Compare data sharing governance provisions between GitHub and Cursor. Provisions are extracted from monitored governance documents and classified by severity.
This clause establishes the operational framework under which GitHub may fulfill legal obligations to disclose user information to government entities and defines the circumstances—including discretionary assessments by GitHub—that trigger such disclosure obligations or authorizations.
Consumer impact
Users' personal data may be disclosed to law enforcement and government officials based on GitHub's assessment that disclosure is necessary for legal compliance, harm prevention, illegal activity investigation, or agreement enforcement, with disclosure decisions made at GitHub's sole discretion within the parameters stated.
Opt-out available
No opt-out available
Actual clause text
We may share your personal data with law enforcement, government officials, or other third parties when: compliance with applicable law or legal process is required; we believe disclosure is necessary to prevent harm or financial loss, or in connection with an investigation of suspected or actual illegal activity; or enforcement of our agreements, policies, or terms of service is needed. We reserve the right to disclose your information to law enforcement in circumstances we deem appropriate in our sole discretion.
AI-extracted from source document. Verify against original for legal use.
The clause establishes the operational scope for data processing infrastructure across multiple countries and specifies that data protection obligations apply consistently regardless of processing location. For EEA and UK users, it explicitly permits cross-border data transfers subject to adequate safeguard requirements.
Consumer impact
Users' personal data may be processed and stored on servers outside their home jurisdiction, including in the United States. The terms apply the stated privacy protections to data regardless of where processing occurs, contingent upon transfer mechanisms that meet legal adequacy standards.
Opt-out available
No opt-out available
Actual clause text
Anysphere processes your personal data for the purposes described in this Privacy Policy on servers located in various jurisdictions, including in the United States. While data protection laws vary by country, we apply the protections outlined in this policy to your personal data regardless of where it is processed, and we only transfer data in accordance with legally valid transfer mechanisms. For users in the European Economic Area, ("EEA"), when you access our Service, your personal data may be transferred to our United States servers to other countries outside the EEA and the UK. Where information is transferred outside the EEA or the UK, we require an adequate level of data protection.
AI-extracted from source document. Verify against original for legal use.
Stripe's arbitration clause is narrower than Amazon's in one key respect: it includes a small claims court carve-out that Amazon's clause does not. PayPal's clause is the most aggressive of the three, explicitly waiving jury trial rights in addition to class action rights. From a compliance perspective, Amazon presents the lowest risk for B2B contracts while PayPal creates the highest exposure for consumer-facing applications subject to CFPB oversight.