<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=5678177&amp;fmt=gif">

    US Data Privacy Guide: What to Name Your Opt-Out Link

    by Alex Margau
    9 min read
    idea bubbles on a green background

    As new privacy laws emerge across the US, businesses must navigate the growing challenge of providing consumers with the right to opt out of personal data processing. With 20 US state privacy laws already in place, having opt-out options that are clear and accessible is crucial. If consumers can't easily find where to opt-out on your website, your business risks non-compliance.

    In this article, we'll break down the basics of naming your opt-out link in order to align with US privacy regulations.

     

    Why Does the Opt-Out Name Matter?

    The name of your opt-out link matters because across the various consumer privacy laws in the United States, the idea is the same: the link has to be clear and easy to understand for your customers. A well-named link helps people understand their rights and gives them control over their personal information.

     

    What Happens if My Opt-Out Link is Not Named Correctly? 

    If your opt-out link isn’t named correctly, your business may be non-compliant with state laws, like those in California and Colorado. Non-compliance can lead to legal penalties, decreased consumer trust, regulatory scrutiny, negative publicity, and potential loss of customers.

     

    What to Name Your Opt-Out Link

     

    California: Consumer Privacy Rights Act (CPRA)

    Under the CPRA, businesses that sell or share consumers' personal information must provide clear and accessible options for consumers to opt out. This means your business has to meet the following requirements:

    1. Opt-Out Link: A link titled "Do Not Sell or Share My Personal Information" must be prominently placed on all pages of your website such as, for example, in the website footer. This link should direct consumers to a form where they can opt-out of the sale or sharing of their personal information.
    2. Sensitive Information Link: Another link titled "Limit the Use of My Sensitive Personal Information" should be made available to your consumers. This link allows consumers to restrict the use or disclosure of their sensitive personal information.
    3. Single Privacy Link: Alternatively, your business can use a single link, such as "Privacy Options," "Privacy Choices," or "Privacy Opt-Out Rights," which combines the functions of the two links above. This single privacy link should be easily identifiable and allow consumers to opt out of both the sharing of their personal information and the use of their sensitive personal information.

    Regardless of the option you choose, these links should blend seamlessly with your website's overall design and must not have a negative effect on users’ experience. The California Attorney General has provided an opt-out best practices guide, available on their website, which includes a uniform opt-out icon that businesses are encouraged to use.

     

    Colorado: Data Privacy Act

    Colorado's Data Privacy Act mandates that controllers (businesses that decide how personal data is collected and used) provide clear opt-out methods for consumers regarding targeted advertising and the sale of personal data. If you are located in Colorado or target Colorado residents, you have to know the following:

    1. Opt-Out Method: You have to provide a conspicuous method for consumers to exercise their right to opt out. This could be a link or any other clear method.
    2. Link Requirements: If you use a link, this link should take consumers directly to the opt-out method. The link text should clearly indicate its purpose, using phrases like "Colorado Opt-Out Rights," "Personal Data Use Opt-Out," or "Your Privacy Choices."

    The opt-out method should be easily accessible and clearly stated in the privacy notice that must be provided to consumers.

     

    Other States

    While states like California and Colorado have specific requirements for opt-out mechanisms, other states, such as Connecticut, Oregon, Utah or Virginia, emphasize certain conditions that need to be met to ensure consumer privacy:

    1. Opt-Out Link: if you process information for purposes of direct marketing or advertisement, you are required to have a clear and conspicuous link on your website that directs consumers or their agents to an internet page where they can opt out of targeted advertising or the sale of personal data.
    2. User-Friendly and Consistent: The opt-out method you use must be user-friendly and easy for the average consumer to use. It should also be consistent with similar platforms, technologies, or mechanisms other federal or state laws require. 

    In short, your goal should be to make it as clear as possible for customers what they're opting out of. To that end:

    • Be clear and concise: Customers should understand what they're doing when they click the link. Here are some options:
      • Direct and Clear: Do Not Sell My Personal Information; Opt Out of Data Sale; Stop Selling My Data
      • Privacy Focused: Control My Data; Privacy Choices; Your Privacy Options
      • Combined Options:
        • If you handle sensitive data, you might need a separate link for that. You could use: Limit the Use of My Sensitive Data
      • Or, you can combine both options into one link, like: Privacy Options or Data Privacy Controls
    • Make it easy to find: The link should be prominently displayed on your website.
    • Follow state laws: Different states have specific requirements, so make sure you know the compliance requirements of privacy laws in the states where you do business.

     

    How can Clym help?

     

    See for yourself

    Book A Demo

     

    Clym believes in striking a balance between digital compliance and your business needs, which is why we offer businesses the following:

    • All-in-one platform: One interface combining Privacy and Accessibility compliance with global regulations, at an affordable price;
    • Seamless integration into your website;
    • Adaptability to your users’ location and applicable regulation;
    • Customizable branding;
    • ReadyCompliance™: Covering 50+ data privacy regulations;
    • Six preconfigured accessibility profiles, as well as 25+ display adjustments that allow visitors to customise their individual experience.

    You can convince yourself and see Clym in action by booking a demo or reaching out to us to discuss your specific needs today.

     

    Alex Margau

    Alex is a Content Developer at Clym, where he researches and writes about everything related to data privacy and web accessibility compliance for businesses, helping them stay informed on their compliance needs and spreading awareness about making the web safer and more inclusive. When he’s not writing about compliance, Alex has his nose in a book or is hiking in the great outdoors.

    Learn More →

     

     

     

    FAQs about opt-in versus opt-out consent

    What does "consent" mean in data privacy?

    Consent in data privacy refers to a clear, informed, and freely given indication by an individual (data subject or consumer) that they agree to the processing of their personal data. It must be a specific, unambiguous action performed by the individual, devoid of any dark patterns or deceptive designs, to be considered valid.




    What does "opt-in" mean in data privacy?

    Opt-in refers to the action of giving affirmative consent by a data subject for the processing of their personal information. This includes active actions like ticking a box, clicking a button, or signing a form, and requires transparency about the data's use, providing granular control to the individual over what they consent to.




    What does "opt-out" mean in data privacy?

    Opt-out is the process through which a data subject refuses or withdraws their consent for the processing of their personal information. This could mean denying consent for non-essential cookies or withdrawing previously given consent, and often involves unticking pre-checked boxes or performing actions to refuse consent.




    How do opt-in and opt-out consent requirements vary by jurisdiction?

    Different jurisdictions have varied requirements for opt-in and opt-out consent. For example, the GDPR requires explicit opt-in consent for cookies and data collection, whereas the CCPA assumes consent but mandates an easy opt-out process for consumers to restrict data processing.




    What are the benefits of using a Consent Management Platform (CMP)?

    Using a CMP like Clym offers several benefits, including automated consent collection, compliance with global data privacy regulations, customizable branding, and the ability to adapt to users' locations and applicable laws. It simplifies the operational complexities associated with consent management, ensuring businesses remain compliant while efficiently collecting and managing user data.




    How does Clym help with opt-in and opt-out consent management?

    Clym provides a Consent Management Platform (CMP) that simplifies the management of opt-in and opt-out consents, ensuring compliance with data privacy laws such as the GDPR and CCPA. Clym's tool automates consent collection, allowing businesses to efficiently balance user engagement and data collection with privacy requirements.