This analysis describes what Duo Security's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes the data collection scope and specified use cases that govern Duo's operational processing of authentication-related information. The authorized uses—threat detection, service improvement, and integrity verification—define the operational parameters within which Duo processes this data category.
Users of Duo's authentication services have device and network data collected and processed according to the stated purposes. The terms apply as written upon continued use of the service, meaning authentication activity data collection and processing occur automatically as part of service delivery.
How other platforms handle this
We automatically collect information as you use our Services. This includes: Logs Data - We collect device and network connection information when you access and use the Services. This may include your IP address, user-agent string, browser type, operating system, referral URLs, device information (...
We rely on our legitimate interests or those of a third party where they are not outweighed by your interests and fundamental rights, to process the following information: Contact Information, Identity Information, User-Generated Content Information, Booking Information, Job Applicant Information – ...
"By clicking 'Next', you are indicating that you have read and agree to the TERMS OF USE AND PRIVACY POLICY"
Monitoring
Duo Security has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"When you use Duo's products and services, we collect information related to your authentication activity, including device information, operating system, browser type, IP address, and authentication events. This information is used to provide and improve our security services, detect threats, and ensure the integrity of the authentication process.— Excerpt from Duo Security's Duo Privacy
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes the data collection scope and specified use cases that govern Duo's operational processing of authentication-related information. The authorized uses—threat detection, service improvement, and integrity verification—define the operational parameters within which Duo processes this data category.
Users of Duo's authentication services have device and network data collected and processed according to the stated purposes. The terms apply as written upon continued use of the service, meaning authentication activity data collection and processing occur automatically as part of service delivery.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Duo Security.