If you are a California resident, you have the right to request that Target not sell your personal information to third parties, and Target provides an opt-out mechanism for this purpose.
This analysis describes what Target's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
California's CCPA gives residents legally enforceable rights to access, delete, and opt out of the sale of their personal data; Target's platform infrastructure includes CCPA-specific API endpoints suggesting these rights are operationally implemented, but consumers must actively exercise them.
Interpretive note: The exact CCPA disclosure language was not fully visible in the truncated document; the existence of CCPA-specific API endpoints in the site infrastructure strongly implies operational implementation, but the precise disclosure text and opt-out scope require confirmation against the full privacy policy.
California customers using Target's same-day delivery service will now pay a CA Shipt Shopper Benefit Fee in addition to standard delivery costs, according to the updated terms. The terms do not specify the fee amount, structure, or whether it applies to all same-day orders or only certain product categories. Consumers in California should review their receipt or account details to understand the exact fee amount and whether it was previously being charged but undisclosed, or if this represents a new charge.
View change record →Target removed specific language that explained how Target Circle Bonus rewards are earned, calculated, and reflected in customer accounts across different purchase methods (online, in-store, Same Day Delivery, Order Pickup, Drive Up). Previously, the terms clarified that online orders counted as one transaction unless they included Target Plus items or used Same Day Delivery, and specified timing for when bonuses would appear (24 hours for in-store, upon shipment/pickup/delivery for online). Without this clarity, customers must now rely on in-app displays or support channels to understand exactly how their purchases contribute to bonus eligibility, which may create confusion about reward calculation or disputes over earned benefits.
View change record →Target's updated Terms and Conditions now include explicit governance for its Target Circle loyalty program and Target Circle 360 membership. The updated terms establish that membership is voluntary and that by joining or continuing to use the program, members agree to Target Circle-specific terms and the Privacy Policy in effect at that time. The terms authorize Target to update the Target Circle Terms, the Target App, or the website at any time without advance notice, with continued program participation constituting acceptance of those updates. You can choose not to join Target Circle or can stop participating in the program to avoid binding yourself to these updated terms.
View change record →California residents can request access to, deletion of, or opt out of the sale of their personal information held by Target, but these rights require proactive exercise through Target's privacy controls and do not apply automatically.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
Monitoring
Target has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"California residents may have the right to opt out of the sale of their personal information. Target provides a 'Do Not Sell My Personal Information' link and privacy controls through which California residents can exercise their rights under applicable California law.— Excerpt from Target's Target Terms and Conditions
REGULATORY LANDSCAPE: This provision directly engages the California Consumer Privacy Act and its amendment, the California Privacy Rights Act, enforced by the California Privacy Protection Agency and the California Attorney General. CCPA requires businesses meeting applicable thresholds to provide consumers with rights to know, delete, correct, and opt out of sale or sharing of personal information. The CCPA-specific API endpoints visible in Target's site infrastructure (including do_not_sell_requests and privacy_controls endpoints) indicate operational implementation of these rights, which must align with CCPA's substantive and procedural requirements. GOVERNANCE EXPOSURE: High for California-specific compliance. Target's scale and data collection practices across loyalty, payment, advertising, and registry systems create a broad personal information footprint. Failure to honor opt-out requests within the CCPA-required 15-business-day window, or inadequate disclosure of data sharing practices that constitute a sale or sharing under CPRA, creates enforcement exposure. JURISDICTION FLAGS: California is the primary jurisdiction. Other states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Texas, Montana) have enacted similar but non-identical frameworks; Target's compliance infrastructure should be mapped against each applicable state law. Illinois BIPA may apply if Target collects biometric identifiers through any feature of its platform. CONTRACT AND VENDOR IMPLICATIONS: Third-party advertising and data partners integrated into Target's ecosystem (visible through the advertising API infrastructure in the document) must be assessed as to whether data flows to them constitute a sale or sharing under CCPA, triggering opt-out obligations. Service provider agreements with these partners should include CCPA-compliant data processing terms. COMPLIANCE CONSIDERATIONS: Compliance teams should audit whether the Do Not Sell and Do Not Share opt-out mechanisms meet CPRA requirements, including Global Privacy Control signal recognition. Data mapping should confirm that all personal information categories collected across the Target digital ecosystem (loyalty, payment, advertising, registry) are accurately disclosed in the CCPA privacy notice. Response time and verification procedures for consumer rights requests should be tested against statutory requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
California's CCPA gives residents legally enforceable rights to access, delete, and opt out of the sale of their personal data; Target's platform infrastructure includes CCPA-specific API endpoints suggesting these rights are operationally implemented, but consumers must actively exercise them.
California residents can request access to, deletion of, or opt out of the sale of their personal information held by Target, but these rights require proactive exercise through Target's privacy controls and do not apply automatically.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Target.