DoorDash uses your personal data to show you targeted ads on its own platform and on third-party websites. The policy states you can opt out of this use of your data, with details provided in the privacy rights section.
This analysis describes what DoorDash's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy authorizes use of personal data for ad targeting on third-party platforms, which under CCPA and CPRA constitutes a sale or sharing of personal information requiring an opt-out right for California residents and analogous rights for residents of other covered states.
DoorDash's policy authorizes use of your personal data to display personalized ads for DoorDash and merchant partners on third-party websites and platforms. California residents and residents of certain other states have the right to opt out of this sharing of data for advertising purposes.
How other platforms handle this
If you would like to opt out of the disclosure of your personal information for purposes that could be considered "sales" for those third parties' own commercial purposes, or "sharing" or processing for purposes of targeted advertising, please visit the following link, which is also available in the...
You have the right to opt out of the sale or sharing of your personal information. To exercise this right, please click on the 'Do Not Sell or Share My Personal Information' link available on our website, or contact us as described in the 'Contact Us' section of this policy. We will process your req...
California law gives residents the right to know what personal information we collect, use, share or sell; to delete personal information under certain circumstances; to opt-out of the sale or sharing of their personal information; to correct inaccurate personal information; to limit the use and dis...
Monitoring
DoorDash has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"To Advertise and Promote DoorDash and our Services, including displaying advertising related to our Services or Merchants on our Services and on third-party websites and platforms, improving, developing and implementing marketing campaigns, analyzing whether our advertising is effective, and showing you ads that are most relevant to you about DoorDash and our Merchants. To opt-out of ad personalization on third-party platforms, please see information on the right to opt-out of the sale or sharing below.— Excerpt from DoorDash's DoorDash Privacy Policy
REGULATORY LANDSCAPE: The sharing of personal information with advertising partners for cross-context behavioral advertising constitutes a sale or sharing of personal information under the CCPA and CPRA, enforced by the California Privacy Protection Agency. Analogous opt-out rights exist under the Colorado Privacy Act, Connecticut Data Privacy Act, Virginia CDPA, and other state frameworks. The FTC's enforcement of Section 5 of the FTC Act also reaches deceptive or unfair advertising data practices. GOVERNANCE EXPOSURE: Medium. The opt-out right for advertising data sharing is disclosed and required to be operationally functional under CCPA and CPRA. Compliance teams should verify that the opt-out mechanism is accessible, properly implemented, and that downstream advertising partners honor opt-out signals, including Global Privacy Control (GPC) signals where required. JURISDICTION FLAGS: California residents have the strongest protections under CPRA, including the right to opt out of sharing for cross-context behavioral advertising. Colorado and Connecticut require recognition of universal opt-out signals such as GPC. EU and EEA users would require explicit consent for behavioral advertising under GDPR. CONTRACT AND VENDOR IMPLICATIONS: Agreements with advertising networks, analytics platforms, and demand-side platforms should be reviewed to confirm they are structured as service provider or contractor agreements under CCPA to the extent applicable, or that opt-out signals are transmitted and honored. Data processing addenda with advertising partners should specify permissible use limitations. COMPLIANCE CONSIDERATIONS: Legal teams should audit the opt-out mechanism for advertising data sharing, confirm GPC signal recognition is implemented where required, and assess whether the list of advertising partners receiving personal information is fully disclosed. Cookie consent mechanisms on the website should be evaluated against state and international requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy authorizes use of personal data for ad targeting on third-party platforms, which under CCPA and CPRA constitutes a sale or sharing of personal information requiring an opt-out right for California residents and analogous rights for residents of other covered states.
DoorDash's policy authorizes use of your personal data to display personalized ads for DoorDash and merchant partners on third-party websites and platforms. California residents and residents of certain other states have the right to opt out of this sharing of data for advertising purposes.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by DoorDash.