When you place an order, DoorDash shares your personal information including contact details, order information, and potentially location data with the merchant. The merchant can use your contact information to call, email, or text you directly about your order.
This analysis describes what DoorDash's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy states that by placing an order, users acknowledge and agree that merchants may contact them directly using the personal information DoorDash provides, and that DoorDash disclaims responsibility for those merchant-initiated communications.
Interpretive note: The extent to which the liability disclaimer for merchant communications is enforceable under the TCPA and analogous frameworks may depend on the nature of the communications and applicable jurisdiction.
By placing a DoorDash order, you agree that merchants may receive your contact information and use it to reach out to you via phone, email, or SMS about your order, with the merchant bearing sole responsibility for those communications rather than DoorDash.
Cross-platform context
See how other platforms handle Disclosure of Personal Information to Merchants and similar clauses.
Compare across platforms →Monitoring
DoorDash has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"To Merchants: We disclose Personal Information to Merchants in connection with the Services including, without limitation, disclosing Personal Information for the preparation of the order (such as making the food item, selecting and preparing the product or good), facilitating the delivery (whether by a Dasher or by a Merchant's delivery service), for fraud, trust, and safety concerns or matters (such as in connection with orders of age-restricted products or items), and in connection with a Merchant's loyalty program if you choose to link your account with our Services to a Merchant's loyalty program. By placing an order, you acknowledge and agree that, if the Merchant is responsible for the delivery of an order, the Merchant may use your Personal Information to facilitate the delivery of the order to you (including using your contact information to communicate with you via phone calls, emails and/or SMS/text messages about the order and delivery). The Merchant is solely liable and responsible for all communications initiated or sent by the Merchant to you.— Excerpt from DoorDash's DoorDash Privacy Policy
REGULATORY LANDSCAPE: Disclosure of personal information to merchants and downstream use of that data for direct communications engages the Telephone Consumer Protection Act (TCPA) with respect to SMS communications, CAN-SPAM Act for email, and applicable state consumer protection laws. The policy's statement that merchants are solely responsible for their communications does not necessarily insulate DoorDash from liability under all applicable frameworks, particularly if DoorDash initiated the data transfer. GOVERNANCE EXPOSURE: Medium. The provision places contractual responsibility for merchant communications on the merchant rather than DoorDash, but the adequacy of this liability shift under applicable consumer protection and telemarketing laws may depend on the specific communications sent and the jurisdiction of the consumer. TCPA class action exposure for unauthorized SMS messages remains a material risk for platforms that facilitate such communications. JURISDICTION FLAGS: California's Consumer Legal Remedies Act and Invasion of Privacy Act may engage where merchant communications are unsolicited. Canada's Anti-Spam Legislation (CASL) imposes strict consent requirements for commercial electronic messages. Australian Spam Act 2003 has analogous requirements. CONTRACT AND VENDOR IMPLICATIONS: Merchant agreements should specify permissible uses of consumer personal information received through the DoorDash platform, including restrictions on commercial messaging beyond order-related communications. The liability allocation in this provision should be reviewed against merchant contract terms to confirm consistency. COMPLIANCE CONSIDERATIONS: Legal teams should assess whether merchant access to consumer contact information is limited to order-specific communications and whether merchant agreements include binding restrictions on secondary use. The liability disclaimer for merchant-initiated communications should be evaluated against the platform's obligations under applicable telecommunications and privacy law.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy states that by placing an order, users acknowledge and agree that merchants may contact them directly using the personal information DoorDash provides, and that DoorDash disclaims responsibility for those merchant-initiated communications.
By placing a DoorDash order, you agree that merchants may receive your contact information and use it to reach out to you via phone, email, or SMS about your order, with the merchant bearing sole responsibility for those communications rather than DoorDash.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by DoorDash.