If Poe is sold, merges with another company, or goes through bankruptcy, your personal data may be transferred to the new owner as part of that business transaction.
This analysis describes what Poe's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision authorizes the transfer of user personal data to third parties in the context of corporate transactions, which may result in user data being held by a company with different privacy practices and without any additional notice or consent requirement specified in the policy.
In the event of a merger, acquisition, or bankruptcy, user personal data including account information, usage history, and message records may be transferred to a successor entity, potentially under different privacy terms.
Cross-platform context
See how other platforms handle Business Transfer Disclosure and similar clauses.
Compare across platforms →Monitoring
Poe has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If Poe is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract.— Excerpt from Poe's Poe Privacy Policy
1) REGULATORY LANDSCAPE: Business transfer data disclosures are generally permissible under CCPA and GDPR, subject to requirements including that successor entities honor existing privacy commitments or provide fresh notice. GDPR Article 6 requires that the transfer have a valid lawful basis, typically legitimate interests or a legal obligation. The FTC has taken enforcement action in cases where acquired companies' data was used in ways inconsistent with the original privacy policy. 2) GOVERNANCE EXPOSURE: Low to medium. This is a standard clause present in most consumer-facing privacy policies. The exposure level depends on whether any successor entity would be bound by Poe's existing privacy commitments, which the policy does not expressly guarantee. 3) JURISDICTION FLAGS: EU and UK users are entitled under GDPR and UK GDPR to be informed of any material change to the data controller's identity. California users under CCPA should receive notice of a business transfer involving their data. The policy does not specify what notice, if any, users would receive in advance of such a transfer. 4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers with data processing agreements should include provisions addressing data handling in the event of a change of control. The clause does not specify whether existing privacy commitments would be binding on successors. 5) COMPLIANCE CONSIDERATIONS: The policy should be reviewed to confirm that any successor entity receiving user data would be bound by equivalent privacy terms, and that applicable notice requirements under GDPR and CCPA would be fulfilled prior to or at the time of transfer.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision authorizes the transfer of user personal data to third parties in the context of corporate transactions, which may result in user data being held by a company with different privacy practices and without any additional notice or consent requirement specified in the policy.
In the event of a merger, acquisition, or bankruptcy, user personal data including account information, usage history, and message records may be transferred to a successor entity, potentially under different privacy terms.
ConductAtlas has identified this type of provision across 6 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Poe.