DoorDash states that it provides privacy rights including access, deletion, correction, and opt-out rights, with the specific rights available depending on your state or country of residence. The policy includes jurisdiction-specific disclosures for California, Virginia, Colorado, Connecticut, and international users.
This analysis describes what DoorDash's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The availability and scope of privacy rights, including the right to delete data, opt out of data sale or sharing, correct inaccurate data, and receive a copy of data, depends on the user's jurisdiction. Users in states without comprehensive privacy laws may have fewer rights under this policy.
Interpretive note: The specific scope and operational implementation of privacy rights for users outside explicitly named jurisdictions is not fully detailed in the portion of the policy available, and rights may vary depending on the completeness of the jurisdiction-specific supplemental disclosures.
Your privacy rights under this policy depend on where you live. California residents have the broadest rights including opt-out of data sale or sharing and correction rights, while users in other states or countries have rights as specified under their applicable law. Residents of states without comprehensive privacy laws may rely primarily on the rights DoorDash voluntarily discloses.
How other platforms handle this
If you are a California resident, you may have certain rights under the California Consumer Privacy Act (CCPA). These rights may include: the right to know about personal information collected, disclosed, or sold; the right to delete personal information collected from you; the right to opt-out of t...
Depending on where you live, you may have certain rights with respect to your personal information. These rights may include: The right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which we collected i...
Depending on where you live, you may have certain rights regarding your personal information. These rights may include the right to know what personal information we have collected about you, the right to delete your personal information, the right to correct inaccurate personal information, the rig...
Monitoring
DoorDash has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We do not use any sensitive Personal Information for purposes other than as reasonably expected by an average consumer to provide our Services, for legal, security and safety purposes, and without the purpose of inferring characteristics about an individual. Where legally required, DoorDash will collect and process sensitive Personal Information only with consent. When we process de-identified information, we maintain and use the information in de-identified form, and do not attempt to re-identify the information, except as permitted by applicable law.— Excerpt from DoorDash's DoorDash Privacy Policy
REGULATORY LANDSCAPE: This provision engages CCPA and CPRA (California), CDPA (Virginia), Colorado Privacy Act, Connecticut Data Privacy Act, Canadian privacy law (PIPEDA and Quebec Law 25), Australian Privacy Act, and New Zealand Privacy Act. Each framework imposes different rights and response timelines. The California Privacy Protection Agency is the primary enforcement authority for California residents. GOVERNANCE EXPOSURE: Medium. The policy acknowledges jurisdiction-specific rights but the operational implementation of each right, including response timelines, verification processes, and appeals mechanisms, should be reviewed for compliance with each applicable framework. CPRA requires a response to consumer rights requests within 45 days (extendable by an additional 45 days). JURISDICTION FLAGS: California imposes the most comprehensive obligations, including the right to correct, delete, access, and opt out of sharing. Colorado and Connecticut require recognition of universal opt-out mechanisms. Canada and Australia impose their own access and correction rights. EU and EEA users retain full GDPR rights if they access DoorDash services. CONTRACT AND VENDOR IMPLICATIONS: Service provider contracts should include provisions ensuring vendors can facilitate consumer rights requests, including data deletion and access requests, within required timeframes. COMPLIANCE CONSIDERATIONS: Compliance teams should audit the consumer rights request intake and response process across all applicable jurisdictions, document response timelines, and test the operational functionality of deletion, access, correction, and opt-out mechanisms. Appeal mechanisms required under some state frameworks should be documented.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The availability and scope of privacy rights, including the right to delete data, opt out of data sale or sharing, correct inaccurate data, and receive a copy of data, depends on the user's jurisdiction. Users in states without comprehensive privacy laws may have fewer rights under this policy.
Your privacy rights under this policy depend on where you live. California residents have the broadest rights including opt-out of data sale or sharing and correction rights, while users in other states or countries have rights as specified under their applicable law. Residents of states without comprehensive privacy laws may rely primarily on the rights DoorDash voluntarily discloses.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by DoorDash.