When you visit the Thomson Reuters website, several tracking tools are active on the page, including one that records a sample of user sessions and captures how you interact with the site. A cookie consent tool is present to manage some of these trackers.
This analysis describes what Thomson Reuters's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Session replay technology can capture detailed behavioral data including mouse movements, clicks, and potentially form field interactions, which goes beyond standard analytics; the presence of Facebook tracking also means browsing behavior may be shared with Meta for advertising purposes.
Interpretive note: The tracking technologies are identified from the page source rather than from an explicit privacy or cookie disclosure in the terms of use text itself; the full scope of data collected, retention periods, and third-party sharing arrangements would require review of the separate Thomson Reuters privacy policy and cookie policy.
Visitors to thomsonreuters.com may have their browsing session recorded and replayed by DataDog's RUM tool, and their behavior may be shared with third parties including Meta via the Facebook Connect script, depending on cookie consent selections. EU and UK users have consent rights under GDPR and UK GDPR that may limit this tracking, and the OneTrust tool on the site is the mechanism for exercising those preferences.
How other platforms handle this
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
Monitoring
Thomson Reuters has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"The document source deploys the following tracking technologies: DataDog RUM with session replay recording enabled (sessionReplaySampleRate: 20, defaultPrivacyLevel: 'mask-user-input'), Adobe DTM loaded via assets.adobedtm.com, Google Tag Manager, AppDynamics browser agent, and a Facebook Connect script loaded from connect.facebook.net, alongside an OneTrust cookie consent management platform (data-domain-script: 143d5191-c678-49f6-8ac0-376dfe324de7).— Excerpt from Thomson Reuters's Thomson Reuters Terms
(1) REGULATORY LANDSCAPE: The deployment of session replay technology engages GDPR Articles 5, 6, and 13 for EU/EEA users, requiring a lawful basis for processing and transparent disclosure in a privacy notice. The UK GDPR imposes equivalent obligations. CCPA and CPRA apply to California residents, requiring disclosure of data sharing with third parties and honoring opt-out rights for sale or sharing of personal information. The Facebook Connect script may constitute sharing of personal data with Meta for cross-context behavioral advertising purposes under CPRA, which requires a mechanism for consumers to opt out. The FTC and relevant EU supervisory authorities are the primary enforcement bodies. The ICO enforces UK GDPR compliance. (2) GOVERNANCE EXPOSURE: High for EU, UK, and California-specific compliance. Session replay tools that capture user interaction data, even with input masking, may constitute processing of personal data under GDPR if users are identifiable. The deployment of Meta tracking pixels on a business-to-business information services site raises questions about the necessity and proportionality of that data sharing under GDPR's data minimization principle. (3) JURISDICTION FLAGS: EU and EEA users have the strongest protections under GDPR, requiring valid consent for non-essential cookies and tracking. California residents have CPRA opt-out rights for sharing of personal information with advertising platforms. Illinois BIPA may be relevant if any biometric or behavioral pattern data is captured through session replay. UK GDPR mirrors GDPR obligations post-Brexit. (4) CONTRACT AND VENDOR IMPLICATIONS: Legal teams should confirm that DataDog, Adobe, AppDynamics, and Meta have valid Data Processing Agreements in place under GDPR Article 28. The transfer of personal data to US-based processors requires either Standard Contractual Clauses or another valid transfer mechanism under GDPR Chapter V. The OneTrust configuration should be audited to ensure DataDog session replay and Facebook Connect are correctly categorized as non-essential and gated behind appropriate consent categories. (5) COMPLIANCE CONSIDERATIONS: A full cookie audit should be conducted to confirm all active trackers are disclosed in the cookie policy and correctly mapped to OneTrust consent categories. The session replay tool's privacy level setting ('mask-user-input') should be verified as adequate for GDPR compliance. Data retention schedules for session replay data should be established and documented. California-specific CPRA notices should address the Meta pixel data sharing. Any records of processing activities under GDPR Article 30 should include all identified trackers.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Session replay technology can capture detailed behavioral data including mouse movements, clicks, and potentially form field interactions, which goes beyond standard analytics; the presence of Facebook tracking also means browsing behavior may be shared with Meta for advertising purposes.
Visitors to thomsonreuters.com may have their browsing session recorded and replayed by DataDog's RUM tool, and their behavior may be shared with third parties including Meta via the Facebook Connect script, depending on cookie consent selections. EU and UK users have consent rights under GDPR and UK GDPR that may limit this tracking, and the OneTrust tool on the site …
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Thomson Reuters.