Which regulatory agencies enforce this type of clause?

{'agency': 'State_AG', 'reason': "California's Attorney General and Privacy Protection Agency enforce CPRA requirements regarding Global Privacy Control signals, which may be implicated by this provision.", 'complaint_url': 'https://www.naag.org/find-my-ag/'}

What is the severity of this clause?

ConductAtlas classifies this Do Not Track Non-Response clause as low severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Do Not Track Non-Response clauses across approximately 5 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Do Not Track Non-Response — Sourcegraph Cody

Share 𝕏 Share in Share 🔒 PDF

Monitor governance changes for Sourcegraph Cody Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

Document Record

What it is

Sourcegraph does not honor browser-level Do Not Track settings, meaning tracking may continue even if your browser is configured to request no tracking.

ⓘ

This analysis describes what Sourcegraph Cody's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision discloses that browser-based privacy signals intended to limit tracking are not acted upon by Sourcegraph, which is relevant for users relying on browser settings as a privacy control.

⚠

Interpretive note: The policy addresses Do Not Track but does not clarify treatment of Global Privacy Control signals, creating uncertainty about CPRA compliance for California users.

Consumer impact (what this means for users)

Even if your browser sends a Do Not Track signal, Sourcegraph states it does not respond to these signals, meaning cookies, analytics tracking, and behavioral data collection will continue regardless of this browser preference.

Cross-platform context

See how other platforms handle Do Not Track Non-Response and similar clauses.

Compare across platforms →

Monitoring

Sourcegraph Cody has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
Although we do our best to honor the privacy preferences of our users, we are not able to respond to Do Not Track signals from your browser at this time.

— Excerpt from Sourcegraph Cody's Sourcegraph Privacy Policy

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

1) REGULATORY LANDSCAPE: The California Consumer Privacy Act (CCPA) as amended by CPRA requires businesses to treat Global Privacy Control (GPC) signals as opt-out of sale or sharing of personal information. The policy's statement regarding Do Not Track non-response should be evaluated in the context of whether Sourcegraph also addresses GPC compliance for California users. The FTC has also addressed browser-based privacy signals in consumer protection guidance. 2) GOVERNANCE EXPOSURE: Medium. The non-response to Do Not Track is a disclosed limitation, but the policy does not address Global Privacy Control compliance, which is legally required for California businesses under CPRA. This omission may create compliance exposure for California operations. 3) JURISDICTION FLAGS: California residents have a legally enforceable right under CPRA to have GPC signals treated as opt-out of sharing. The policy's disclosure regarding Do Not Track does not clarify whether GPC signals receive different treatment. 4) CONTRACT AND VENDOR IMPLICATIONS: This provision does not create direct vendor or contract implications, but organizations deploying Sourcegraph for California-based employees should confirm whether GPC compliance is implemented at the platform level. 5) COMPLIANCE CONSIDERATIONS: Legal teams with California user populations should request clarification from Sourcegraph on whether the platform honors GPC signals as required under CPRA, and should document the response for compliance records.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Watcher free for 14 days

Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.

Applicable agencies

State AG

California's Attorney General and Privacy Protection Agency enforce CPRA requirements regarding Global Privacy Control signals, which may be implicated by this provision.
File a complaint →

Provision details

Document information

Document

Sourcegraph Privacy Policy

Entity

Sourcegraph Cody

Document last updated

May 12, 2026

Tracking information

First tracked

May 12, 2026

Last verified

May 12, 2026

Record ID

CA-P-011844

Document ID

CA-D-00799

Evidence Provenance

Source URL

https://sourcegraph.com/terms/privacy

Wayback Machine

View archived versions →

Content hash (SHA-256)

df2d4196ecea360b04ad9684b8e596ac2cfeb41cb2be50ace2b878d7c3dd599f

Analysis generated

May 12, 2026 15:34 UTC

Methodology

summarize_document-v8

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Sourcegraph Cody
Document: Sourcegraph Privacy Policy
Record ID: CA-P-011844
Captured: 2026-05-12 15:34:28 UTC
SHA-256: df2d4196ecea360b…
URL: https://conductatlas.com/platform/sourcegraph-cody/sourcegraph-privacy-policy/do-not-track-non-response/
Accessed: May 13, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Low

Other risks in this policy

Amp Free Mode Codebase Keyword Scanning for Advertising medium
Customer Personal Data Exclusion medium
Automated Usage Analytics and Event Tracking medium
Data Sharing with Service Providers and Subprocessors medium
GDPR and Global Privacy Rights medium
Log Data and Access Audit Logs Collection low

Professional Governance Intelligence

Need to monitor specific governance provisions?

Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Professional free trial

Or start with Watcher →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Sourcegraph Cody's Do Not Track Non-Response clause do?

This provision discloses that browser-based privacy signals intended to limit tracking are not acted upon by Sourcegraph, which is relevant for users relying on browser settings as a privacy control.

How does this clause affect you?

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 5 platforms. See the full comparison.

Is ConductAtlas affiliated with Sourcegraph Cody?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Sourcegraph Cody.