If Character.AI is sold, merged, or undergoes another major business change, your personal data may be transferred to the new company, potentially before the transaction is complete.
This analysis describes what Character.AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
A change in corporate ownership could result in your personal data, including chat histories and voice recordings, being transferred to and processed by a different company with different privacy practices.
Your personal data including chat conversations and voice recordings could be disclosed to another company as part of a merger or acquisition, potentially changing how that data is used and protected.
How other platforms handle this
In connection with any reorganization, restructuring, merger or sale, or other transfer of assets, we will transfer information, including personal information, provided that the receiving party agrees to respect your personal information in a manner that is consistent with our Privacy Policy.
If Canva is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website prior to your information becoming subject to a different privacy policy.
We may access, preserve, and share information with regulators, law enforcement, or others if we believe it is reasonably necessary to: detect, prevent, and address fraud and other illegal activity; protect ourselves, you, and others, including as part of investigations; and prevent death or imminen...
Monitoring
Character.AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may disclose certain information, in connection with or during negotiations or closing of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.— Excerpt from Character.AI's Character.ai Privacy Policy
REGULATORY LANDSCAPE: Business transfer data sharing provisions engage GDPR Article 6 lawful basis requirements for transfers to new controllers, CCPA disclosure requirements, and FTC guidelines on data transfer in M&A contexts. The FTC has previously taken action where acquired companies' data was used in ways inconsistent with original privacy representations. The policy does not specify whether users will be notified of a transfer or given the opportunity to delete data before transfer. GOVERNANCE EXPOSURE: Medium. This is a standard clause present in most consumer privacy policies, but its significance is elevated in the context of a platform holding sensitive conversational data including voice recordings and potential mental health disclosures. The absence of a user notification or consent mechanism for business transfers is common industry practice but may create GDPR compliance questions about controller change notification obligations. JURISDICTION FLAGS: GDPR imposes obligations on data controllers to inform data subjects of changes to controller identity. US-based users have fewer statutory protections for this specific scenario, though the FTC has enforcement discretion to act if a transfer results in data use that contradicts prior privacy representations. California's CCPA does not specifically restrict business transfers but requires that transferee companies honor opt-out requests. CONTRACT AND VENDOR IMPLICATIONS: In due diligence for any M&A transaction involving Character.AI, acquiring parties should assess the data inventory, user consent framework, and regulatory exposure associated with the conversational and voice data assets. Data protection impact assessments may be required under GDPR for transfers involving large volumes of sensitive data. COMPLIANCE CONSIDERATIONS: Compliance teams at acquiring companies should evaluate whether the data practices described in this policy are compatible with their own privacy frameworks before completing a transaction. Character.AI's compliance teams should assess whether GDPR controller change notification obligations would be triggered by various transaction structures.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
A change in corporate ownership could result in your personal data, including chat histories and voice recordings, being transferred to and processed by a different company with different privacy practices.
Your personal data including chat conversations and voice recordings could be disclosed to another company as part of a merger or acquisition, potentially changing how that data is used and protected.
ConductAtlas has identified this type of provision across 6 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Character.AI.