Provisions Index

Users have the right to access, download, and delete their Gemini conversation data through Google Account tools such as Google Takeout and My Activity....

Why it matters: Knowing these rights exist and how to exercise them empowers consumers to control what personal information Google holds about their Gemini usage....

If you use your Fitbit with a Google Account, Google's Privacy Policy governs your data instead of (or in addition to) Fitbit's own policy. This means your fitness and health data may be processed under Google's much broader data practices....

Why it matters: This provision means millions of Fitbit users may be unaware that their health data is governed by Google's expansive data ecosystem, not just Fitbit's narrower policy....

Fitbit collects highly sensitive health data from your device including heart rate, sleep patterns, menstrual cycles, weight, calories, exercise activity, and GPS location. This data is stored on Fitbit's servers and may be shared with third parties....

Why it matters: This is among the most sensitive personal data a company can collect — it can reveal medical conditions, reproductive health, and daily routines, making robust data protection essential....

Fitbit may share your health and fitness data with third-party apps, health platforms, and service providers that you authorize or that Fitbit works with to operate its services. Once shared, Fitbit's policy may no longer govern how that data is used....

Why it matters: Once your health data leaves Fitbit's environment and goes to a third party, Fitbit's privacy protections may no longer apply, and the third party's own policies govern how your data is handled....

Fitbit's services are not directed at children under 13, and Fitbit states it does not knowingly collect personal data from children under 13 without parental consent. However, the policy's mechanisms for enforcing this restriction are not detailed....

Why it matters: Without robust age verification, children's sensitive health data could be collected and processed without appropriate parental consent, creating legal risk and real harm to minors....

If you use Fitbit outside the United States, your personal data may be transferred to and processed in the US, where privacy laws may offer fewer protections than in your home country....

Why it matters: For EU and UK users in particular, transferring health data to the US may not carry the same legal protections as data kept within the European Economic Area, depending on the safeguards Fitbit uses....

Fitbit states that users can access, export, and request deletion of their personal data through account settings or by contacting Fitbit. The scope and timeline for these rights may differ depending on whether you use a Google Account....

Why it matters: Knowing you have the right to delete your health data and how to exercise it is critical, especially given the sensitivity of the biometric and health information Fitbit stores....

Fitbit collects GPS and location data from your device and smartphone to track exercise routes and provide location-based features. This data can reveal your home, workplace, and daily movement patterns....

Why it matters: Continuous location tracking creates a detailed profile of your physical movements, which could be misused if exposed in a data breach or shared with third parties....

Fitbit retains your personal data for as long as your account is active and for a period afterward as required by law or business purposes. Deleting your account does not guarantee immediate or permanent deletion of all data....

Why it matters: Your sensitive health data may remain on Fitbit's servers even after you stop using the service or delete your account, potentially for extended legal or business retention periods....

Waze collects your precise GPS location continuously while the app is in use, including in the background, to provide navigation and community-based traffic features....

Why it matters: Continuous location tracking creates a detailed record of your movements, which can reveal sensitive information about your daily routine, home, workplace, and habits....

Waze shares your personal data, including location and usage information, with its parent company Google and affiliated entities within the Google group....

Why it matters: Sharing your data with Google means it can be combined with other Google data about you, significantly expanding the profile Google holds and the ways your data can be used....

Waze uses your location data, driving behavior, and usage information to show you personalized advertisements within the app....

Why it matters: Your driving patterns and location history are being used to commercially profile you, which many users may not expect from a navigation app....

Users — particularly those in the EU/EEA and California — have rights to access, correct, delete, or port their personal data, and can object to certain types of processing....

Why it matters: These rights give you meaningful control over your personal data, but you must actively exercise them by contacting Waze, as they are not automatic....

Waze states that its services are not directed at children under 13 (or higher age thresholds in some jurisdictions) and that it does not knowingly collect personal data from children....

Why it matters: If a child uses Waze without parental knowledge, their location and personal data may be collected without the additional protections required by law for minors....

Waze may transfer your personal data to countries outside your own, including to the United States, where data protection laws may differ from those in your home country....

Why it matters: If you are in the EU or UK, your data may be transferred to jurisdictions with different — potentially lower — levels of legal protection for your personal information....

When you report accidents, traffic, or other events in Waze, this content is shared with the Waze community and may be used to improve Waze services....

Why it matters: Reports you submit may be linked to your account and location at the time of submission, creating a record of your activity and whereabouts....

Waze retains your personal data for as long as your account is active or as needed to provide services, comply with legal obligations, or resolve disputes....

Why it matters: Vague retention periods mean your location history and personal data could be stored indefinitely unless you actively request deletion....

Waze integrates with third-party services (such as music apps and fuel price providers) and may share data with these partners when you use integrated features....

Why it matters: Using third-party features within Waze can trigger additional data sharing with external companies whose own privacy policies govern how your data is used....

Waze states that it uses anonymized and aggregated data about driving patterns and traffic conditions to improve its services and may share such data with third parties....

Why it matters: While Waze describes this data as anonymous, research has shown that anonymized location data can often be re-identified, potentially revealing your identity and movements....

You cannot use the Google Maps APIs to build any product that competes with or closely resembles Google Maps or Google Earth....

Why it matters: This clause prevents developers from using Google's own infrastructure and data to build a rival mapping service, effectively locking them into Google's ecosystem....

You generally cannot save or store Google Maps data locally, except for very limited temporary caching to improve app performance....

Why it matters: This restriction ensures all Maps data must flow through Google's live APIs, preventing developers from building offline-capable or independent datasets from Google's mapping data....

Google can change, pause, or shut down any part of the Maps Platform — including specific APIs — at any time without your consent....

Why it matters: Businesses that have deeply integrated Google Maps APIs into their products face the risk of sudden service changes or terminations that could break their applications without meaningful advance notice....

You cannot use Google Maps to track the real-time location of vehicles, assets, or people without getting proper consent from everyone being tracked....

Why it matters: This clause places direct responsibility on the developer-customer to obtain consent for real-time tracking use cases, which has significant privacy and regulatory implications....

Any Maps content or API output must only be shown inside a Google Maps-branded interface — you cannot extract and display it in a standalone or non-Google context....

Why it matters: This restricts developers from displaying Google Maps data in any interface that does not use Google's Maps framework, preventing integration of Google map data into alternative visualizations or mixed-provider solutions....

If you build an app using Google Maps APIs, you must make your users agree to terms of service that include Google's key restrictions and protect Google's ownership of its map content....

Why it matters: End users of developer applications are indirectly bound by Google's Maps Platform terms through the developer's required pass-through, extending Google's legal framework into consumer-facing applications without direct notice to consumers....

Google owns everything in the Maps Platform — all maps, data, technology, and content — and using the API gives you no ownership rights over any of it....

Why it matters: Users of the Maps APIs acquire only a limited, revocable license to use Google's content, with no proprietary rights that could survive termination of the agreement....

Google will not pay you for lost profits, lost data, business interruption, or similar losses even if their Maps Platform fails or causes you harm....

Why it matters: This clause means that if a Maps API outage or data error causes significant business losses for a developer, Google's financial liability is essentially zero for consequential damages — the developer bears the full commercial risk....

Any legal dispute about these terms must be resolved under California law in courts located in Santa Clara County — regardless of where you are based....

Why it matters: Non-California businesses and international developers are required to litigate in Santa Clara County, California, creating significant practical and financial barriers to pursuing legal claims against Google....

Google can immediately cut off your access to Google Maps APIs if it believes you've violated the terms or could harm Google or its users....

Why it matters: The subjective standard of 'reasonably believes' gives Google broad discretion to suspend access immediately without prior warning, which can devastate businesses that depend on Maps APIs....

Strava uses your health data — including heart rate, HRV, and other fitness metrics — to train and improve its AI and machine learning models....

Why it matters: Your sensitive health information is being used not just to provide you a service, but to build Strava's AI products, which raises significant privacy concerns about the secondary use of intimate personal data....

Strava uses your GPS activity data to generate the Global Heatmap, a publicly accessible map showing where people exercise, which is visible to anyone on the internet....

Why it matters: Even if your individual activities are set to private, your GPS data may still contribute to Strava's public heatmap, potentially revealing sensitive locations such as your home address, workplace, or private military installations....

Strava shares your personal information with advertising and analytics partners, which may constitute a 'sale' or 'sharing' of data under California and other US state privacy laws....

Why it matters: Your activity patterns, demographics, and usage data may be shared with external advertising networks to deliver targeted ads, which could expose your personal information to entities outside Strava's control....

To use core Strava features like activity tracking, routes, and segments, you must grant Strava permission to access your device's precise GPS location at all times....

Why it matters: Granting always-on precise location access means Strava continuously tracks your physical movements, which is among the most sensitive categories of personal data and can reveal your home, workplace, and daily routines....

Strava maintains a separate Consumer Health Data Policy for US users that governs how it handles sensitive health-related data like heart rate, sleep, and fitness metrics....

Why it matters: Several US states have enacted specific consumer health data laws (e.g., Washington My Health MY Data Act) that give users stronger rights over their health data, and this separate policy is intended to address those obligations....

Strava transfers your personal data internationally, including to the United States, using Standard Contractual Clauses and other mechanisms to comply with data protection laws....

Why it matters: If you live in the EU or UK, your personal data is transferred to countries with different privacy protections, and the legal mechanisms Strava uses to do this can affect your rights and remedies....

When you connect Strava to other apps or devices (like Garmin, Apple Health, or Peloton), Strava collects additional health data including sleep data, HRV, and VO2max, but states it will not sell this health data or use it for advertising....

Why it matters: Connecting third-party health devices expands the scope of sensitive data Strava holds about you, though the policy includes specific protections limiting how this health data can be used....

Strava's services are not intended for children under 13 (or a higher age depending on local law), and the policy describes how it handles data for users aged 13-17....

Why it matters: Parents and guardians should be aware that teenagers aged 13-17 may use Strava, and their data — including location and health information — is collected and processed under this policy....

Strava retains your personal data for as long as your account is active and for a period afterward, with specific retention periods varying by data type and applicable law....

Why it matters: Your data — including your GPS routes and health metrics — may be retained for significant periods even after you stop using the service or request deletion, depending on Strava's retention schedules....

Strava's Flyby feature and Beacon feature can share your live or recent location data with other users, allowing them to see where you were during an activity or where you are in real time....

Why it matters: These features can expose your precise real-time or recent location to other Strava users, including your home start/end point, which poses significant personal safety risks especially for vulnerable users....

Uber continuously collects your precise GPS location data while you are active on the platform, including during trips and deliveries, and may also collect location data when the app is running in the background....

Why it matters: Continuous location surveillance creates a detailed record of your movements that is shared with riders, other users, and third parties, raising significant privacy concerns....

Uber uses facial recognition technology to verify your identity as a driver or delivery person, collecting and processing biometric data including photographs and facial geometry....

Why it matters: Biometric data is among the most sensitive personal information and, unlike passwords, cannot be changed if compromised. Uber's collection and processing of this data creates significant and lasting privacy risks....

Uber uses automated systems to make decisions about your account, including whether you can continue using the platform, based on your behavior, ratings, and other data....

Why it matters: Automated decisions can result in account suspension or deactivation without human review, directly affecting your ability to earn income through the platform....

Uber may share your personal data with law enforcement, government agencies, or courts in response to legal requests, and may do so without notifying you in advance....

Why it matters: Your location history, communications, financial details, and other personal data can be handed to government authorities without you knowing it has happened....

Uber shares your personal information with third-party background check providers to screen you before and during your time on the platform, and these providers receive sensitive personal data including criminal history....

Why it matters: Background check data is highly sensitive and its collection and sharing with third parties is governed by the Fair Credit Reporting Act (FCRA), which gives you specific rights including the right to dispute inaccurate information....

Uber collects your financial account information including bank account details, tax identification numbers, and transaction history in order to process earnings payments....

Why it matters: Uber holds sensitive financial data including your bank account details, and how this data is protected, retained, and shared with payment processors is critical to your financial security....

Uber shares your personal and trip data with insurance companies that provide coverage during your trips, including location data, trip history, and incident information....

Why it matters: Data shared with insurers can affect your insurance premiums, coverage decisions, and claims outcomes, and you may have limited ability to control what information is provided....

Uber retains your personal data for a period of time after you stop using the platform or your account is deactivated, including for legal, regulatory, and business purposes....

Why it matters: Your personal data — including location history, financial details, and communications — does not disappear when you stop driving for Uber; it continues to be held and potentially accessible for an extended period....

Uber shares your data with marketing partners and uses it for advertising, analytics, and business intelligence purposes, including sharing data with advertising networks and analytics providers....

Why it matters: Your behavioral data from using the Uber platform may be used to profile you for advertising purposes and shared with third-party marketing companies, extending beyond what is necessary for providing the service....

As a global company, Uber may transfer your personal data across international borders, including to countries that may have different or lower levels of data protection than your home country....

Why it matters: When your data is transferred internationally, it may be subject to laws in other countries that provide fewer protections, including potential government access by foreign authorities....

If you have a dispute with Bumble, you must resolve it through private arbitration rather than going to court, and you cannot join a class action lawsuit with other users. You have 30 days after agreeing to these Terms to opt out....

Why it matters: This provision significantly limits your legal rights — you give up the ability to sue Bumble in court or participate in a class action, which is often the only practical way to hold a large company accountable for small harms....