Your agreement with Miro is not just this document; it also includes several other linked documents that can change over time, and you are bound by all of them.
This analysis describes what Miro's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Key obligations about data processing, AI use, cookies, and acceptable behavior are scattered across multiple separate documents, each of which may be updated independently, making it difficult to maintain a complete and current picture of your rights and obligations.
Interpretive note: The exact update notification mechanism for incorporated documents is not fully specified in the document text reviewed, creating uncertainty about how users are informed of material changes to addenda.
Understanding your full legal relationship with Miro requires reviewing and monitoring updates to at least five separate documents in addition to the main Terms of Service, and changes to incorporated documents may alter your rights or obligations without requiring acceptance of the main terms again.
Cross-platform context
See how other platforms handle Multi-Document Agreement Structure (Incorporation by Reference) and similar clauses.
Compare across platforms →Monitoring
Miro has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"These Terms of Service incorporate by reference the following additional terms and policies: the AI Features Addendum, the Customer Data Processing Addendum, the Cookies Policy, the Acceptable Use Policy, and the current Subprocessors List, each of which may be updated from time to time.— Excerpt from Miro's Miro Terms of Service
REGULATORY LANDSCAPE: GDPR Article 13 and 14 require data controllers to provide clear, complete privacy information to data subjects, and distributing material disclosures across multiple incorporated documents may create tensions with transparency requirements. The CCPA similarly requires comprehensive disclosure of data practices, which may be undermined by a fragmented multi-document structure. GOVERNANCE EXPOSURE: Medium. The incorporation-by-reference structure creates a compliance monitoring obligation to track updates across multiple documents. Changes to the subprocessors list, AI terms, or DPA may have significant compliance implications that are not surfaced through the main terms notification process. JURISDICTION FLAGS: EU/EEA organizations face the highest exposure, as GDPR's accountability principle requires organizations acting as controllers to maintain current documentation of all processing activities and processor relationships. Changes to the subprocessors list in particular require evaluation under GDPR Article 28's requirements for prior notice of subprocessor changes. CONTRACT AND VENDOR IMPLICATIONS: Enterprise agreements should specify which version of each incorporated document is operative at the time of contracting, and should include provisions requiring Miro to provide advance notice of material changes to any incorporated document. Procurement teams should implement a document monitoring process to track changes to the subprocessors list and AI Terms. COMPLIANCE CONSIDERATIONS: Legal teams should create a registry of all incorporated Miro documents and their current versions, establish a review cadence for each, and determine whether changes to incorporated documents trigger any internal approval or notification obligations under the organization's data governance policies.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Key obligations about data processing, AI use, cookies, and acceptable behavior are scattered across multiple separate documents, each of which may be updated independently, making it difficult to maintain a complete and current picture of your rights and obligations.
Understanding your full legal relationship with Miro requires reviewing and monitoring updates to at least five separate documents in addition to the main Terms of Service, and changes to incorporated documents may alter your rights or obligations without requiring acceptance of the main terms again.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Miro.