Skip to content
Beta · Under construction · Expect rough edges

Privacy Policy — California

CCPA / CPRA addendum · Last updated: 2026-05-07

This page supplements the global Privacy Policy with rights and procedures applicable to California residents under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

Do Not Sell or Share My Personal Information

Joyp does not sell personal information, and does not share it for cross-context behavioral advertising. This statement is provided to satisfy CCPA § 1798.135 regardless of whether Joyp meets the threshold definition of a "business" under the statute.

If you would like written confirmation that we have not sold or shared your personal information, email privacy@joyp.tv from the address associated with your account, with the subject line "CCPA Do Not Sell confirmation request." We will respond within 45 days.

Global Privacy Control (GPC)

If your browser sends a Sec-GPC: 1 request header — for example, because you have enabled Global Privacy Control in your browser settings or via an extension — we treat that as a universal opt-out of any data sale or sharing, and we suppress the consent banner and analytics injection automatically. You do not need to take further action. The California Attorney General has confirmed (2022 guidance) that GPC is a valid opt-out mechanism under the CCPA.

Your CCPA / CPRA rights

  • Right to know — request the categories and specific pieces of personal information we have collected about you. Use Settings → Data Management → Export JSON, or email us.
  • Right to delete — request deletion by emailing privacy@joyp.tv from the address on the account. (A self-service deletion UI is on the roadmap.)
  • Right to correct — request correction of inaccurate personal information.
  • Right to opt out of sale/share — exercised either by emailing us as described above or by sending a Sec-GPC signal from your browser.
  • Right to limit use of sensitive personal information — vault credentials are end-to-end encrypted on your device and we cannot decrypt them, which functionally limits any use beyond storage and sync. No further action is required.
  • Right to non-discrimination — exercising your rights will not result in price changes or service degradation.

Categories of personal information collected

See the global Privacy Policy "What We Collect" section. We do not collect biometric information, geolocation beyond approximate region (from IP), or sensitive personal information defined under CPRA § 1798.140(ae). Vault credentials may meet the "account log-in credentials" definition, but are end-to-end encrypted and inaccessible to us.

California Shine the Light (Cal. Civ. Code § 1798.83)

Joyp does not share personal information with third parties for those third parties' direct marketing purposes. Under Cal. Civ. Code § 1798.83, California residents may request information about the categories of personal information we have shared and the names and addresses of third parties we shared it with for their direct marketing in the prior calendar year. Because we do not engage in such sharing, the response to any such request is "no information shared." Send Shine the Light requests to privacy@joyp.tv.

Authorized agents

If you wish to designate an authorized agent to make a request on your behalf, the agent must provide written authorization signed by you and verifying their identity. Email privacy@joyp.tv for the authorization template.