OpenAI · Privacy Policy (ROW)

California and U.S. State Privacy Disclosures

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

California residents have strong legal rights over their data including the right to delete it, correct it, and stop OpenAI from selling or sharing it — these are legally enforceable rights, not just voluntary options.

Consumer impact (what this means for users)

California residents can exercise legally enforceable rights to delete their data, correct errors, opt out of data sharing, and restrict use of sensitive personal information such as health data, financial information, or precise geolocation through OpenAI's privacy portal.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Opt Out of Arbitration
    California residents can opt out of the sale or sharing of personal information by visiting privacy.openai.com and submitting an opt-out request. Look for the 'Do Not Sell or Share My Personal Information' option.

Cross-platform context

See how other platforms handle California and U.S. State Privacy Disclosures and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

California law gives residents enforceable rights that other U.S. users may not have, including the right to stop OpenAI from sharing your data for advertising or other commercial purposes.

View original clause language
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete your personal information, the right to correct inaccurate personal information, the right to opt out of the sale or sharing of your personal information, and the right to limit the use of your sensitive personal information.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: CCPA (Cal. Civ. Code §§1798.100–1798.199) and CPRA (Prop. 24, 2020) grant California residents rights of access, deletion, correction, portability, opt-out of sale/sharing, and sensitive personal information restriction, enforced by the California Privacy Protection Agency (CPPA) and California AG. Similar rights exist under Colorado CPA (C.R.S. §6-1-1301), Connecticut CTDPA (PA 22-15), Virginia VCDPA (Va. Code §59.1-571), Texas TDPSA (Tex. Bus. & Com. Code §541), and Oregon OCPA (ORS 646A).

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • State AG
    The California AG and CPPA enforce CCPA/CPRA; other state AGs enforce their respective state privacy laws for residents of Colorado, Connecticut, Virginia, Texas, and Oregon.
    File a complaint →

Provision details

Document information
Document
Privacy Policy (ROW)
Entity
OpenAI
Document last updated
March 5, 2026
Tracking information
First tracked
March 10, 2026
Last verified
April 27, 2026
Record ID
CA-P-003135
Document ID
CA-D-00006
Evidence Provenance
Source URL
https://openai.com/policies/row-privacy-policy
Wayback Machine
View archived versions →
SHA-256
f3c083059dff1a3f26f2ce10f0072ca60f38c6921517ae6dd07e528e4bfc7ce2
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: OpenAI | Document: Privacy Policy (ROW) | Record: CA-P-003135
Captured: 2026-03-10 03:38:17 UTC | SHA-256: f3c083059dff1a3f…
URL: https://conductatlas.com/platform/openai/privacy-policy-row/california-and-us-state-privacy-disclosures/
Accessed: May 2, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document