EU and UK users have a full set of GDPR rights including the ability to access, correct, delete, and port their data, restrict how it is processed, and object to certain uses including direct marketing.
This analysis describes what ClickUp's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
These are legally enforceable rights that ClickUp must respond to within statutory timeframes, giving EU and UK users significantly stronger protections than users in many other regions.
The updated policy now explicitly recognizes eight distinct data subject rights, including rights to access, correct, delete, restrict processing, receive data in portable format, object to processing, withdraw consent, and lodge complaints with regulators. Previously, ClickUp described privacy controls through general opt-out options and data access procedures without formal legal framing. The revised language aligns with GDPR and similar data protection frameworks, providing clearer legal reference points for how users may exercise control over their personal data. You can exercise these rights by contacting ClickUp's support team.
View change record →EU and UK users can exercise rights including data access, deletion, and portability directly with ClickUp, and can escalate unresolved complaints to their national data protection authority without any cost or penalty.
How other platforms handle this
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
Monitoring
ClickUp has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If you are located in the European Union or the United Kingdom, you have certain rights under the General Data Protection Regulation (GDPR) or the UK GDPR, as applicable, including the right to access your personal data, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object to processing, and the right to lodge a complaint with a supervisory authority.— Excerpt from ClickUp's ClickUp Privacy Policy
(1) REGULATORY LANDSCAPE: This provision reflects obligations under GDPR Articles 15 through 22 and equivalent UK GDPR provisions. Enforcement is handled by national data protection authorities in EU member states and by the UK ICO. ClickUp must respond to verified requests within one month, extendable by two months in complex cases, under GDPR Article 12. Failure to respond or fulfill valid requests creates direct regulatory exposure. (2) GOVERNANCE EXPOSURE: Medium. The policy's acknowledgment of GDPR rights is required by law and consistent with standard practice for global SaaS providers. The adequacy of ClickUp's request intake and fulfillment process is not described in the policy, and organizations should verify operational readiness through the DPA. (3) JURISDICTION FLAGS: EU member state residents and UK residents have the strongest enforceable rights under this policy. The right to lodge complaints with supervisory authorities means enforcement can be initiated at no cost to the individual. The right to object to legitimate interest processing is particularly relevant where ClickUp relies on legitimate interests as a lawful basis for behavioral data processing. (4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers whose employees or end users exercise GDPR rights may receive requests that flow back through ClickUp's request fulfillment process; organizations should ensure their DPA specifies how ClickUp will support the customer in responding to data subject requests within the statutory timeframe. (5) COMPLIANCE CONSIDERATIONS: Organizations should document ClickUp's role in their data subject request workflows and verify that ClickUp's response capability meets GDPR timelines. Where ClickUp acts as a processor, the DPA should specify the support ClickUp will provide for Article 15-22 requests directed at Customer Data.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
These are legally enforceable rights that ClickUp must respond to within statutory timeframes, giving EU and UK users significantly stronger protections than users in many other regions.
EU and UK users can exercise rights including data access, deletion, and portability directly with ClickUp, and can escalate unresolved complaints to their national data protection authority without any cost or penalty.
ConductAtlas has identified this type of provision across 5 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by ClickUp.