All Calm users, regardless of where they live, have the right to know what data Calm holds about them, access or correct it, delete it, or opt out of data being used for advertising.
This analysis describes what Calm's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The clause operationalizes user data rights by establishing a framework through which users can exercise control over their personal information and direct Calm's data handling practices. The provision's applicability across jurisdictions creates a uniform mechanism for addressing user requests while acknowledging that specific rights and procedures may vary based on applicable legal requirements.
You have the right to access, correct, delete, or opt out of advertising use of your data regardless of your location, and can exercise these rights by emailing support@calm.com or using Calm's Help Center.
How other platforms handle this
Depending on your location, you may have certain rights regarding your personal data, including the right to access, correct, delete, or port your data, the right to restrict or object to processing, and where processing is based on consent, the right to withdraw consent at any time. California resi...
If you are located in the European Economic Area or the United Kingdom, you have certain rights with respect to your personal information under applicable data protection law, including the right to access, rectify, or erase your personal information; the right to restrict or object to processing; a...
Depending on where you live, you may have certain rights regarding your personal information. These rights may include the right to know what personal information we have collected about you, the right to delete your personal information, the right to correct inaccurate personal information, the rig...
Monitoring
Calm has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Regardless of your location, but subject to certain limits and conditions provided under law, you have the right to request to: know more about the information we have about you; access information we have about you (including in a portable format); correct information we have about you; opt out of 'sales', targeted advertising, or 'sharing'; and delete the information we have about you.— Excerpt from Calm's Calm Privacy Policy
(1) REGULATORY LANDSCAPE: The extension of privacy rights to all users globally, regardless of jurisdiction, is a policy choice that exceeds the minimum requirements of most applicable laws. GDPR, UK GDPR, CPRA, and a growing number of US state privacy laws (Virginia, Colorado, Connecticut, Texas, etc.) each define specific rights and conditions. Calm's commitment to honor these rights globally simplifies compliance administration but creates operational obligations that must be consistently implemented. (2) GOVERNANCE EXPOSURE: Low. The broad extension of rights is a consumer-positive provision. The key operational risk is ensuring that the rights fulfillment process (verification, response timelines, and scope of rights) is consistently applied across all user populations, not just those in regulated jurisdictions. (3) JURISDICTION FLAGS: EU/EEA and UK users have additional rights including the right to object to processing and to lodge complaints with supervisory authorities, as detailed in the policy's Europe-specific section. California users have CPRA-specific rights including access to inferences drawn about them. Authorized agent provisions are addressed for California users. (4) CONTRACT AND VENDOR IMPLICATIONS: Vendors and service providers must be capable of supporting data subject rights fulfillment, including deletion and portability, within the timeframes required by applicable law. Vendor agreements should include provisions for cooperation with data subject requests. (5) COMPLIANCE CONSIDERATIONS: Legal teams should confirm that response processes for data subject requests comply with GDPR's one-month response window and CPRA's 45-day window (with possible extension). Verification procedures described in the policy should be tested to ensure they do not impose unreasonable barriers to rights exercise. The appeals process (emailing support@calm.com) should be documented and consistently applied.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The clause operationalizes user data rights by establishing a framework through which users can exercise control over their personal information and direct Calm's data handling practices. The provision's applicability across jurisdictions creates a uniform mechanism for addressing user requests while acknowledging that specific rights and procedures may vary based on applicable legal requirements.
You have the right to access, correct, delete, or opt out of advertising use of your data regardless of your location, and can exercise these rights by emailing support@calm.com or using Calm's Help Center.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Calm.