Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This is McDonald's privacy policy for U.S. users, explaining what personal data McDonald's collects when you use its website, app, or loyalty program, including your location, purchase history, device identifiers, and payment information, and how that data is shared with advertising partners, franchisees, and analytics providers. The most important thing to know is that McDonald's collects geolocation data and purchase history and uses this information for targeted advertising, including sharing it with third-party ad partners, and California residents have the right to opt out of the sale or sharing of their personal information for advertising purposes. If you are a California resident, you can submit a privacy request, including an opt-out of data sharing for advertising, through the 'Your Privacy Choices' link on McDonald's website.
This document is McDonald's U.S. Privacy Policy, governing the collection, use, and sharing of personal information by McDonald's USA, LLC across its websites, mobile applications, and digital services, with a stated legal basis grounded in user consent and legitimate business interests. The policy states that McDonald's collects a broad range of personal information including name, contact details, payment card information, geolocation data, device identifiers, purchase history, and inferences drawn from usage behavior, and the terms authorize sharing this information with franchisees, service providers, advertising partners, and affiliated companies for marketing, analytics, and operational purposes. The policy discloses that McDonald's participates in interest-based advertising and may share personal information with third-party advertising and analytics partners, and while it provides opt-out mechanisms for certain uses, the breadth of data categories collected and the scope of third-party sharing are consistent with common large-scale consumer brand practices, though the combination of geolocation, purchase history, and behavioral inference data creates a meaningful profile-building capability. The policy expressly addresses California residents under the California Consumer Privacy Act and California Privacy Rights Act, providing specific rights including the right to know, delete, correct, and opt out of the sale or sharing of personal information, and acknowledges applicability of additional state privacy laws; compliance obligations under CCPA/CPRA are materially engaged given McDonald's scale and the volume of California consumers served. The policy also references children's privacy protections consistent with COPPA, stating that its online services are not directed to children under 13 and that McDonald's does not knowingly collect personal information from children under that age.
Institutional analysis available with Professional
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.
Start Professional free trialMonitoring
McDonald's has updated this document before.
Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
Professional Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Professional free trialCross-platform context
See how other platforms handle Children's Privacy and COPPA Notice and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.