Uber · Uber Privacy Notice

Driver Data Rights and Access Mechanisms

Medium severity
Share 𝕏 Share in Share

What it is

You have the right to see, correct, delete, or export your personal data by submitting a request through the Uber app or privacy.uber.com, though some data may be kept for legal reasons even if you request deletion.

Consumer impact (what this means for users)

You can request access to, correction of, or deletion of your personal data at any time via privacy.uber.com, but Uber may retain data tied to safety incidents, legal claims, or regulatory obligations even after a deletion request — meaning sensitive data may persist longer than you expect.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Export Your Data
    Visit privacy.uber.com to submit a data access, correction, or deletion request. Sign in with your Uber account credentials and select the type of request. Uber is required to respond within 30 days (GDPR) or 45 days (CCPA).
  • Delete Your Data
    Open the Uber Driver app, go to Account, then Privacy, then Manage your data, and select the deletion option. You can also submit a deletion request at privacy.uber.com if you prefer the web portal.

How other platforms handle this

GitHub Medium

Personal Data may be shared with GitHub affiliates, including Microsoft, to facilitate customer service, marketing and advertising, order fulfillment, billing, technical support, and legal and compliance obligations. Our affiliates may only use the Personal Data in a manner consistent with this Priv...

Adobe Medium

If we merge with or are acquired by another company, sell an Adobe website, app, or business unit, or if all or a substantial portion of our assets are acquired by another company, your information will likely be disclosed to the prospective purchaser, our advisers and any other prospective purchase...

TaskRabbit Medium

We may also share your Personal Information with interested parties in connection with, or during negotiations of, any proposed or actual merger, purchase, or sale of all or any portion of our assets to another business.

See all platforms with this clause type →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Knowing and exercising your data rights is your primary tool for controlling what Uber does with your personal information — but broad carve-outs for 'legal compliance' and 'legitimate interests' may limit the practical scope of deletion rights.

View original clause language
Drivers and delivery people can exercise data rights including the right to access personal data held about them, the right to request correction of inaccurate data, the right to request deletion of their data (subject to legal retention obligations), the right to object to processing, and the right to data portability. These rights can be exercised through the Uber app, through privacy.uber.com, or by contacting Uber's privacy team. Rights may be limited where processing is necessary for legal compliance or legitimate interests.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: Data subject rights are mandated by GDPR Arts. 15 (access), 16 (rectification), 17 (erasure), 18 (restriction), 20 (portability), and 21 (objection); UK GDPR equivalent provisions; CCPA/CPRA §§1798.100 (access), 1798.105 (deletion), 1798.130 (response timeframes — 45 days extendable by 45 days); Brazil LGPD Art. 18; and comparable rights under other national laws. GDPR Art. 12 requires free, timely (one month, extendable to three) responses. CCPA imposes 12-month lookback for access requests.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    FTC enforces CCPA and general consumer data rights under Section 5 FTC Act, including rights request fulfillment failures that constitute unfair or deceptive practices.
    File a complaint →
  • State AG
    State Attorneys General enforce data subject rights under CCPA/CPRA and equivalent state privacy laws, including failures to respond to access and deletion requests.
    File a complaint →

Applicable regulations

BIPA
Illinois, USA
CCPA/CPRA
California, USA
COPPA
United States Federal
CAN-SPAM
United States Federal
DMA
European Union
FCRA
United States Federal
GDPR
European Union
GLBA
United States Federal
HIPAA
United States Federal
UK GDPR
United Kingdom

Provision details

Document information
Document
Uber Privacy Notice
Entity
Uber
Document last updated
March 14, 2026
Tracking information
First tracked
April 9, 2026
Last verified
April 9, 2026
Record ID
CA-P-002474
Document ID
CA-D-00110
Evidence Provenance
Source URL
https://www.uber.com/global/en/privacy-notice-drivers-delivery-people/
Wayback Machine
View archived versions →
SHA-256
da455350bcd5c09edc54361c40211ba929e95e035f6c5586acadc0ab4cefcd8f
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Uber | Document: Uber Privacy Notice | Record: CA-P-002474
Captured: 2026-04-09 09:01:00 UTC | SHA-256: da455350bcd5c09e…
URL: https://conductatlas.com/platform/uber/uber-privacy-notice/driver-data-rights-and-access-mechanisms/
Accessed: April 29, 2026
Classification
Severity
Medium
Categories
Data sharing

Other provisions in this document

Related Analysis