MADE FOR THE USA[SYS::JURISDICTION]

American privacy law runs backwards from the rest of the world’s.
Your tracking should know the difference.

Most tracking tools are built to a “global” standard, which in practice means a European one. The United States doesn’t run on the European model. We run on the opposite default. CleanClicks is engineered for the rules American websites actually operate under, not a worldwide average that fits no one.

THE CORE DIFFERENCE

Opt-in and opt-out aren’t a setting. They’re opposite starting points.

Europe’s GDPR is an opt-in regime. Nothing tracks until a visitor affirmatively says yes. The default is off: consent first, data second.

United States privacy law works the other way. Under California’s CCPA/CPRA and the laws modeled on it, a business may collect and use data by default, with clear notice, and the consumer holds an enforceable right to opt out, to say “don’t sell or share my information,” including through an automated Global Privacy Control signal you are required to honor. The default is on, with a real and enforceable exit.

That single difference, off-by-default versus on-with-the-right-to-leave, shapes everything downstream: how a tracker should behave on a first visit, what it does when no choice has been made, and which signals it may send to ad platforms. A tool built around the European default makes the wrong assumption the moment it loads on a US audience. It either suppresses data you are legally permitted to collect, or it bolts US logic on as an afterthought. Neither is the same as being built for the rules you live under. For the mechanics of how CleanClicks captures and filters data, see how it works under the hood.

vs REST OF WORLD Opt-in DEFAULT OFF Nothing runs until the visitor affirmatively says yes. UNITED STATES Opt-out DEFAULT ON Data flows with notice, and a standing right to opt out.
Two doors, one open and one closed, representing opt-in versus opt-out
SIDE BY SIDE[SYS::DIFF]

Two regimes, examined honestly

Same goal, opposite defaults. The architecture a tool inherits from its home jurisdiction decides what it does on your traffic.

01

Default State

OPT-IN WORLD:

Off until the visitor consents. No collection happens unless and until someone clicks “accept.” Silence means stop.

OPT-OUT AMERICA:

On, with notice and a standing right to opt out. Collection is permitted by default once notice is given; the consumer can withdraw at any time, and you must honor it.

02

Legal Basis

OPT-IN WORLD:

Affirmative, freely given consent before processing, the consent-first model at the center of the GDPR.

OPT-OUT AMERICA:

Notice plus a consumer right to opt out of the sale or sharing of personal information, the structure shared by California’s CCPA/CPRA and the state laws that followed it.

03

When No Choice Is Made

OPT-IN WORLD:

Treat it as no consent. Collect nothing until the visitor acts. The burden sits on the business to earn a yes.

OPT-OUT AMERICA:

Collection is permitted, and an opt-out is honored the instant it arrives, including an automated Global Privacy Control signal sent by the browser. The burden sits on the tool to listen.

04

Who It’s Built For

OPT-IN WORLD:

The EU and EEA, the UK, and other consent-first jurisdictions. A tool tuned here assumes off-by-default everywhere.

OPT-OUT AMERICA:

US businesses serving a US audience. CleanClicks assumes the American default and honors the American exit.

American patchwork quilt representing the patchwork of state privacy laws
THE LANDSCAPE[SYS::SCAN]

There’s no single American privacy law. There are twenty, and counting.

The United States has no comprehensive federal privacy statute. Instead it has a fast-growing patchwork of state laws. California led in 2018 with the CCPA, strengthened by the CPRA. Virginia, Colorado, Connecticut, and Utah followed. As of 2026, roughly twenty states have comprehensive consumer privacy laws in effect, with more arriving on staggered dates.

They share a backbone, notice plus a consumer right to opt out, but they differ in their thresholds, definitions, and enforcement. A tool designed for one worldwide standard flattens that landscape into the lowest common denominator that fits none of them precisely. A tool built for the American market is tuned to the structure all of these laws share: opt-out, honor the signal, respect the right to leave.

That patchwork is only getting denser. Building for it isn’t a feature we bolted on for one state. It’s the assumption the whole product starts from.

[SYS::JURISDICTION] COMPREHENSIVE US PRIVACY LAWS 20 / 50 in effect, and counting AL AK AZ AR CA CO CT DE FL GA HI ID IL IN IA KS KY LA ME MD MA MI MN MS MO MT NE NV NH NJ NM NY NC ND OH OK OR PA RI SC SD TN TX UT VT VA WA WV WI WY In effect (2026) Effective Jul 2026 (AR) No comprehensive law yet
WHY IT MATTERS TO US[SYS::ORIGIN]

Built in America, for American business.

CleanClicks is an American company. We build for American businesses and the customers they serve. We didn’t design for a global average and trim it down to fit; we started from the rules that govern websites here and built outward from those.

That isn’t a slogan. It’s the reason the product behaves the way it does. When the rules you operate under are the rules the tool was made for, you stop fighting your own software, and you stop paying a quiet tax for measurement designed around someone else’s laws.

American small-business storefront, representing built for American business
United States Capitol building, representing US privacy rules
IN THE PRODUCT[SYS::CONFIG]

What “built for US rules” actually does

US-first by default. Every new configuration ships with a United States geographic allowlist out of the box. You serve the United States; the tool assumes it, and filters traffic from outside it.

Opt-out is honored at the server. Global Privacy Control and CCPA/CPRA “do not sell or share” signals are detected and enforced server-side, not left to a browser script that an ad blocker can strip away.

When a visitor opts out, the ad platforms get nothing. No advertising signal goes to Meta, TikTok, LinkedIn, or Microsoft. Google receives only privacy-preserving, identifier-free Consent Mode signals.

Your own analytics keeps running. Opting out of cross-context advertising doesn’t blind you to your own first-party measurement. The data you’re entitled to is still yours.

Measurement, not a gate. All the traffic you receive still reaches your website. CleanClicks lives in the measurement path, never between a visitor and your pages. What we filter is your data, deciding what gets counted and what’s sent to your ad platforms, not whether your site loads.

If your site serves the USA, it should be tracked by something built for the USA.

American rules, American defaults, no global compromise.

Prefer a human? Book a 15-min walkthrough →