What can I do about this clause?

{'method': 'WEB_FORM', 'recipient': 'https://privacy.openai.com', 'difficulty': 'EASY', 'action_type': 'OPT_OUT_ARBITRATION', 'instructions': 'California residents can submit opt-out of sale/sharing requests, access requests, deletion requests, and sensitive personal information limitation requests at privacy.openai.com. Select your right type and complete the identity verification process.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'State_AG', 'reason': 'The California Attorney General and California Privacy Protection Agency (CPPA) have primary enforcement authority over CCPA/CPRA rights including opt-out of sale/sharing and sensitive personal information limitation rights.', 'complaint_url': 'https://www.naag.org/find-my-ag/'}

What is the severity of this clause?

ConductAtlas classifies this California-Specific Privacy Rights (CCPA/CPRA) clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar California-Specific Privacy Rights (CCPA/CPRA) clauses across approximately 1 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

California-Specific Privacy Rights (CCPA/CPRA) — OpenAI

Share 𝕏 Share in Share 🔒 PDF

What it is

If you live in California, you have special legal rights to control your data at OpenAI, including the right to stop your data from being sold or used for advertising and to limit use of sensitive personal information.

Clause Stability Highly Volatile

Change

Month Monitored

Apr 27, 2026

First Seen

Apr 27, 2026

Last Seen

This clause has changed once in 1 month of monitoring.

Change history

added May 1, 2026

This new provision adds explicit CPRA compliance language including sensitive data limitation rights, representing alignment with 2023 California privacy law amendments not present in previous version.

View full change record →

Consumer impact (what this means for users)

California residents can exercise CPRA rights including opting out of the sale or sharing of personal information for cross-context behavioral advertising, limiting use of sensitive personal information, and receiving non-discriminatory service regardless of whether they exercise these rights.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Opt Out of Arbitration

California residents can submit opt-out of sale/sharing requests, access requests, deletion requests, and sensitive personal information limitation requests at privacy.openai.com. Select your right type and complete the identity verification process.

Cross-platform context

See how other platforms handle California-Specific Privacy Rights (CCPA/CPRA) and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

California residents have the strongest privacy protections available to any US users of OpenAI's services, including the right to limit how sensitive personal information — like health data shared in chats — is used, which other US residents do not automatically have.

View original clause language

If you are a California resident, you have the right to know what Personal Information we collect, use, disclose, and sell; the right to delete Personal Information we collected from you; the right to correct inaccurate Personal Information; the right to opt-out of the sale or sharing of your Personal Information; the right to limit the use and disclosure of your sensitive Personal Information; and the right to non-discrimination for exercising your rights. To exercise these rights, please visit our Privacy Portal at privacy.openai.com or contact us at privacy@openai.com.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: This provision implements CCPA/CPRA Cal. Civ. Code §§1798.100–1798.199.100, enforced by the California Privacy Protection Agency and California AG. Specific rights implicated include: right to know (§1798.110), right to delete (§1798.105), right to correct (§1798.106), right to opt-out of sale/sharing (§1798.120), right to limit SPI use (§1798.121), and non-discrimination right (§1798.125). Response deadlines are 45 days extendable to 90 days with notice. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

State AG

The California Attorney General and California Privacy Protection Agency (CPPA) have primary enforcement authority over CCPA/CPRA rights including opt-out of sale/sharing and sensitive personal information limitation rights.
File a complaint →

Provision details

Document information

Document

OpenAI Privacy Policy

Entity

OpenAI

Document last updated

April 29, 2026

Tracking information

First tracked

April 27, 2026

Last verified

April 27, 2026

Record ID

CA-P-003162

Document ID

CA-D-00010

Evidence Provenance

Source URL

https://openai.com/policies/privacy-policy

Wayback Machine

View archived versions →

SHA-256

8d0fc75b2591d6a033bfeb50a1e7b57bb62cb682a52fcbbd714621617a7525af

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: OpenAI | Document: OpenAI Privacy Policy | Record: CA-P-003162
Captured: 2026-04-27 09:30:04 UTC | SHA-256: 8d0fc75b2591d6a0…
URL: https://conductatlas.com/platform/openai/openai-privacy-policy/california-specific-privacy-rights-ccpacpra/
Accessed: May 2, 2026

Classification

Severity

Medium

California-Specific Privacy Rights (CCPA/CPRA)