OpenAI · Privacy Policy (ROW)

User Data Rights and Access

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

You have rights to see, fix, delete, or download your personal data, and to object to how OpenAI uses it — but the extent of these rights depends on where you live.

Consumer impact (what this means for users)

Your ability to access, delete, correct, or export your personal data from OpenAI depends on your jurisdiction — users in California, Colorado, Connecticut, Virginia, Texas, and Oregon have statutory rights, while others rely on OpenAI's voluntary commitments.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Export Your Data
    Visit privacy.openai.com and submit a data access or portability request. You can also go to ChatGPT Settings > Data Controls > Export Data to download your conversation history directly.
  • Delete Your Data
    Visit privacy.openai.com and submit a data deletion request. You can also email privacy@openai.com to request erasure of your personal information.

Cross-platform context

See how other platforms handle User Data Rights and Access and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Users in jurisdictions without strong privacy laws may have fewer enforceable rights, while California residents and others in states with privacy legislation have the broadest protections.

View original clause language
Depending on your location, you may have certain rights regarding your personal data, including the right to access, correct, delete, or port your data, and to object to or restrict certain processing of your data. You can exercise these rights by visiting privacy.openai.com or contacting us at privacy@openai.com.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: GDPR Arts. 15–22 establish rights of access, rectification, erasure, restriction, portability, and objection — covered under a separate EU policy. For ROW users, relevant frameworks include CCPA §§1798.100–1798.125 (California), CPA (Colorado), CTDPA (Connecticut), VCDPA (Virginia), TDPSA (Texas), and OCPA (Oregon). The FTC Act Section 5 applies to deceptive representations about the availability of these rights.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • State AG
    State attorneys general in California, Colorado, Connecticut, Virginia, Texas, and Oregon enforce consumer privacy rights under their respective state privacy statutes.
    File a complaint →

Provision details

Document information
Document
Privacy Policy (ROW)
Entity
OpenAI
Document last updated
March 5, 2026
Tracking information
First tracked
March 10, 2026
Last verified
April 27, 2026
Record ID
CA-P-003134
Document ID
CA-D-00006
Evidence Provenance
Source URL
https://openai.com/policies/row-privacy-policy
Wayback Machine
View archived versions →
SHA-256
f3c083059dff1a3f26f2ce10f0072ca60f38c6921517ae6dd07e528e4bfc7ce2
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: OpenAI | Document: Privacy Policy (ROW) | Record: CA-P-003134
Captured: 2026-03-10 03:38:17 UTC | SHA-256: f3c083059dff1a3f…
URL: https://conductatlas.com/platform/openai/privacy-policy-row/user-data-rights-and-access/
Accessed: May 2, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document