Provisions Index

The policy states that Target processes Global Privacy Control browser signals as valid opt-out requests from consumers for the sale or sharing of personal information....

Why it matters: Recognition of GPC signals as valid opt-out requests is required under CPRA regulations for businesses subject to CCPA/CPRA; this provision creates an operational obligation to implement technical GPC signal recognition consistently across all digital surfaces and to honor those signals within the 15-business-day response period....

View provision → Watch Target →

The policy restricts End User Services exclusively to personal use and prohibits any commercial or business use, including allowing third parties to use the services for commercial purposes....

Why it matters: This provision establishes that End User Services cannot be used in any commercial or business capacity, which creates a clearly defined eligibility boundary that could affect account standing or service access for users operating in business contexts....

View provision → Watch Stripe →

The policy prohibits use of End User Services in any manner that violates prohibitions imposed by relevant sanctions authorities, encompassing both the user's own conduct and use they permit by others....

Why it matters: This provision requires users to independently comply with sanctions programs administered by relevant authorities, including OFAC in the United States, and equivalent bodies in other jurisdictions, as a condition of using End User Services....

View provision → Watch Stripe →

The policy prohibits users from creating any content, products, or services that incorporate or are derived from any part of the End User Services....

Why it matters: This provision establishes that users may not build upon, incorporate, or use any component of the End User Services as an input for the creation of third-party content, products, or services, which has direct implications for developers or users who might otherwise integrate End User Services functionality....

View provision → Watch Stripe →

The policy prohibits users from decompiling, extracting source code from, or reverse engineering the End User Services, and from allowing others to do so....

Why it matters: This provision establishes a technical integrity restriction that prohibits users from attempting to access or reproduce the underlying code or technical architecture of the End User Services....

View provision → Watch Stripe →

The policy prohibits users from transferring or moving software, technology, or services, including Stripe's software and encryption software, across country borders in any manner not permitted by applicable law....

Why it matters: This provision places an affirmative obligation on users to comply with applicable export control laws when transferring or moving any software or technology associated with the End User Services, with specific reference to encryption software, which is subject to export licensing requirements under U.S. and other national export control regimes....

View provision → Watch Stripe →

The policy prohibits users from circumventing technical limitations built into the End User Services or enabling any functionality that has been disabled or restricted....

Why it matters: This provision establishes that users are contractually prohibited from bypassing platform-imposed technical controls, which functions as a complement to the reverse engineering prohibition and reinforces the integrity of Stripe's platform access controls....

View provision → Watch Stripe →

The policy prohibits users from using or reproducing any part of the End User Services, including trademarks displayed within those services, except as expressly permitted by applicable law....

Why it matters: This provision restricts user reproduction or use of End User Services content and branding, with specific reference to trademarks, establishing that any use or reproduction beyond what law expressly allows constitutes a policy violation....

View provision → Watch Stripe →

The policy prohibits users from using End User Services to facilitate illegal or harmful activity and from causing harm to Stripe or to other parties through the services....

Why it matters: This provision establishes a broad behavioral restriction encompassing both illegal conduct and harmful conduct, with the latter term undefined, which creates a wide-ranging prohibition on use of End User Services that could affect account standing under Stripe's broader enforcement framework....

View provision → Watch Stripe →

The policy states that ADP processes client employee HR, payroll, and benefits data as a data processor acting under employer instruction, and directs employees to contact their employer to exercise data rights rather than contacting ADP....

Why it matters: This provision establishes that the employing organization, not ADP, bears the primary data controller obligations for employee data processed through ADP's platforms, creating a structural redirection of individual data subject rights requests and determining which entity is accountable under GDPR and equivalent frameworks....

View provision → Watch ADP →

The policy states that ADP uses EU Supervisory Authority-approved Binding Corporate Rules as the legal mechanism for transferring client employee data, business contact data, and associate data across ADP's global entity network....

Why it matters: BCR approval is a regulatory authorization mechanism under GDPR Chapter V that requires ongoing supervisory authority oversight; this provision identifies the specific transfer mechanism ADP relies on for intra-group international data flows, which is operationally significant for client organizations evaluating the legality of their cross-border HR data transfers through ADP....

View provision → Watch ADP →

The policy authorizes sharing of personal data with third-party vendors providing hosting, analytics, and advertising services, subject to contractual data protection obligations imposed on those vendors....

Why it matters: This provision permits disclosure of personal data collected through ADP's website and marketing channels to advertising and analytics third parties, which is operationally relevant for CCPA opt-out rights and GDPR consent or legitimate interests assessments for website visitor data....

View provision → Watch ADP →

The policy directs California residents to a separate CCPA-specific notice for information about their rights under California privacy law, including rights to access, deletion, correction, and opt-out of data sale or sharing....

Why it matters: This provision identifies a jurisdiction-specific supplement that governs California residents' data rights, which is operationally significant because CPRA rights including the right to opt out of sale or sharing for targeted advertising apply to ADP's data controller activities and are governed by the California notice rather than the global policy....

View provision → Watch ADP →

The policy directs individuals wishing to exercise data protection rights to contact information provided in regional supplements, rather than providing a single global contact point in the main policy text....

Why it matters: This provision establishes that the procedural mechanism for exercising GDPR, CCPA, and other data subject rights is distributed across jurisdiction-specific supplements rather than centralized, which requires individuals to identify and access the correct regional notice before initiating a rights request....

View provision → Watch ADP →

The policy states that ADP processes payroll, benefits, HR, and tax data belonging to client employees in its capacity as a data processor, acting under the instruction of the employing organization as data controller....

Why it matters: This provision identifies the specific categories of personal data processed by ADP as a processor, which include payroll, tax, benefits, and HR records, categories that carry heightened sensitivity in some jurisdictions and that trigger specific regulatory obligations regarding accuracy, retention, and security....

View provision → Watch ADP →

The policy states that ADP uses cookies, web beacons, pixels, and similar tracking technologies to collect website usage data and to support advertising personalization....

Why it matters: This provision authorizes the use of advertising and analytics tracking technologies on ADP's website, which engages GDPR ePrivacy Directive consent requirements for EU users and CCPA opt-out requirements for California residents, and is observable in the technical infrastructure of the page....

View provision → Watch ADP →

The policy establishes that jurisdiction-specific supplements govern local law rights and disclosures for users in specific geographies, with the global policy serving as a baseline that regional notices modify or supplement....

Why it matters: The layered supplement structure means that the applicable privacy terms for any given user depend on their jurisdiction, and the global policy alone does not constitute a complete disclosure of rights and obligations for users in regulated jurisdictions such as the EU, UK, Canada, or California....

View provision → Watch ADP →

The terms assert that Datadog owns or licenses all content on the website and prohibit users from reproducing, distributing, modifying, or creating derivative works from that content without authorization. Exceptions are limited to incidental RAM caching during normal browsing and personal, non-commercial use where explicitly permitted....

Why it matters: This provision restricts organizational use of Datadog website content, including documentation screenshots, product descriptions, or marketing materials, in ways that may affect vendor assessment workflows, competitive analysis documentation, or partner materials without obtaining prior written consent....

View provision → Watch Datadog →

The agreement requires users to defend, indemnify, and hold harmless Datadog and its affiliates against any claims, damages, losses, costs, and attorneys fees arising from the user's violation of the terms or use of the website. This obligation extends to Datadog's officers, directors, employees, contractors, agents, licensors, suppliers, successors, and assigns....

Why it matters: This provision places the financial and legal burden of defending third-party claims arising from site use on the user, including attorneys fees, without a reciprocal indemnification obligation from Datadog. In enterprise procurement contexts, this clause may require negotiation or disclosure to internal legal teams....

View provision → Watch Datadog →

The agreement disclaims all express and implied warranties regarding the website, including warranties of completeness, security, reliability, quality, accuracy, and availability. Datadog asserts no warranty that the site will be error-free, uninterrupted, or free from viruses or harmful components....

Why it matters: This provision limits Datadog's contractual exposure for site unavailability, inaccurate content, or security incidents affecting website visitors, placing risk of reliance on site content or availability with the user. Applicable law in some jurisdictions may limit the scope of warranty disclaimers against consumers....

View provision → Watch Datadog →

The agreement excludes Datadog's liability for all categories of damages including direct, indirect, special, incidental, consequential, and punitive damages arising from website use or inability to use the site, under any legal theory including tort and contract. This exclusion applies to Datadog and its affiliates, licensors, service providers, employees, agents, officers, and directors....

Why it matters: This provision limits the recoverable damages available to users for claims arising from website use to potentially nothing, as the clause excludes both direct and indirect damages without stating a minimum recovery floor. Applicable law in some jurisdictions may render portions of this limitation unenforceable....

View provision → Watch Datadog →

The agreement designates New York law as governing all disputes related to the website and these terms, including non-contractual claims, and excludes conflict of law rules that might otherwise apply another jurisdiction's law. Disputes are to be resolved exclusively in New York state or federal courts....

Why it matters: This provision requires users in other U.S. states or international jurisdictions to resolve disputes under New York law and in New York courts, which may affect the availability of consumer protections specific to the user's home jurisdiction, though applicable mandatory law in the user's jurisdiction may override this designation in some cases....

View provision → Watch Datadog →

The agreement reserves Datadog's right to withdraw, amend, or restrict access to the website or any part of it at any time, in its sole discretion and without notice, with no liability for resulting unavailability. This right applies to all users including registered users....

Why it matters: This provision establishes that Datadog may restrict or terminate website access, including for registered users, without advance notice and without incurring liability for the resulting unavailability. Organizations relying on the website for time-sensitive operational activities should account for the absence of a notice or continuity obligation....

View provision → Watch Datadog →

The agreement restricts website use to lawful purposes and prohibits users from using the site to violate applicable law, harm minors, transmit unsolicited commercial communications, impersonate Datadog or others, or engage in conduct that restricts or inhibits other users' access. Additional technical prohibitions include unauthorized automated access, introduction of malicious code, and interference with site security....

Why it matters: This provision establishes the behavioral and technical boundaries for permissible website use and provides Datadog with a contractual basis to terminate access for violations. The clause expressly prohibits conduct that violates applicable law, which links the acceptable use obligation to the full range of relevant federal, state, and foreign legal requirements....

View provision → Watch Datadog →

The agreement disclaims Datadog's responsibility for third-party websites linked from datadoghq.com, including those in advertisements and sponsored links. Users who access linked third-party sites do so at their own risk and under those sites' own terms....

Why it matters: This provision establishes that Datadog accepts no responsibility for the content, accuracy, or practices of third-party sites linked from its website, including sponsored content. Users should be aware that clicking outbound links, including from advertisements on the Datadog website, subjects them to separate terms and data practices not covered by this document....

View provision → Watch Datadog →

The agreement reserves Datadog's right to revise the terms at any time in its sole discretion, with changes effective immediately upon posting. Continued use of the website after posting constitutes acceptance of the revised terms....

Why it matters: This provision establishes that changes to the terms take effect immediately upon posting without requiring affirmative user consent, and that continued website use constitutes acceptance. Users who do not regularly monitor the terms page may be bound by revised terms without direct notification....

View provision → Watch Datadog →

The policy discloses that Walgreens shares personal information with advertising partners in ways that may qualify as a sale or sharing for cross-context behavioral advertising under California law, and states that California residents may opt out of this sharing....

Why it matters: This provision triggers opt-out rights under CCPA/CPRA for California residents and requires Walgreens to provide a clear and accessible opt-out mechanism, including recognition of the Global Privacy Control signal. The provision also implicates CPRA's annual data minimization obligations for data shared with advertising partners....

View provision → Watch Walgreens →

The policy states that Walgreens collects prescription information, health conditions, pharmacy interaction data, OTC purchase history, and health-related browsing activity across its digital and physical service channels....

Why it matters: This provision identifies a broad category of sensitive health-related data collected across both HIPAA-regulated pharmacy operations and non-HIPAA retail and digital channels. The policy does not consistently delineate which data flows are governed by HIPAA Notice of Privacy Practices and which fall solely under this privacy policy, creating potential gaps in regulatory coverage for health-adjacent data....

View provision → Watch Walgreens →

The policy identifies sensitive personal information categories collected by Walgreens, including health data, financial information, precise geolocation, and account credentials, and states that California residents may request limitation of use to service-necessary purposes....

Why it matters: Under CPRA, sensitive personal information is subject to heightened use limitations and consumers have a statutory right to limit its use beyond service delivery. This provision establishes the right but the operational scope of what constitutes service-necessary use for health and pharmacy data in an integrated retail-pharmacy context requires evaluation....

View provision → Watch Walgreens →

The policy authorizes sharing of personal information with advertising, analytics, and social media partners for targeted advertising and campaign measurement, and states these partners use tracking technologies including cookies and pixel tags on Walgreens services....

Why it matters: This provision authorizes third-party tracking technology deployment on Walgreens platforms, enabling advertising and analytics partners to independently collect device identifiers, browsing activity, and interaction data. The scope of data accessible to third-party pixels and cookies deployed on health-related pages creates specific regulatory exposure under state health data laws and FTC guidance....

View provision → Watch Walgreens →

The policy grants California residents rights to know, delete, correct, and opt out of sale or sharing of personal information, and states that Walgreens will not discriminate against consumers for exercising these rights....

Why it matters: This provision operationalizes CCPA/CPRA statutory rights for California residents and establishes the non-discrimination obligation. The scope and effectiveness of these rights in practice depends on the adequacy of the request submission mechanisms, verification procedures, and response timelines implemented by Walgreens....

View provision → Watch Walgreens →

The policy states that the myWalgreens loyalty program collects purchase history, prescription information, and service interaction data, which is used for personalized offers, rewards management, and targeted communications....

Why it matters: Loyalty program participation generates a persistent, linked dataset combining retail purchase history, prescription information, and behavioral data, which the policy authorizes for use in personalized advertising and communications. The combination of pharmacy and retail data within the loyalty program context creates specific data minimization and use limitation considerations....

View provision → Watch Walgreens →

The policy states that personal information is retained as long as necessary for the purposes collected, for legal compliance, dispute resolution, and agreement enforcement, without specifying fixed retention periods for individual data categories....

Why it matters: The absence of specific retention periods for individual personal information categories, particularly health and pharmacy data, creates compliance considerations under CCPA/CPRA's data minimization requirements and HIPAA's record retention standards. Retention periods that are not bounded by specific timelines may face scrutiny under CPRA's proportionality standard....

View provision → Watch Walgreens →

The policy states that Walgreens services are not directed to children under 13, that the company does not knowingly collect personal information from this age group, and that such information will be deleted upon discovery....

Why it matters: This provision establishes a COPPA-compliant framework for the primary digital services, but the pharmacy and health context presents a specific operational consideration: minors may be represented in prescription or family health account contexts, which may require additional protections beyond COPPA's baseline requirements....

View provision → Watch Walgreens →

ElevenLabs collects voice recordings and AI-generated voice models submitted by users and states that this data may be used to train and improve its AI systems, with consent obtained where legally required....

Why it matters: This provision directly implicates biometric privacy statutes in multiple U.S. jurisdictions, including Illinois BIPA, which requires opt-in written consent before collecting biometric identifiers, and may engage GDPR Article 9 if voice data is processed to uniquely identify individuals. The scope of consent required, and whether existing consent mechanisms satisfy applicable statutory standards, warrants legal evaluation....

View provision → Watch ElevenLabs →

ElevenLabs authorizes sharing of user personal information with advertising partners, analytics providers, service providers, and business partners for platform operation and business purposes....

Why it matters: This provision may trigger CCPA/CPRA obligations regarding the sale or sharing of personal information with advertising partners, requiring ElevenLabs to offer California residents an opt-out mechanism. Under GDPR, sharing with advertising partners requires a valid legal basis, typically consent or a documented legitimate interests assessment....

View provision → Watch ElevenLabs →

ElevenLabs states that personal data may be transferred and processed in countries outside the user's country of residence, including countries with different data protection standards....

Why it matters: Cross-border data transfers from the EU/EEA to the United States require an approved transfer mechanism under GDPR Chapter V. The policy does not specify in detail which transfer mechanisms are relied upon, which warrants verification by compliance teams evaluating EU data flows....

View provision → Watch ElevenLabs →

The policy grants EU/EEA, UK, and Swiss users rights of access, rectification, erasure, restriction, objection, and data portability under applicable data protection law, exercisable by contacting ElevenLabs directly....

Why it matters: This provision establishes the procedural mechanism through which EU, UK, and Swiss users may exercise their statutory data rights under GDPR and equivalent frameworks. The enforceability and response timelines for these rights are governed by applicable law rather than solely by the policy terms....

View provision → Watch ElevenLabs →

California residents are granted rights under CCPA/CPRA to know, delete, opt-out of sale or sharing, and be free from discrimination for exercising privacy rights regarding their personal information held by ElevenLabs....

Why it matters: This provision establishes CCPA/CPRA compliance obligations for ElevenLabs with respect to California residents, including a specific opt-out right for the sale or sharing of personal information with advertising partners that must be operationally implemented and accessible....

View provision → Watch ElevenLabs →

ElevenLabs deploys cookies, web beacons, and pixel tags to collect browsing activity, device information, and user interaction data, which is used for analytics and advertising purposes....

Why it matters: The use of tracking technologies for advertising purposes engages GDPR's consent requirements under the ePrivacy Directive for EU/EEA users and CCPA/CPRA sharing opt-out requirements for California residents where tracking data is shared with advertising partners....

View provision → Watch ElevenLabs →

ElevenLabs retains personal information for the duration necessary to fulfill stated collection purposes and to comply with legal, accounting, and reporting obligations, without specifying fixed retention periods for individual data categories....

Why it matters: The absence of specific retention periods for individual data categories, particularly voice recordings and voice models, creates potential tension with GDPR's data minimization and storage limitation principles, which require that retention periods be specified or determinable....

View provision → Watch ElevenLabs →

ElevenLabs states its services are not directed at children under 13 and that it does not knowingly collect personal information from children under 13, with a remediation commitment to delete such data if collected....

Why it matters: This provision establishes ElevenLabs' COPPA compliance posture for U.S. users. The absence of a higher age threshold (such as 16 for GDPR purposes) may be relevant for EU/EEA compliance where member states may set the digital age of consent between 13 and 16....

View provision → Watch ElevenLabs →

The agreement requires users and Skillshare to resolve disputes through individual binding arbitration administered by JAMS, rather than through court proceedings, and prohibits participation in class action lawsuits or class-wide arbitration....

Why it matters: This provision requires disputes to proceed through individual JAMS arbitration under New York law, which determines the procedural forum and applicable rules for any legal claims between users and Skillshare. The class action waiver component means that users cannot aggregate claims with other users, which may be relevant to the practical viability of small-value claims....

View provision → Watch Skillshare →

The agreement prohibits users from participating in or initiating class action lawsuits or class-wide arbitration proceedings against Skillshare....

Why it matters: This provision, combined with the mandatory arbitration clause, requires that any legal claims against Skillshare be pursued individually. This applies to all users globally, including those who may have transitioned from Superpeer following the acquisition....

View provision → Watch Skillshare →

Users grant Skillshare a worldwide, royalty-free, sublicensable, and transferable license to use, reproduce, distribute, create derivative works of, and publicly display user-submitted content in connection with operating and promoting the platform and Skillshare's business....

Why it matters: This provision authorizes Skillshare to use, reproduce, modify, and distribute all user-submitted content, including course materials, videos, images, and other instructional assets, for business purposes beyond the original upload context. The sublicensable and transferable nature of the license means third parties may receive rights to user content through Skillshare's sublicensing....

View provision → Watch Skillshare →

Skillshare may terminate or suspend user access to the platform, in whole or in part, for any reason or no stated reason, including for violations of the Terms of Service....

Why it matters: This provision reserves broad discretionary authority for Skillshare to terminate or suspend accounts without stated cause. Under this clause, users including paid subscribers and content creators may lose access to the platform and their content without specific procedural protections beyond those stated elsewhere in the terms....

View provision → Watch Skillshare →

Paid subscriptions automatically renew at the end of each billing period and users authorize recurring charges to their payment method unless they cancel before the renewal date....

Why it matters: This provision establishes automatic recurring billing authorization for all paid subscription tiers. Users must take affirmative action to cancel before each renewal date to avoid being charged for the next subscription period....

View provision → Watch Skillshare →

The agreement states that Skillshare and its officers, directors, employees, agents, and licensors are not liable for indirect, incidental, special, consequential, or punitive damages arising from use of or inability to use the services, including loss of profits, data, or goodwill....

Why it matters: This provision caps the types of recoverable damages users may seek from Skillshare to direct damages only, excluding consequential, incidental, and punitive damages. The practical scope of this limitation depends on applicable law in the user's jurisdiction, as the provision is qualified by the phrase 'to the maximum extent permitted by applicable law.'...

View provision → Watch Skillshare →

The agreement prohibits a range of user conduct including unauthorized copying or distribution of platform content, use of automated systems or scrapers, sending unsolicited communications, interfering with platform integrity, and accessing unauthorized platform areas....

Why it matters: The acceptable use restrictions define the conditions under which accounts may be suspended or terminated. Violations of these provisions are expressly listed as grounds for account termination under the discretionary termination clause....

View provision → Watch Skillshare →

The agreement states that the Skillshare platform is intended only for users aged 18 or older, and by using the services users represent and warrant that they meet this age requirement....

Why it matters: The stated minimum age of 18 places Skillshare outside the direct scope of COPPA, which applies to children under 13, but creates a contractual representation that users must be legal adults. This provision affects account eligibility and the enforceability of the Terms of Service for minor users....

View provision → Watch Skillshare →