This analysis describes what Windsurf's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The provision establishes that Windsurf's data handling practices are subject to varying regional regulatory frameworks, including GDPR and state privacy statutes. This creates operational requirements for Windsurf to maintain different data rights mechanisms depending on user location.
Users located in specified regions operate under privacy terms that incorporate rights mandated by their applicable data protection laws, including GDPR requirements and certain U.S. state privacy statutes. The specific rights available depend on the user's jurisdiction.
How other platforms handle this
Depending on where you are located, you may have certain rights regarding your personal information, including the right to access, correct, delete, or restrict processing of your personal information, the right to data portability, and the right to object to or withdraw consent for certain processi...
For individuals in the United States, please also refer to our Notice For Individuals Residing In Certain US States below and the Consumer Health Data Policy.
If you are a California resident, you may have the right to: Know what personal information we collect, use, disclose, sell, or share. Correct inaccurate personal information. Delete your personal information. Opt out of the sale or sharing of your personal information. Limit the use and disclosure ...
Monitoring
Windsurf has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"In some regions (like the U.S., the EEA, Switzerland and the UK), you have certain rights under applicable data protection laws. Your U.S. State Privacy Rights. Some U.S. states provide consumers certain rights regarding— Excerpt from Windsurf's Windsurf Privacy Policy
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The provision establishes that Windsurf's data handling practices are subject to varying regional regulatory frameworks, including GDPR and state privacy statutes. This creates operational requirements for Windsurf to maintain different data rights mechanisms depending on user location.
Users located in specified regions operate under privacy terms that incorporate rights mandated by their applicable data protection laws, including GDPR requirements and certain U.S. state privacy statutes. The specific rights available depend on the user's jurisdiction.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Windsurf.