of employee data processed through the platform. (4) CONTRACT AND VENDOR IMPLICATIONS: Service agreements with California-based organizations should include CCPA-compliant service provider provisions prohibiting Asana from selling or sharing personal information for its own purposes. Procurement teams should confirm these provisions exist in executed agreements. (5) COMPLIANCE CONSIDERATIONS: California-facing privacy notices must be reviewed to ensure they accurately describe Asana's CCPA rights framework. Internal workflows should be tested to confirm requests received at privacy@asana.com are triaged within CPRA-required timeframes and routed to the appropriate responsible party.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
California residents have some of the strongest statutory privacy rights in the US. Understanding these rights and how to exercise them is practically important for CCPA-protected users.
California residents using Asana can exercise CCPA rights including access, deletion, and correction of personal information by contacting privacy@asana.com. The effective scope of these rights for workspace data may depend on the organization's role as controller.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Asana.