Depending on where you live, you may have rights to access, correct, delete, or export your personal information by submitting a request through Coinbase's online Privacy Rights portal.
Current version adds '(subject to certain exceptions)' qualifier to deletion rights, removes 'object to or restrict processing' and 'opt out of targeted advertising', and adds 'lodge a complaint with data protection authority'.
View full change record →Coinbase provides a centralized Privacy Rights portal at coinbase.com/settings/privacy-rights where you can submit requests to access, correct, delete, or export your personal data, though deletion rights are subject to significant AML/KYC legal retention exemptions.
Cross-platform context
See how other platforms handle Consumer Privacy Rights (Access, Deletion, Correction, Portability) and similar clauses.
Compare across platforms →Knowing how to exercise these rights is essential — you can request a copy of all data Coinbase holds about you, correct errors in your identity records, or request deletion of data not subject to legal retention requirements.
REGULATORY FRAMEWORK: GDPR Arts. 15-22 establish rights of access, rectification, erasure, restriction, portability, and objection for EU/EEA users; Art. 12 requires responses within one month (extendable to three). CCPA §§1798.100-1798.125 and CPRA amendments establish equivalent rights for California residents with 45-day response deadline (extendable to 90 days with notice). Virginia VCDPA, Colorado CPA, Connecticut CTDPA, and other state laws establish similar rights with varying deadlines. UK GDPR establishes equivalent rights for UK users with one-month response deadline. Enforcement: EU/EEA DPAs, CPPA/California AG, state AGs, ICO.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.