60° and Overcast
Image
State law protects consumer privacy while ensuring age verification and responsible sales.
6-10-2025 4:20pm
Recreational Cannabis in New Jersey: What Dispensaries Can—and Cannot—Do with Your Personal Information
Chris Connors
Editor
MORRISTOWN, NJ - As recreational cannabis becomes an established industry in New Jersey, many consumers are asking: how much of my personal data is being collected when I visit a dispensary—and who has access to it?
Under the Cannabis Regulatory, Enforcement Assistance, and Marketplace Modernization (CREAMM) Act, New Jersey residents and visitors aged 21 and older can legally purchase cannabis from licensed dispensaries across the state. While dispensaries are required to verify a customer's age with a government-issued ID, state law places strict limits on how much personal information dispensaries can collect and retain.
What Dispensaries Are Required to Do
The primary legal requirement for dispensaries is to confirm that customers are of legal age. This is typically done by scanning or visually checking a government-issued identification card. However, dispensaries are not allowed to copy your ID or store your personal information beyond what is necessary to complete the transaction.
Dispensaries also must adhere to daily purchase limits. These limits—such as one ounce of dried flower or its equivalent in other cannabis products—are tracked in real time through inventory systems, but they do not require long-term personal data retention for recreational users.
Voluntary Participation in Loyalty Programs
While some dispensaries may offer customer accounts, discount clubs, or promotional mailing lists, participation in these programs is entirely voluntary. A dispensary cannot require you to set up a customer account or join a mailing list as a condition for purchase. Consumers have the right to decline providing personal information beyond the required age verification.
What Dispensaries May Refuse
A dispensary can legally refuse service under certain conditions, including:
-
Failure to provide valid government-issued ID
-
Reasonable suspicion that the product may be resold or misused
-
Other lawful business considerations not related to protected classes or discriminatory practices
However, refusal solely based on a customer's decision not to join a loyalty program or create a customer account is not permitted under New Jersey law.
How Customer Information Is Protected
State rules prohibit the sharing of customer data with federal agencies, and New Jersey’s cannabis laws are designed with consumer privacy in mind. Information scanned at the point of sale is used solely for verifying legal age and complying with purchase limits. Dispensaries typically do not retain this data unless the customer has opted into a program that requires ongoing engagement.
Dispensary data systems are also subject to state oversight. The New Jersey Cannabis Regulatory Commission (CRC) monitors compliance and may conduct audits, but there is no mandate for dispensaries to report recreational user data to federal entities.
Local Oversight in Morristown
In towns like Morristown, cannabis business licenses are reviewed by the Town Cannabis Advisory Board (CAB) and issued by the Town Council. The CAB ensures local cannabis operators meet community standards and regulatory obligations. However, these reviews focus on business practices—not individual customer data.
Morristown's approach underscores the balance between business accountability and consumer privacy. Even amid legal disputes such as the recent licensing controversy involving Uma Flowers—Morristown’s first recreational cannabis dispensary—there has been no indication that customer data has been compromised or misused.
Final Takeaway
Whether you are a first-time buyer or a regular customer, New Jersey state law ensures that your right to privacy is protected when purchasing recreational cannabis. You are not required to sign up for marketing programs or provide personal details beyond proof of age. While dispensaries may use scanned IDs to streamline purchases and meet compliance rules, your data is not stored long-term or shared with federal authorities without cause.
Consumers concerned about privacy should feel empowered to ask dispensaries about their data retention policies and decline any optional programs. New Jersey’s cannabis law is built to support safe, legal, and private adult-use cannabis transactions.
