Provisions Index

The policy discloses that users in certain jurisdictions, including California and EU/UK, have rights to access, correct, delete, and obtain copies of their personal information, as well as rights to restrict processing, object to processing, and opt out of data sale or sharing....

Why it matters: This provision establishes the mechanism and scope of data subject rights available under CCPA, CPRA, GDPR, and UK GDPR, and the operational availability of these rights depends on Whatnot's implementation of request intake, verification, and response workflows....

View provision → Watch Whatnot →

The policy states that Whatnot does not direct its services to children under 13 and does not knowingly collect their personal information; if such data is identified, the policy states it will be deleted....

Why it matters: This provision asserts COPPA compliance by excluding users under 13 from the platform and committing to deletion of inadvertently collected data from that age group; the operational adequacy of age verification mechanisms determines the practical effect of this commitment....

View provision → Watch Whatnot →

The policy discloses that personal information may be transferred to and processed in countries outside the user's country of residence, including countries with different data protection standards, and asserts that appropriate safeguards have been implemented....

Why it matters: This provision addresses cross-border data transfers, which for EU and UK users require specific transfer mechanisms under GDPR and UK GDPR; the policy's reference to 'appropriate safeguards' without specifying the mechanism (such as standard contractual clauses or adequacy decisions) leaves the specific legal basis for transfers unspecified in the publicly available policy text....

View provision → Watch Whatnot →

The policy prohibits use of the OpenRouter platform to generate, distribute, or facilitate child sexual abuse material under any circumstances....

Why it matters: This provision establishes an absolute content prohibition that applies across all models accessible through the platform, and violation would constitute both a policy breach and potential criminal liability under applicable federal and state law....

View provision → Watch OpenRouter →

The policy establishes that operators who build applications on the OpenRouter platform are responsible for ensuring their end users comply with OpenRouter's Acceptable Use Policy....

Why it matters: This provision creates a contractual liability pass-through whereby operators bear compliance responsibility for violations committed by their end users, which requires operators to implement their own downstream enforcement mechanisms....

View provision → Watch OpenRouter →

The policy states that users are subject not only to OpenRouter's AUP but also to the terms of use of the individual upstream AI model providers whose models are accessed through the platform....

Why it matters: This provision creates a dynamic compliance dependency whereby the effective terms governing a user's platform access may change when upstream model providers update their own policies, without requiring a corresponding update to the OpenRouter AUP....

View provision → Watch OpenRouter →

The policy prohibits using the platform to generate content or assistance that facilitates the development of weapons of mass destruction, including biological, chemical, nuclear, or radiological weapons....

Why it matters: This provision establishes a categorical prohibition on a class of uses that would create significant legal liability and aligns the platform with export control and national security regulatory frameworks applicable to dual-use technologies....

View provision → Watch OpenRouter →

The policy prohibits using the platform to generate content designed to systematically deceive or manipulate individuals, including the creation of coordinated inauthentic behavior, disinformation campaigns, or impersonation at scale....

Why it matters: This provision establishes a content moderation obligation that engages FTC guidelines on deceptive practices and may interact with emerging platform accountability frameworks in the EU and US regarding AI-generated disinformation....

View provision → Watch OpenRouter →

The policy states that OpenRouter reserves the right to suspend or terminate accounts that violate the Acceptable Use Policy, with or without prior notice depending on the severity of the violation....

Why it matters: This provision establishes the enforcement mechanism for the policy's prohibited use categories and creates the primary operational consequence for non-compliance, which affects continued platform access for both users and operators....

View provision → Watch OpenRouter →

The policy states that messages, photos, videos, and documents in cloud chats are stored on Telegram servers in encrypted form, with encryption keys held by Telegram across multiple data centers. This is distinct from secret chats, which use end-to-end encryption and are not stored server-side....

Why it matters: This provision establishes that cloud chat content is retained by Telegram in a form that Telegram controls, meaning it is technically accessible to Telegram and potentially subject to compelled legal disclosure. The policy separately confirms that law enforcement requests may result in disclosure of IP address and phone number, though the policy does not explicitly state whether cloud chat content could be disclosed under a broader or different legal order....

View provision → Watch Telegram →

The policy states that Telegram may disclose a user's IP address and phone number to law enforcement upon receipt of a valid judicial order confirming the user is a suspect in criminal activity that violates the Terms of Service, subject to Telegram's own legal analysis. Disclosures are reported quarterly in a public transparency report....

Why it matters: This provision defines the scope of data Telegram commits to disclosing under law enforcement orders as limited to IP address and phone number, and conditions disclosure on both a valid judicial order and a Terms of Service violation finding. The quarterly transparency reporting mechanism provides a public audit trail of disclosure events....

View provision → Watch Telegram →

The policy states that third-party bot developers receive public account data including screen name, username, and profile picture when users interact with bots, and may also receive messages, IP addresses (via links), group membership status, and interface language. Third-party bot developers are described as independent from Telegram, and their data practices are governed by their own terms rather than Telegram's privacy policy....

Why it matters: This provision establishes that user data transmitted to third-party bots is outside Telegram's data protection framework, and that Telegram does not govern how independent bot developers collect, store, or use that data. Users interacting with third-party bots should review those bots' separate privacy policies....

View provision → Watch Telegram →

The policy states that message text may be shared with Google LLC or Microsoft Corporation when users request translation, and audio data from voice and video messages may be shared with Google LLC when users request transcription (a Telegram Premium feature). Both are described as user-initiated, restricted-purpose data transfers under agreements that prohibit secondary use by the third parties....

Why it matters: This provision discloses that message content and audio data are transmitted to Google LLC and Microsoft Corporation for user-requested features. The policy asserts contractual restrictions on secondary use by those companies, though users depend on Telegram's enforcement of those contractual terms....

View provision → Watch Telegram →

The policy states that personal data may be shared with Telegram's parent company and affiliated entities in the British Virgin Islands and Dubai for service provision and improvement purposes. The stated transfer safeguard is Standard Contractual Clauses approved by the European Commission....

Why it matters: This provision establishes that user personal data is shared across Telegram's corporate group, including entities in jurisdictions without an EU adequacy decision, relying on Standard Contractual Clauses as the transfer mechanism. The adequacy of SCCs for transfers to the BVI and UAE requires ongoing assessment under GDPR guidance....

View provision → Watch Telegram →

The policy states that metadata including IP address, device identifiers, Telegram app usage history, and username change history may be collected for security and anti-spam purposes and retained for a maximum of 12 months....

Why it matters: This provision establishes the categories and maximum retention period for security-related metadata. The retention of IP addresses for up to 12 months is the data category disclosed as subject to potential law enforcement disclosure under section 8.3....

View provision → Watch Telegram →

The policy enumerates data subject rights including access, portability, deletion, amendment, restriction, objection, and complaint to national data protection authorities. These rights are stated to apply under applicable data protection legislation and in certain circumstances....

Why it matters: This provision describes the data subject rights framework Telegram asserts it supports, including portability and the right to lodge complaints with national authorities. The qualification of rights as applying under applicable legislation and in certain circumstances reflects standard GDPR language conditioning these rights on legal basis and specific circumstances....

View provision → Watch Telegram →

The policy states that Telegram does not use user data for ad targeting or commercial purposes, and that sponsored messages in public channels are based solely on channel topic rather than user data analysis....

Why it matters: This provision establishes a stated commitment that user data is not analyzed or mined for advertising purposes, which is operationally distinct from advertising-supported platforms that use behavioral or demographic data for targeting. This commitment applies to Telegram's own advertising system; it does not govern data practices of third-party bot developers....

View provision → Watch Telegram →

The policy places full responsibility on advertisers for ensuring their ads comply with all applicable laws and regulations in every market where their campaigns run, including requirements for honesty and safety....

Why it matters: This provision requires advertisers to independently verify legal compliance across every jurisdiction where their ads are served, without X providing jurisdiction-specific legal clearance or guidance. The operational implication is that advertisers running multi-market campaigns bear the compliance burden for all applicable national, regional, and local advertising regulations....

View provision → Watch X →

The policy establishes categories of content that X will not permit in paid advertising under any circumstances, including ads for illegal products or services, deceptive content, and certain weapons-related content, among others referenced in the policy's linked detail pages....

Why it matters: This provision establishes the absolute limits of permissible advertising content on X; campaigns containing prohibited content are subject to rejection or removal, and accounts submitting prohibited content may face suspension from the advertising platform....

View provision → Watch X →

Certain categories of advertising content, including alcohol, gambling, financial products, pharmaceutical products, and political advertising, require prior written approval from X before campaigns may run, with availability varying by country....

Why it matters: This provision requires advertisers in regulated categories to complete an approval process with X before launching campaigns, creating a procedural prerequisite for campaign eligibility; the absence of defined approval timelines in this document creates potential operational uncertainty for time-sensitive campaigns....

View provision → Watch X →

The policy prohibits advertisers from using targeting parameters based on sensitive personal characteristics including race, religion, health conditions, and sexual orientation when serving paid advertising on X....

Why it matters: This provision restricts the use of sensitive data categories for ad targeting, which intersects with GDPR Article 9 special category data protections in the EU and similar frameworks in other jurisdictions; advertisers using audience segmentation tools must verify that their targeting configurations do not rely on prohibited sensitive attributes....

View provision → Watch X →

X reserves discretion to determine whether an advertiser account meets eligibility criteria to participate in the X Ads platform, and may find accounts ineligible for reasons described in linked external documentation; the policy also describes an offboarding process for accounts that no longer meet eligibility requirements....

Why it matters: This provision establishes that access to X's advertising platform is conditional on ongoing eligibility determinations made by X; the document does not specify binding procedural guarantees for eligibility review timelines or appeals, which creates operational uncertainty for advertisers dependent on the platform for campaign delivery....

View provision → Watch X →

The policy restricts or prohibits political advertising on X, with availability varying by country; advertisers seeking to run political ads must verify eligibility in their specific jurisdiction and may require prior written approval from X....

Why it matters: Political advertising restrictions on X vary by country and require advertisers to independently verify eligibility before submitting campaigns; given the time-sensitive nature of political campaigns, the absence of defined approval timelines in this document creates significant operational planning considerations for political advertisers....

View provision → Watch X →

All advertisers who choose to promote content with X Ads are subject to an approval process covering both their account and their ad content; the process is described as designed to support platform quality and safety and to verify compliance with X's advertising policies....

Why it matters: This provision establishes that ad campaigns on X are conditional on completion of an approval process, and that both the advertiser account and individual ad content are reviewed; the document does not specify approval timelines or procedural guarantees, which is an operational planning consideration for advertisers....

View provision → Watch X →

The policy discloses that sharing personal information with advertising partners may qualify as a 'sale' or 'sharing' under California law, and provides opt-out mechanisms via a footer link and app settings....

Why it matters: This provision establishes Zillow's compliance with CCPA/CPRA opt-out obligations and operationalizes the consumer right to halt advertising-related data transfers classified as sales or sharing under California law....

View provision → Watch Zillow →

The policy enumerates categories of personal information collected, including identifiers, financial data, precise geolocation, device information, communications content, and inferred profile data derived from collected information....

Why it matters: This provision establishes the scope of Zillow's data collection across its platforms and is foundational to evaluating the company's obligations under CCPA/CPRA, which requires disclosure of collected categories and their purposes....

View provision → Watch Zillow →

The policy authorizes disclosure of personal information to advertising and analytics partners for targeted advertising, campaign measurement, and personalization, using cookies and tracking technologies across Zillow properties and third-party sites....

Why it matters: This provision establishes the legal and operational basis for cross-context behavioral advertising using Zillow user data, and is directly relevant to CCPA/CPRA opt-out obligations and FTC guidance on online tracking....

View provision → Watch Zillow →

The policy grants state-specific privacy rights including access, deletion, correction, portability, and opt-out of sale, sharing, targeted advertising, and profiling, with availability depending on the user's state of residence....

Why it matters: This provision operationalizes Zillow's compliance with CCPA/CPRA and analogous state privacy statutes by establishing the rights framework, request process, and response obligations applicable to covered residents....

View provision → Watch Zillow →

The policy discloses collection of precise geolocation data for service delivery, connection with real estate professionals, and advertising purposes, subject to user consent where required....

Why it matters: Precise geolocation is classified as sensitive personal information under CPRA and several other state privacy frameworks, triggering heightened use limitation and opt-out rights beyond those applicable to general personal information....

View provision → Watch Zillow →

The policy states that Zillow's services are not directed to children under 13, prohibits knowing collection of personal information from this age group, and commits to deleting such data upon discovery....

Why it matters: This provision establishes Zillow's stated compliance posture under COPPA, which governs online collection of personal information from children under 13 and is enforced by the FTC....

View provision → Watch Zillow →

The policy states that personal information is retained for as long as necessary to fulfill collection purposes, satisfy legal obligations, resolve disputes, and enforce agreements, with retention periods varying by data type and purpose....

Why it matters: Retention period disclosures are required under CCPA/CPRA and are relevant to consumer deletion rights; indefinite or purpose-based retention policies without specific timeframes may be subject to regulatory scrutiny in jurisdictions requiring retention limitation disclosures....

View provision → Watch Zillow →

The policy authorizes sharing of contact information and inquiry details with real estate professionals when users initiate or receive contact through the platform, characterizing this as consent-based sharing....

Why it matters: This provision establishes a consent-based data sharing mechanism with real estate professionals that is operationally central to Zillow's business model and relevant to users' expectations about who receives their contact and transaction inquiry information....

View provision → Watch Zillow →

The Custom Experience program collects data on websites visited and apps used on Verizon's mobile network, and the Custom Experience Plus program additionally incorporates location data, to personalize services and deliver targeted advertising to customers. Customers are enrolled by default and may opt out through account settings....

Why it matters: This provision authorizes Verizon to use network-level behavioral data, including browsing and app usage activity, as a telecommunications carrier to deliver targeted advertising. As a common carrier, Verizon's use of CPNI-adjacent network data for advertising purposes engages FCC regulatory authority in addition to general consumer privacy frameworks....

View provision → Watch Verizon →

Verizon uses network data and other information to generate aggregate reports on foot traffic patterns, demographic trends, and related business intelligence, which are then shared with or sold to third-party business and government customers. The policy states that the data used is aggregated and not individually identifiable....

Why it matters: This provision establishes a data monetization mechanism through which Verizon derives and sells aggregate insights derived from customer network behavior. The deidentification and aggregation standards applied, and whether the resulting products could permit re-identification, are material compliance considerations for assessing whether this constitutes a sale of personal information under applicable state privacy law....

View provision → Watch Verizon →

Verizon states that it uses CPNI, which includes call records, location, and technical network usage information, to provide telecommunications services and to inform customers about other Verizon service offerings. Federal law governs CPNI use, and Verizon discloses this framework as part of its privacy policy....

Why it matters: This provision identifies the federal CPNI regulatory framework applicable to Verizon as a telecommunications carrier and establishes the stated basis for using network data in service delivery and marketing contexts. The intersection of CPNI obligations with the Custom Experience advertising programs described elsewhere in the policy is a material compliance consideration....

View provision → Watch Verizon →

The policy authorizes Verizon to share personal information with service providers, advertising companies, and business partners that assist in service delivery and advertising operations. Service providers are stated to be restricted from using personal information for their own marketing, while advertising company sharing is disclosed as a distinct category....

Why it matters: This provision establishes the contractual framework for third-party data sharing with advertising partners, which is directly relevant to CCPA/CPRA sale and sharing definitions and to the adequacy of consumer opt-out rights for cross-context behavioral advertising....

View provision → Watch Verizon →

The policy grants California residents rights under CCPA and CPRA including access, deletion, correction, opt-out of sale or sharing, and limitation of sensitive personal information use, with a stated non-discrimination commitment for exercising these rights....

Why it matters: This provision establishes the operational framework for California statutory privacy rights, including the right to opt out of sale or sharing of personal information for advertising purposes, which is directly relevant to the Custom Experience and advertising data sharing programs described elsewhere in the policy....

View provision → Watch Verizon →

The policy states that Verizon does not knowingly collect personal information from children under 13 without parental consent, and does not knowingly collect personal information about customers' children without parental consent....

Why it matters: This provision establishes the stated compliance posture under the Children's Online Privacy Protection Act for online data collection from minors. The 'knowingly' qualifier is standard COPPA framing and limits the obligation to situations where Verizon has actual knowledge of a user's age....

View provision → Watch Verizon →

Verizon collects precise location data from GPS, Wi-Fi, Bluetooth, and cell tower sources, as well as less precise location derived from IP address, when customers use Verizon services and in some cases when using third-party services, websites, or apps....

Why it matters: This provision establishes that Verizon collects precise location data from multiple technical sources across both Verizon services and, in some circumstances, third-party contexts. Precise location data is classified as sensitive personal information under CPRA and intersects with FCC CPNI location data protections....

View provision → Watch Verizon →

The policy states that Verizon processes the Global Privacy Control browser signal as an opt-out of sale or sharing of personal information for residents of states that legally require GPC recognition. The technical implementation in the page source confirms GPC detection logic is present....

Why it matters: This provision establishes Verizon's stated approach to automated opt-out signals, which is a compliance requirement under CPRA for California residents and under similar statutes in other states. The qualifying language 'where Verizon is able to do so' and 'for residents of states that require recognition' introduces scope limitations that compliance teams should evaluate....

View provision → Watch Verizon →

This provision requires US users to resolve all disputes with Uber through binding individual arbitration administered by the American Arbitration Association rather than through court proceedings. Users retain a 30-day window after first accepting the terms to opt out of this requirement in writing....

Why it matters: This provision establishes that disputes between US users and Uber proceed through AAA arbitration rather than litigation, covering claims arising from both current and prior use of the platform. The opt-out mechanism requires affirmative written action within 30 days of first acceptance, after which the arbitration obligation applies as written....

View provision → Watch Uber →

This provision prohibits US users from bringing or participating in class action lawsuits or representative proceedings against Uber, and waives the right to a jury trial for all covered disputes. Claims must be brought individually....

Why it matters: This clause, combined with the mandatory arbitration provision, establishes that all US user disputes with Uber must proceed on an individual basis only, precluding class or collective claims. The jury trial waiver applies in addition to the arbitration requirement....

View provision → Watch Uber →

The agreement authorizes Uber to apply variable and surge pricing during high-demand periods, with the stated obligation to use reasonable efforts to notify users of applicable charges. Users are responsible for all charges incurred under their account regardless of pricing level....

Why it matters: This provision establishes that pricing is not fixed and may increase substantially during high-demand periods, with Uber's obligation limited to reasonable notification efforts rather than explicit pre-transaction consent for each surge price. The user's account-level responsibility for all charges applies regardless of the pricing mechanism in effect at the time of the transaction....

View provision → Watch Uber →

The agreement authorizes Uber to charge cancellation fees if a user cancels a service request before the service begins, and no-show fees if the user fails to appear for a scheduled service. These charges are applied to the stored payment method on the account....

Why it matters: This provision establishes that cancellation or non-appearance triggers an automatic fee charge to the user's stored payment method. The specific fee amounts are not detailed in the master terms and are subject to Uber's current fee schedule, which may be updated independently....

View provision → Watch Uber →

Users who submit content to Uber's platform grant Uber a worldwide, royalty-free, sublicensable license to use, reproduce, modify, distribute, and publicly display that content in connection with operating and providing the services. This license is non-exclusive, meaning users retain ownership of their content....

Why it matters: This provision establishes that user-submitted content, which may include reviews, photos, and communications, is licensed to Uber for broad use in connection with its services. The sublicense right allows Uber to extend this license to third parties involved in service delivery....

View provision → Watch Uber →

Uber reserves the right to modify these terms at any time by posting an updated version on its website or app. Continued use of the services after the posting of changes constitutes acceptance of the modified terms....

Why it matters: This provision establishes that Uber can update the contractual terms governing service use without obtaining affirmative re-consent from users, with continued use of the platform treated as acceptance. The mechanism by which users are notified of changes is described as posting on the website or app rather than direct communication....

View provision → Watch Uber →

Uber may terminate a user's access to the platform or specific services immediately and without prior notice based on its sole discretion, including for violations of the terms, perceived risk to Uber or third parties, or potential legal liability....

Why it matters: This provision establishes that account termination can occur without advance notice and based on Uber's unilateral assessment of risk or potential liability, which includes circumstances beyond direct violations of stated rules. The sole discretion standard means users have limited procedural protections against sudden account suspension....

View provision → Watch Uber →

The agreement limits Uber's liability to exclude indirect, incidental, special, exemplary, punitive, and consequential damages, including lost profits, data loss, personal injury, and property damage, even where Uber has been advised that such damages could occur. This limitation applies to the maximum extent permitted by applicable law....

Why it matters: This provision establishes broad liability limitations for Uber across a wide range of harm categories, including personal injury and property damage. The carve-out for applicable law means enforceability varies by jurisdiction, but as written the clause asserts exclusion of most categories of damages users might seek....

View provision → Watch Uber →

The agreement specifies Delaware law as the governing law and designates federal or state courts in San Francisco, California as the exclusive venue for legal proceedings, with California courts having exclusive jurisdiction over non-arbitrated claims....

Why it matters: This provision establishes the legal framework and venue applicable to disputes that proceed outside arbitration, including any claims by users who have opted out of the arbitration clause. The choice of Delaware law and California venue may affect the procedural rights available to users in other jurisdictions....

View provision → Watch Uber →

Uber disclaims responsibility for third-party services and content accessible through its platform, noting that separate terms and privacy policies apply to those third-party services. Uber explicitly disclaims endorsement of and liability for third-party products or services....

Why it matters: This provision establishes that Uber's contractual obligations and liability do not extend to third-party services integrated into or accessible through the platform. Users accessing third-party services through Uber are subject to those providers' separate terms and privacy policies, which Uber does not control or guarantee....

View provision → Watch Uber →