What can I do about this clause?

{'method': 'EMAIL', 'recipient': 'See full policy at docs.coreweave.com/policies/terms-of-service/privacy-policy for contact details', 'difficulty': 'MODERATE', 'action_type': 'DELETE_DATA', 'instructions': 'Access the full Privacy Policy at docs.coreweave.com/policies/terms-of-service/privacy-policy to locate the data deletion request contact method and submit a request in accordance with the stated procedure.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC has jurisdiction over failures to honor stated privacy rights and deceptive data practices affecting US consumers.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this User Rights and Data Controls clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar User Rights and Data Controls clauses across approximately 1 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

User Rights and Data Controls — Weights & Biases

Share 𝕏 Share in Share 🔒 PDF

Recent governance activity Weights & Biases recorded 9 documented changes in the last 30 days.

Start monitoring updates

Monitor governance changes for Weights & Biases Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

Document Record

What it is

As a privacy policy published by a company serving EU and US users, the document is expected to address user rights regarding personal information; the specific rights enumerated, request procedures, and response timelines are not available in the provided document fragment.

ⓘ

This analysis describes what Weights & Biases's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

User rights provisions establish the procedural mechanisms through which individuals may access, correct, delete, or port their personal information; these mechanisms are operationally significant for enterprise customers managing employee and end-user data on CoreWeave's infrastructure.

⚠

Interpretive note: The substantive policy body text was not rendered; user rights provisions are inferred from the document type and regulatory context rather than from explicit document language.

Change history

modified May 21, 2026

Provision consolidates both 'California Resident Privacy Rights' and 'EU/EEA Data Subject Rights and Cross-Border Transfers' into a unified 'User Rights and Data Controls' section.

View full change record →

Consumer impact (what this means for users)

The policy is expected to establish rights for users to access, correct, or delete their personal information; the specific scope of rights and request procedures are not determinable from the available document fragment.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data

Access the full Privacy Policy at docs.coreweave.com/policies/terms-of-service/privacy-policy to locate the data deletion request contact method and submit a request in accordance with the stated procedure.

How other platforms handle this

Garmin Medium

If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...

Grindr Medium

Depending on where you are located, you may have certain rights regarding your personal information, including the right to access, correct, delete, or restrict processing of your personal information, the right to data portability, and the right to object to or withdraw consent for certain processi...

Strava Medium

For individuals in the United States, please also refer to our Notice For Individuals Residing In Certain US States below and the Consumer Health Data Policy.

See all platforms with this clause type →

Monitoring

Weights & Biases has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

(1) REGULATORY LANDSCAPE: GDPR Articles 15 through 22 establish data subject rights including access, rectification, erasure, restriction, portability, and objection. CCPA grants California residents rights to know, delete, and opt out of sale or sharing of personal information. These frameworks impose procedural and timeline obligations on data controllers. (2) GOVERNANCE EXPOSURE: Medium. Cloud infrastructure providers must maintain processes for responding to data subject access requests, including identifying and extracting personal data held in account systems, billing records, and usage logs. The operational complexity depends on the data architecture and the scope of personal data retained. (3) JURISDICTION FLAGS: EU and EEA residents are entitled to GDPR-compliant rights responses within 30 days. California residents are entitled to CCPA responses within 45 days. UK GDPR imposes parallel obligations. The policy's specific commitments on these timelines cannot be assessed without the full text. (4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers acting as data controllers must ensure that CoreWeave, as a processor, contractually commits to assist with data subject rights requests under GDPR Article 28. The absence of a visible DPA reference in the available document is a procurement due diligence consideration. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should map CoreWeave's stated user rights mechanisms against internal DSAR (Data Subject Access Request) workflows and ensure that response timelines and escalation paths are operationally integrated.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

FTC

The FTC has jurisdiction over failures to honor stated privacy rights and deceptive data practices affecting US consumers.
File a complaint →

Applicable regulations

Connecticut Data Privacy Act Amendments

US-CT

EU AI Act - High Risk Provisions

FTC Act Section 5

United States Federal

GDPR

European Union

Indiana Consumer Data Protection Act

US-IN

Kentucky Consumer Data Protection Act

US-KY

Universal Opt-Out Mechanism Expansion 2026

Provision details

Document information

Document

Weights & Biases Privacy Policy

Entity

Weights & Biases

Document last updated

May 5, 2026

Tracking information

First tracked

May 20, 2026

Last verified

May 20, 2026

Record ID

CA-P-012609

Document ID

CA-D-00494

Evidence Provenance

Source URL

https://wandb.ai/site/privacy

Wayback Machine

View archived versions →

Content hash (SHA-256)

08066b648851f8653a6dd61174706b8fbbfe3c2787a50d39305e0e5fbc5399b9

Analysis generated

May 20, 2026 23:25 UTC

Methodology

summarize_document-v8

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Weights & Biases
Document: Weights & Biases Privacy Policy
Record ID: CA-P-012609
Captured: 2026-05-20 23:25:30 UTC
SHA-256: 08066b648851f865…
URL: https://conductatlas.com/platform/weights-biases/weights-biases-privacy-policy/user-rights-and-data-controls/
Accessed: June 8, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Personal Information Collection and Use medium
Data Disclosure to Third Parties medium
Governing Scope and Platform Coverage low
Policy Publication and Accessibility low

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Weights & Biases's User Rights and Data Controls clause do?

How does this clause affect you?

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.

Is ConductAtlas affiliated with Weights & Biases?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Weights & Biases.