EU, EEA, UK, and California users have specific legal rights regarding their personal data, including the right to access, correct, delete, and in some cases port their data, as well as the right to object to certain processing activities.
This analysis describes what Miro's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
These rights give users meaningful control over their data and create enforceable obligations for Miro, but they only apply to users in covered jurisdictions and may require users to proactively submit requests to exercise them.
Interpretive note: The exact language of Miro's rights provisions is not available in the truncated document; this analysis is based on standard GDPR and CCPA disclosure requirements and the document's regional legal framework references.
Removal of region-specific rights provision replaced by generic 'User Rights' section, potentially diluting jurisdiction-specific protections.
View full change record →If you are based in the EU, UK, or California, you have specific rights to access, correct, delete, or export your Miro data, as well as the right to opt out of certain data processing activities. You can exercise these rights by contacting Miro at privacy@miro.com.
How other platforms handle this
If you are a California resident, you may have the right to: Know what personal information we collect, use, disclose, sell, or share. Correct inaccurate personal information. Delete your personal information. Opt out of the sale or sharing of your personal information. Limit the use and disclosure ...
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
Depending on where you are located, you may have certain rights regarding your personal information, including the right to access, correct, delete, or restrict processing of your personal information, the right to data portability, and the right to object to or withdraw consent for certain processi...
Monitoring
Miro has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
(1) REGULATORY LANDSCAPE: GDPR Articles 15 through 22 govern data subject rights for EU and EEA users, including rights of access, rectification, erasure, restriction, portability, and objection. UK GDPR creates equivalent obligations for UK users. CCPA and CPRA govern California residents' rights, including the right to know, delete, correct, and opt out of sale or sharing of personal information. Supervisory authorities include national Data Protection Authorities for EU users, the UK ICO, and the California Privacy Protection Agency (CPPA) for California residents. (2) GOVERNANCE EXPOSURE: Medium. Miro's obligation to respond to data subject requests within statutory timeframes (30 days under GDPR, 45 days under CCPA) creates operational requirements for a request handling process, identity verification mechanism, and response documentation program. (3) JURISDICTION FLAGS: EU and UK users have the broadest set of enforceable rights. California residents have significant but somewhat narrower rights under CCPA and CPRA. Users in other jurisdictions may have fewer or no statutory rights and rely on Miro's voluntary commitments. (4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise DPAs should address how Miro handles data subject requests received directly, including the obligation to pass requests to the controller where Miro acts as processor. (5) COMPLIANCE CONSIDERATIONS: Organizations should audit whether Miro's data subject request process is operationally accessible to their employees and end users, including the availability of self-service deletion and export tools in the product interface.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
These rights give users meaningful control over their data and create enforceable obligations for Miro, but they only apply to users in covered jurisdictions and may require users to proactively submit requests to exercise them.
If you are based in the EU, UK, or California, you have specific rights to access, correct, delete, or export your Miro data, as well as the right to opt out of certain data processing activities. You can exercise these rights by contacting Miro at privacy@miro.com.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Miro.