If you are a California resident, you have the right to request that Target not sell your personal information to third parties, and Target provides an opt-out mechanism for this purpose.
This analysis describes what Target's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
California's CCPA gives residents legally enforceable rights to access, delete, and opt out of the sale of their personal data; Target's platform infrastructure includes CCPA-specific API endpoints suggesting these rights are operationally implemented, but consumers must actively exercise them.
Interpretive note: The exact CCPA disclosure language was not fully visible in the truncated document; the existence of CCPA-specific API endpoints in the site infrastructure strongly implies operational implementation, but the precise disclosure text and opt-out scope require confirmation against the full privacy policy.
California customers using Target's same-day delivery service will now pay a CA Shipt Shopper Benefit Fee in addition to standard delivery costs, according to the updated terms. The terms do not spec…
Target removed specific language that explained how Target Circle Bonus rewards are earned, calculated, and reflected in customer accounts across different purchase methods (online, in-store, Same Da…
California residents can request access to, deletion of, or opt out of the sale of their personal information held by Target, but these rights require proactive exercise through Target's privacy controls and do not apply automatically.
How other platforms handle this
California law gives residents the right to know what personal information we collect, use, share or sell; to delete personal information under certain circumstances; to opt-out of the sale or sharing of their personal information; to correct inaccurate personal information; to limit the use and dis...
If you would like to opt out of the disclosure of your personal information for purposes that could be considered "sales" for those third parties' own commercial purposes, or "sharing" or processing for purposes of targeted advertising, please visit the following link, which is also available in the...
Zendesk complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. When Zendesk transfers personal data from the EU, UK, or Switzerland to the United ...
Monitoring
Target has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"California residents may have the right to opt out of the sale of their personal information. Target provides a 'Do Not Sell My Personal Information' link and privacy controls through which California residents can exercise their rights under applicable California law.— Excerpt from Target's Target Terms and Conditions
REGULATORY LANDSCAPE: This provision directly engages the California Consumer Privacy Act and its amendment, the California Privacy Rights Act, enforced by the California Privacy Protection Agency and the California Attorney General. CCPA requires businesses meeting applicable thresholds to provide consumers with rights to know, delete, correct, and opt out of sale or sharing of personal information. The CCPA-specific API endpoints visible in Target's site infrastructure (including do_not_sell_requests and privacy_controls endpoints) indicate operational implementation of these rights, which must align with CCPA's substantive and procedural requirements. GOVERNANCE EXPOSURE: High for California-specific compliance. Target's scale and data collection practices across loyalty, payment, advertising, and registry systems create a broad personal information footprint. Failure to honor opt-out requests within the CCPA-required 15-business-day window, or inadequate disclosure of data sharing practices that constitute a sale or sharing under CPRA, creates enforcement exposure. JURISDICTION FLAGS: California is the primary jurisdiction. Other states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Texas, Montana) have enacted similar but non-identical frameworks; Target's compliance infrastructure should be mapped against each applicable state law. Illinois BIPA may apply if Target collects biometric identifiers through any feature of its platform. CONTRACT AND VENDOR IMPLICATIONS: Third-party advertising and data partners integrated into Target's ecosystem (visible through the advertising API infrastructure in the document) must be assessed as to whether data flows to them constitute a sale or sharing under CCPA, triggering opt-out obligations. Service provider agreements with these partners should include CCPA-compliant data processing terms. COMPLIANCE CONSIDERATIONS: Compliance teams should audit whether the Do Not Sell and Do Not Share opt-out mechanisms meet CPRA requirements, including Global Privacy Control signal recognition. Data mapping should confirm that all personal information categories collected across the Target digital ecosystem (loyalty, payment, advertising, registry) are accurately disclosed in the CCPA privacy notice. Response time and verification procedures for consumer rights requests should be tested against statutory requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
California's CCPA gives residents legally enforceable rights to access, delete, and opt out of the sale of their personal data; Target's platform infrastructure includes CCPA-specific API endpoints suggesting these rights are operationally implemented, but consumers must actively exercise them.
California residents can request access to, deletion of, or opt out of the sale of their personal information held by Target, but these rights require proactive exercise through Target's privacy controls and do not apply automatically.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Target.