WBD's privacy framework covers users across North America, Europe, Asia Pacific, Latin America, and the Middle East and Africa, with different policies and rights applying depending on the user's location.
This analysis describes what Max's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The global scope of WBD's services, including Max, means that personal data may be transferred across jurisdictions, and the protections available to any individual user depend on which regional policy and supplement apply to them.
Interpretive note: The specific cross-border transfer mechanisms and data localization practices used by WBD are not disclosed in this index page and require review of the linked regional policy documents.
Users outside the United States or EU may have fewer standardized legal protections for their personal data, and the applicable rights and remedies depend entirely on the regional policy document linked from this index, which varies significantly by geography.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
Monitoring
Max has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Our Privacy Policy explains what information we process when you use our products and describes how that information is collected and used. It also includes details about your rights and how to contact us. The Supplement provides additional information for residents of certain states and countries.— Excerpt from Max's Max Privacy Policy
(1) REGULATORY LANDSCAPE: Cross-border data transfers from the EU implicate GDPR Chapter V transfer mechanisms including Standard Contractual Clauses and adequacy decisions. UK to non-adequate country transfers require UK GDPR-compliant safeguards. Canada's PIPEDA requires accountability for data transferred to third parties in other jurisdictions. Asia Pacific countries including the Philippines, Thailand, and Indonesia have enacted data localization or transfer restriction provisions that may apply to WBD's operations. (2) GOVERNANCE EXPOSURE: Medium. Operating under more than 20 regional policy variants creates significant governance complexity. Any failure to maintain consistency between the index page and the linked documents, or to update regional policies following changes in applicable law, creates compliance exposure across multiple jurisdictions simultaneously. (3) JURISDICTION FLAGS: EU and EEA transfers create the highest exposure given GDPR enforcement activity. Philippines, Indonesia, and Thailand have enacted or are implementing data protection laws with consent and transfer restrictions. Latin American users in Brazil are covered by the Lei Geral de Proteção de Dados, which shares structural similarities with GDPR. (4) CONTRACT AND VENDOR IMPLICATIONS: Vendors and partners operating across WBD's global footprint should identify which regional policy applies to the user data they process on WBD's behalf and ensure data processing agreements reflect the applicable transfer mechanisms and legal bases for each jurisdiction. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should maintain a data transfer mapping that identifies which personal data flows cross jurisdictions, which transfer mechanisms are relied upon, and whether those mechanisms remain valid following regulatory developments such as post-Schrems II enforcement activity.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The global scope of WBD's services, including Max, means that personal data may be transferred across jurisdictions, and the protections available to any individual user depend on which regional policy and supplement apply to them.
Users outside the United States or EU may have fewer standardized legal protections for their personal data, and the applicable rights and remedies depend entirely on the regional policy document linked from this index, which varies significantly by geography.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Max.