Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This document establishes ClickUp's data collection, use, and sharing practices for users of its task management platform. ClickUp collects personal data including account information, email, payment details, usage patterns, device information, and workspace content, and shares specified categories of this data with third-party advertising and analytics partners. The policy provides that user data transfers to successor entities in acquisition or merger scenarios, and establishes data subject rights for residents of California and the EU, including access, correction, deletion, and opt-out mechanisms exercisable via privacy@clickup.com.
This document is ClickUp's Privacy Policy governing the collection, use, storage, and disclosure of personal data for users of ClickUp's project management platform, with stated legal bases including consent, legitimate interests, and contractual necessity under applicable frameworks including GDPR and CCPA. The policy states that ClickUp collects categories of personal data including account information, usage data, device and browser data, payment information, and content users upload to the platform, and the terms authorize sharing this data with third-party service providers, advertising partners, and in the context of business transfers such as mergers or acquisitions. Notably, the policy distinguishes between 'Customer Data' (content uploaded by users and their teams) and data ClickUp collects about users for its own operational and marketing purposes, a separation that has operational significance for business customers who control workspace data but may have limited visibility into how ClickUp uses behavioral and telemetry data. The policy engages GDPR for EU and UK users, CCPA and CPRA for California residents, and references data subject rights including access, deletion, portability, and opt-out of sale or sharing; jurisdiction-dependent rights mean the practical scope of protections varies significantly depending on where a user is located. Business customers deploying ClickUp in enterprise contexts should assess the data processing agreement terms separately, as this policy does not fully govern the controller-processor relationship for Customer Data.
Institutional analysis available with Compliance
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.
Start Compliance free trial1 important change detected
2 versions captured · Last updated: June 2026
Monitoring
ClickUp has updated this document before.
Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Compliance Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Compliance free trialCross-platform context
See how other platforms handle AI and Product Improvement Use of Workspace Content and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.