Miro updated its Privacy Policy on May 21, 2026 by modifying promotional language on the policy landing page. The previous version referenced a San Francisco event registration, while the updated version promotes a Canvas 26 keynote video. The substantive privacy terms themselves remained unchanged. This is a formatting and promotional update with no operational impact on data handling, consent, retention, or user rights.
This change does not affect how Miro handles user data or the privacy rights and obligations described in the policy. The updated landing page replaces a San Francisco event registration prompt with a Canvas 26 keynote video promotion. The substantive privacy terms, including data collection practices, consent requirements, and user controls, remain as previously stated.
This change has no operational significance. The updated landing page is promotional only and does not alter how Miro collects, uses, discloses, or protects user data.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
This change is purely promotional and affects only the Privacy Policy landing page presentation. No modifications were made to substantive privacy terms, data handling practices, consent mechanisms, or disclosure language. No compliance action is required.
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002239.
Introduces explicit definition of what personal data Miro collects, establishing baseline transparency on collection practices.
New high-severity provision clarifies Miro's dual role as both data controller and processor in different contexts, affecting user rights and liability allocation.
Newly explicit provision addressing cross-border data transfer mechanisms and compliance with frameworks like SCCs, indicating potential changes to global data flow practices.
New provision details specific procedures for users to exercise privacy rights (access, deletion, portability), improving clarity on rights enforcement.
Removal of explicit provision on board content classification suggests either consolidation into broader data collection scope or implicit handling without dedicated disclosure.
Removal of dedicated DPA provision may indicate integration into general terms or shift away from standalone data processing agreements for enterprise customers.
Removal of specific subprocessor disclosure provision replaced by broader 'Third-Party Data Sharing', potentially reducing transparency on vendor chain.
Removal of region-specific rights provision replaced by generic 'User Rights' section, potentially diluting jurisdiction-specific protections.
Removal of dedicated data retention provision eliminates explicit timeline commitments for data deletion, affecting user control over data lifecycle.
Removal suggests consolidation into broader communication preferences or potential shift in how marketing opt-outs are managed.
AI Features severity decreased from high to medium, and provision was renamed from 'AI Features Data Processing' to 'AI Features Data Handling' with potential scope clarification.
Provision renamed from 'Cookies and Tracking Technologies' to 'Cookie and Tracking Technologies' with grammatical adjustment.
Cross-platform context
See how other platforms handle similar provisions across the ConductAtlas archive.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorThe detected change consists of minor text additions in the navigation and header areas of Miro's Privacy Policy document. Two …
The detected change appears to involve minor text insertions in the navigational header and footer sections of Miro's Terms of …
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them t…
ConductAtlas tracked the restructuring, new disclosures, and entity changes that followed the largest privacy fine in EU history.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do…
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 352+ platforms every Sunday.