What can I do about this clause?

{'method': 'WEB_FORM', 'recipient': 'https://www.ebayinc.com/company/privacy-center/privacy-contact/', 'difficulty': 'MODERATE', 'action_type': 'DELETE_DATA', 'instructions': "Go to eBay's Privacy Center at the link provided, select your data rights request type (access, deletion, portability, or correction), complete identity verification, and submit. eBay must respond within 30 days under GDPR or 45 days under CCPA.", 'deadline_days': 30, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'State_AG', 'reason': "State attorneys general, including California's AG, enforce CCPA/CPRA data subject rights including the right to deletion and opt-out from data sale.", 'complaint_url': 'https://www.naag.org/find-my-ag/'}

What is the severity of this clause?

ConductAtlas classifies this Data Subject Rights (Access, Erasure, Portability) clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Subject Rights (Access, Erasure, Portability) clauses across approximately 1 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Subject Rights (Access, Erasure, Portability) — eBay

Share 𝕏 Share in Share 🔒 PDF

Recent governance activity eBay recorded 2 documented changes in the last 30 days.

Start monitoring updates

Monitor governance changes for eBay Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

Document Record

What it is

You have the right to request access to your personal data, ask for it to be deleted, receive a copy of it, or object to how it is being used — and eBay is required to respond to these requests.

ⓘ

This analysis describes what eBay's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

These rights are legally enforceable under GDPR for EU/UK users and under CCPA/CPRA for California residents, and exercising them gives you genuine control over your personal information held by eBay.

Recent Activity

This document changed recently

Medium May 1, 2026

eBay's updated privacy notice now provides more structured and detailed information about what personal data it collects, why it processes that data, and how it handles cross-border transfers. The addition of explicit data protection officer contact information and a clear table of contents makes the privacy framework more accessible and transparent. You can review the new notice to understand what data categories eBay collects and contact the designated data protection officer with privacy concerns.

View change record →

Consumer impact (what this means for users)

eBay collects an extensive range of personal data including financial details, government IDs, biometric data (for sellers), browsing behavior, and location data, and shares this information with advertising partners, payment processors, and other third parties for targeted marketing and fraud detection. Consumers' messages sent through eBay's platform may be filtered and scanned, and their data may be transferred internationally across eBay's global affiliates. You can manage your communication preferences, advertising settings, and submit data rights requests through eBay's Privacy Center at https://www.ebayinc.com/company/privacy-center/privacy-contact/.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data
Within 30 days
Go to eBay's Privacy Center at the link provided, select your data rights request type (access, deletion, portability, or correction), complete identity verification, and submit. eBay must respond within 30 days under GDPR or 45 days under CCPA.

Cross-platform context

See how other platforms handle Data Subject Rights (Access, Erasure, Portability) and similar clauses.

Compare across platforms →

Monitoring

eBay has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

GDPR Articles 15-22 and CCPA/CPRA create legally enforceable data subject rights requiring documented response procedures, identity verification protocols, and response within statutory timeframes (30 days under GDPR; 45 days under CCPA). Compliance teams should audit request fulfillment processes and ensure automated rights-fulfillment systems are operational.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

State AG

State attorneys general, including California's AG, enforce CCPA/CPRA data subject rights including the right to deletion and opt-out from data sale.
File a complaint →

Provision details

Document information

Document

eBay Privacy Notice

Entity

eBay

Document last updated

May 5, 2026

Tracking information

First tracked

March 20, 2026

Last verified

March 20, 2026

Record ID

CA-P-00256005

Document ID

CA-D-00256

Evidence Provenance

Source URL

https://www.ebay.com/help/policies/member-behaviour-policies/ebay-privacy-notice?id=4260

Wayback Machine

View archived versions →

Content hash (SHA-256)

25df3f91ea4a5a9b05c662a78fb2370aa6c6e937fc688367c0ce62b22adbf19b

Analysis generated

March 20, 2026 05:15 UTC

Methodology

summarize_document-v7

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: eBay
Document: eBay Privacy Notice
Record ID: CA-P-00256005
Captured: 2026-03-20 05:15:36 UTC
SHA-256: 25df3f91ea4a5a9b…
URL: https://conductatlas.com/platform/ebay/ebay-privacy-notice/data-subject-rights-access-erasure-portability/
Accessed: June 10, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Extensive Personal Data Collection high
Third-Party Advertising Data Sharing high
Message Filtering and Scanning medium
AI-Driven Profiling and Personalization medium
Cross-Border Data Transfers medium
Seller Identity Verification and Sensitive Data Collection high

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does eBay's Data Subject Rights (Access, Erasure, Portability) clause do?

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.

Is ConductAtlas affiliated with eBay?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by eBay.