This note offers a framework to help countries navigate, as well as tools to help them manage, the trade-offs between CBDC data use and privacy protection. It addresses retail CBDC, as data access and privacy-preserving considerations in a wholesale environment are similar to those of the traditional RTGS systems. It emphasizes the role of institutional arrangements, data collection, access and storage policies, design choices, and technological solutions. At a given level of preference for privacy, central banks can facilitate better use of CBDC data through robust transparency and accountability arrangements, sound policies, and judicious adoption of privacy-by-design approaches including the use of privacy-enhancing technologies.