If you live in California, you have legally-backed rights to see, delete, correct, and opt out of the sale of your personal data held by Zendesk, and Zendesk cannot penalize you for exercising those rights.
This analysis describes what Zendesk's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
California residents have among the strongest consumer privacy rights in the US, and this provision confirms those rights apply to Zendesk's data processing, giving consumers concrete tools to limit how their data is used.
California residents can formally request access to, deletion of, or correction of their personal data held by Zendesk, and can opt out of their data being shared for advertising. These rights are enforceable under California law and Zendesk states it will not discriminate against you for exercising them.
Cross-platform context
See how other platforms handle California Resident Rights (CCPA/CPRA) and similar clauses.
Compare across platforms →Monitoring
Zendesk has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA): the right to know about the personal information we collect and how it is used and shared; the right to delete personal information we collect, subject to certain exceptions; the right to correct inaccurate personal information; the right to opt-out of the sale or sharing of your personal information; the right to limit the use and disclosure of sensitive personal information; and the right to non-discrimination for exercising your CCPA rights.— Excerpt from Zendesk's Zendesk Privacy Policy
(1) REGULATORY LANDSCAPE: This provision directly engages CCPA (Cal. Civ. Code Section 1798.100 et seq.) and CPRA amendments, enforceable by the California Privacy Protection Agency (CPPA) and the California Attorney General. The non-discrimination requirement mirrors statutory obligations under CCPA Section 1798.125. The right to limit use of sensitive personal information is a CPRA-specific right. Zendesk's status as a business or service provider under CCPA affects which rights are available and who is responsible for honoring them, which connects to the controller-processor distinction discussed elsewhere in this notice. (2) GOVERNANCE EXPOSURE: Medium. Zendesk must maintain operational processes to verify and respond to CCPA/CPRA requests within statutory timeframes (45 days, extendable by an additional 45 days). Organizations using Zendesk to process California residents' data must ensure their own CCPA service provider agreements with Zendesk are current and include the required contractual restrictions on use of personal information. (3) JURISDICTION FLAGS: Applies specifically to California residents. Other US states with comprehensive privacy laws (Virginia CDPA, Colorado CPA, Connecticut CTDPA, Texas TDPSA) have analogous rights that may apply to Zendesk's data processing activities in those states, though this notice specifically names California. The CPPA has issued enforcement guidance and may scrutinize the operationalization of opt-out mechanisms. (4) CONTRACT AND VENDOR IMPLICATIONS: Business customers with California users must ensure their Zendesk service provider agreements contain CCPA-required contractual provisions prohibiting Zendesk from selling or using the data for independent commercial purposes. If Zendesk processes sensitive personal information on behalf of business customers, additional contractual restrictions may be required under CPRA. (5) COMPLIANCE CONSIDERATIONS: Zendesk's response procedures for CCPA requests should be audited to confirm timelines, verification methods, and exception documentation comply with CPPA regulations. The opt-out mechanism should be tested for functionality. Business customers should confirm their own privacy notices accurately describe Zendesk's role and the rights available to California residents with respect to data in Zendesk systems.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
California residents have among the strongest consumer privacy rights in the US, and this provision confirms those rights apply to Zendesk's data processing, giving consumers concrete tools to limit how their data is used.
California residents can formally request access to, deletion of, or correction of their personal data held by Zendesk, and can opt out of their data being shared for advertising. These rights are enforceable under California law and Zendesk states it will not discriminate against you for exercising them.
ConductAtlas has identified this type of provision across 15 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Zendesk.