What can I do about this clause?

{'method': 'WEB_FORM', 'recipient': 'https://privacy.fanduel.com/dont_sell', 'difficulty': 'DIFFICULT', 'action_type': 'OPT_OUT_ARBITRATION', 'instructions': 'Visit privacy.fanduel.com/dont_sell on every browser and device you use to access FanDuel. Complete the form each time you clear your cookies or use a new browser to maintain your opt-out preference.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'State_AG', 'reason': 'The California Attorney General and California Privacy Protection Agency have enforcement authority over CPRA opt-out mechanism requirements including mandatory GPC signal recognition.', 'complaint_url': 'https://www.naag.org/find-my-ag/'}, {'agency': 'FTC', 'reason': 'The FTC has authority under Section 5 to challenge opt-out designs that are deceptive or create unfair barriers to the exercise of consumer privacy rights.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Per-Device Per-Browser Opt-Out Requirement clause as high severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Per-Device Per-Browser Opt-Out Requirement — FanDuel

Share 𝕏 Share in Share 🔒 PDF

What it is

To stop FanDuel from selling or sharing your data for advertising, you must opt out separately on every browser and device you use, and your opt-out is erased every time you clear your cookies.

Consumer impact (what this means for users)

Your opt-out from data sale and sharing is not permanent — it resets whenever your browser cookies are cleared, meaning you could unknowingly revert to having your data sold unless you repeat the process regularly across all your devices.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Opt Out of Arbitration

Visit privacy.fanduel.com/dont_sell on every browser and device you use to access FanDuel. Complete the form each time you clear your cookies or use a new browser to maintain your opt-out preference.

Cross-platform context

See how other platforms handle Per-Device Per-Browser Opt-Out Requirement and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

This opt-out mechanism places a disproportionate burden on consumers and may conflict with California's requirement to honor Global Privacy Control signals, effectively making it difficult to maintain a persistent opt-out.

View original clause language

If you would like to opt out of the disclosure of your personal information for purposes that could be considered 'sales' for those third parties' own commercial purposes, or 'sharing' or processing for purposes of targeted advertising, please visit the following link, which is also available in the footer of our Services: 'Your Privacy Choices' and follow the instructions to submit a request. You must make this choice on each site/app on each browser/device you use to access the Services. You must also renew this choice if you clear your cookies or your browser is set to do that.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: CPRA (Cal. Civ. Code §1798.135) requires businesses to recognize legally-recognized browser-based opt-out preference signals including the Global Privacy Control (GPC). Designing an opt-out mechanism that is cookie-dependent and device-specific may be inconsistent with this requirement. The California Privacy Protection Agency (CPPA) and California Attorney General jointly enforce CPRA. Colorado CPA and Connecticut CTDPA similarly require GPC signal recognition. FTC Act Section 5 unfairness doctrine may also apply if the opt-out design is found to be deceptive.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

State AG

The California Attorney General and California Privacy Protection Agency have enforcement authority over CPRA opt-out mechanism requirements including mandatory GPC signal recognition.
File a complaint →
FTC

The FTC has authority under Section 5 to challenge opt-out designs that are deceptive or create unfair barriers to the exercise of consumer privacy rights.
File a complaint →

Provision details

Document information

Document

FanDuel Privacy Policy

Entity

FanDuel

Document last updated

April 29, 2026

Tracking information

First tracked

April 18, 2026

Last verified

April 18, 2026

Record ID

CA-P-003085

Document ID

CA-D-00351

Evidence Provenance

Source URL

https://www.fanduel.com/privacy

Wayback Machine

View archived versions →

SHA-256

7288d892d405c6e4e2ff3edcab320a3a60995c74e41738fc591ef3a1e522c359

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: FanDuel | Document: FanDuel Privacy Policy | Record: CA-P-003085
Captured: 2026-04-18 12:24:39 UTC | SHA-256: 7288d892d405c6e4…
URL: https://conductatlas.com/platform/fanduel/fanduel-privacy-policy/per-device-per-browser-opt-out-requirement/
Accessed: May 2, 2026

Classification

Severity

High

Per-Device Per-Browser Opt-Out Requirement