Eventbrite may share your personal data with advertising companies to show you targeted ads, and under California law this may count as a 'sale' of your data, but you can opt out through your account settings.
This analysis describes what Eventbrite's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Your browsing behavior, event interests, and personal identifiers may be shared with advertising partners for targeted advertising, and exercising the opt-out requires affirmative action by the user.
Interpretive note: Whether Eventbrite's opt-out mechanism satisfies CPRA's GPC recognition requirement and whether advertising data flows qualify as 'sale' or 'sharing' depends on implementation details not fully disclosed in the policy text.
Users who do not actively opt out may have their personal data including behavioral and interest data shared with advertising partners for cross-context behavioral advertising, which California law classifies as a regulated 'sale or sharing' of personal information.
How other platforms handle this
If you would like to opt out of the disclosure of your personal information for purposes that could be considered "sales" for those third parties' own commercial purposes, or "sharing" or processing for purposes of targeted advertising, please visit the following link, which is also available in the...
California law gives residents the right to know what personal information we collect, use, share or sell; to delete personal information under certain circumstances; to opt-out of the sale or sharing of their personal information; to correct inaccurate personal information; to limit the use and dis...
You have the right to opt out of the sale or sharing of your personal information. To exercise this right, please click on the 'Do Not Sell or Share My Personal Information' link available on our website, or contact us as described in the 'Contact Us' section of this policy. We will process your req...
Monitoring
Eventbrite has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may share your personal information with advertising partners for the purpose of showing you ads that are more relevant to you. This may constitute a 'sale' or 'sharing' of personal information under applicable privacy laws. You have the right to opt out of the sale or sharing of your personal information for targeted advertising purposes. To exercise this right, you can visit your account privacy settings or submit a request through our privacy portal.— Excerpt from Eventbrite's Eventbrite Privacy Policy
1. REGULATORY LANDSCAPE: This provision directly engages CCPA/CPRA, which grants California residents the right to opt out of the sale and sharing of personal information for cross-context behavioral advertising. CPRA also requires businesses to recognize the Global Privacy Control (GPC) signal as a valid opt-out, and compliance teams should audit whether Eventbrite's systems honor GPC. Under GDPR, behavioral advertising typically requires explicit consent as a legal basis under Article 6, and the policy's reliance on legitimate interests for advertising purposes may face scrutiny from EU supervisory authorities. 2. GOVERNANCE EXPOSURE: High. The classification of behavioral advertising data flows as potentially constituting a 'sale' or 'sharing' under CCPA/CPRA requires robust opt-out infrastructure. Non-compliance with opt-out requirements has been an active area of California Privacy Protection Agency (CPPA) and State AG enforcement, and the adequacy of Eventbrite's opt-out mechanism is a material compliance question. 3. JURISDICTION FLAGS: California residents have the clearest and most enforceable opt-out rights under CPRA. Virginia, Colorado, Connecticut, and other states with comprehensive privacy laws also provide opt-out rights for targeted advertising, though the enforcement posture varies. EU and UK users face different frameworks where consent is the operative mechanism rather than opt-out, meaning the default position for EU users should be no behavioral advertising absent affirmative consent. 4. CONTRACT AND VENDOR IMPLICATIONS: Advertising partners receiving data under this provision should be assessed as to whether they qualify as 'third parties' (triggering sale/sharing opt-out obligations) or 'service providers' under CCPA/CPRA, as this distinction determines Eventbrite's contractual obligations and the scope of user rights. Procurement teams using Eventbrite in an enterprise context should assess whether employee data could be captured in advertising data flows. 5. COMPLIANCE CONSIDERATIONS: Legal and compliance teams should verify that the opt-out mechanism is functional, accessible, and that GPC signals are honored as required under CPRA. Data mapping should identify all advertising and analytics partners receiving personal data and confirm the legal basis for each transfer. Cookie consent management on Eventbrite's web properties should be audited for alignment with both GDPR consent requirements and CCPA/CPRA opt-out obligations.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Your browsing behavior, event interests, and personal identifiers may be shared with advertising partners for targeted advertising, and exercising the opt-out requires affirmative action by the user.
Users who do not actively opt out may have their personal data including behavioral and interest data shared with advertising partners for cross-context behavioral advertising, which California law classifies as a regulated 'sale or sharing' of personal information.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Eventbrite.