If X is acquired, merges with another company, or undergoes a bankruptcy or asset sale, your personal data may be transferred to the acquiring entity as part of that transaction.
This analysis describes what X's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision authorizes the transfer of personal data to a new corporate entity in connection with a corporate transaction, meaning control over your data could shift to a different company with its own privacy practices, potentially under a revised privacy policy.
In a merger, acquisition, or bankruptcy involving X, your personal data including account information, posts, direct messages, and behavioral data may be transferred to a new company. The policy states that the new entity may adopt its own privacy policy and may update the terms under which your data is used.
How other platforms handle this
We may share your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, or dissolution, transaction, or proceeding involving all or a portion of our business.
By using our Services, you agree to be bound by this Privacy Policy.
We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.
Monitoring
X has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"In the event that we are involved in a bankruptcy, merger, acquisition, reorganization, or sale of assets, your personal information may be sold or transferred as part of that transaction. This Privacy Policy will apply to your personal information as transferred to the new entity, although the new entity may have its own privacy policy and may update the Privacy Policy.— Excerpt from X's X Privacy Policy
REGULATORY LANDSCAPE: Corporate transaction data transfers engage GDPR Article 6 lawful basis requirements and may require data subject notification depending on the nature and scale of the transfer. Under CCPA, transfers of personal information in a merger or acquisition are subject to the requirement that the transferee be contractually bound to use the data only in accordance with the original policy or notify users and provide opt-out rights. FTC guidance on data transfers in bankruptcy proceedings is also relevant. GOVERNANCE EXPOSURE: Medium. Corporate transaction transfers are a standard disclosure in consumer privacy policies. Governance exposure arises if the acquiring entity materially changes the terms under which personal data is used without adequate notice and an opportunity to opt out, particularly for sensitive data categories. JURISDICTION FLAGS: EU and UK users benefit from GDPR's requirements that lawful basis and data subject rights be maintained through corporate transactions. California residents retain CCPA/CPRA rights against the successor entity. In bankruptcy proceedings, the FTC has historically asserted that consumer data constitutes an asset subject to specific protections. CONTRACT AND VENDOR IMPLICATIONS: Organizations that have data processing agreements with X should include change-of-control provisions specifying how such agreements are affected by a corporate transaction involving X. COMPLIANCE CONSIDERATIONS: Legal teams should monitor X's corporate structure and ownership for material changes that could trigger data transfer obligations, and assess whether existing agreements with X include adequate protections in the event of a sale or restructuring.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision authorizes the transfer of personal data to a new corporate entity in connection with a corporate transaction, meaning control over your data could shift to a different company with its own privacy practices, potentially under a revised privacy policy.
In a merger, acquisition, or bankruptcy involving X, your personal data including account information, posts, direct messages, and behavioral data may be transferred to a new company. The policy states that the new entity may adopt its own privacy policy and may update the terms under which your data is used.
ConductAtlas has identified this type of provision across 23 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by X.