Provisions Index

Section 7 governs the PlayStation Virtual Wallet, which holds funds used for purchases on the PlayStation Store. The terms applicable to deposits, withdrawals, and the use of wallet funds for digital content purchases are addressed in this section....

Why it matters: The Virtual Wallet provision governs the financial mechanism through which users fund PlayStation Store purchases, including the conditions under which wallet balances may be used, forfeited, or made inaccessible. The interaction of wallet terms with account suspension provisions is operationally significant for users with outstanding wallet balances at the time of suspension....

View provision → Watch Sony PlayStation →

Section 15 establishes the governing law and jurisdiction applicable to disputes under the agreement. For US users, California law and jurisdiction are standard for consumer agreements of this type, though the specific governing law and venue provisions are addressed in that section....

Why it matters: The governing law provision determines which state's substantive law applies to interpretation and enforcement of the agreement and which courts have jurisdiction over disputes that are not resolved through arbitration. This is operationally significant for non-California users whose local laws may differ materially....

View provision → Watch Sony PlayStation →

The Privacy SDK deployed on the Shein US privacy notice page is configured with GPC support enabled (enableGpcSdk: true), linking GPC settings to the Shein Privacy and Security Policy. This configuration indicates the platform is set up to recognize and process Global Privacy Control browser signals....

Why it matters: Under CPRA regulations effective January 2023, businesses subject to California privacy law are required to treat a valid GPC signal as a consumer's opt-out of sale and sharing of personal information. This provision documents that the Shein platform has technically configured GPC signal processing, which is an operationally significant compliance mechanism for California-based users....

View provision → Watch Shein →

The Shein US privacy notice page loads advertising and analytics tracking scripts from Taboola, Google Tag Manager (property DC-15299257), four distinct Snapchat pixel configurations, Outbrain, and Pinterest. These scripts are conditionally loaded based on the privacy consent SDK state, as indicated by the data-sheinprivacytype attribute pattern on each script tag....

Why it matters: The deployment of seven or more advertising and analytics tracking integrations on the privacy notice page engages CCPA and CPRA definitions of sale and sharing of personal information with third parties. The data-sheinprivacytype attribute on each script tag indicates these integrations are subject to the consent management SDK, which is operationally significant for compliance with opt-out of sale and sharing obligations....

View provision → Watch Shein →

The Privacy SDK is configured with a consent agreement timeout of 365 days (1000 * 60 * 60 * 24 * 365 milliseconds), meaning recorded consent preferences are retained and applied for up to one year before the consent mechanism is re-triggered. Cookie clearing is enabled (enableClearCookie: true) while storage clearing is disabled (enableClearStorage: false)....

Why it matters: The 365-day consent timeout determines how long previously recorded consent states govern advertising and analytics tracking activity without requiring renewed user interaction. This configuration parameter has compliance significance in jurisdictions that impose requirements on the duration or renewal frequency of consent records....

View provision → Watch Shein →

The Privacy SDK is configured to intercept document cookie operations (disableInterceptDocumentCookie: false), enable cookie clearing upon consent events (enableClearCookie: true), but disable local storage clearing (enableClearStorage: false) and disable storage list interception (enableInterceptStorageList: false). The cookie clearing API endpoint is configured at /bff-api/user-api/cookie_banner/remove_cookies....

Why it matters: This provision establishes the technical scope of the consent management layer governing which storage mechanisms are subject to clearing and interception upon consent withdrawal or modification. The decision to intercept document cookies but not localStorage has operational implications for how thoroughly user identifiers are removed upon opt-out or consent changes....

View provision → Watch Shein →

The platform deploys a proprietary one-shot identifier system (GLOBAL_SN_OEST) that generates and manages a UUID-based user identifier stored in both cookies and localStorage, with a configured expiry of 400 days. The identifier is synchronized with server-side records via a POST request to /bff-api/user-api/init_info/update_oneshot and is encoded using base64 with timestamp embedding....

Why it matters: The OEST system establishes a persistent cross-session user identifier stored in both cookies and localStorage with a 400-day expiry, which is operationally relevant to how user identity is maintained across sessions and to the completeness of any data deletion or opt-out request, as the identifier persists in localStorage even when cookies are cleared....

View provision → Watch Shein →

The agreement requires US-based advertisers to resolve disputes with LinkedIn through binding individual arbitration rather than court proceedings, and includes a waiver of class action participation. The full terms of the arbitration clause are contained in Section 11 of the agreement....

Why it matters: This provision requires US-based advertisers to resolve disputes with LinkedIn through individual arbitration rather than litigation, and precludes participation in class actions. The clause is prominently disclosed in the agreement preamble and governs the dispute resolution mechanism available to a significant portion of LinkedIn's advertiser base....

View provision → Watch LinkedIn →

All fees paid to LinkedIn for ad services are non-refundable, and advertisers must submit written fee disputes within 90 days of the disputed activity or permanently waive the right to dispute. If LinkedIn agrees to adjust disputed fees, the remedy is a non-transferable ad services credit at LinkedIn's sole discretion, not a monetary refund....

Why it matters: This provision establishes that LinkedIn's tracking mechanisms are the sole basis for fee calculation, that all payments are non-refundable, and that the only available remedy for disputed fees is an ad services credit issued at LinkedIn's discretion. The 90-day written dispute deadline, combined with the credit-only remedy, creates specific billing compliance obligations for advertisers managing campaign spend across multiple periods....

View provision → Watch LinkedIn →

The agreement states that LinkedIn is not liable for fees charged as a result of bot activity, click fraud, fraudulent leads, or other invalid activity, and has no obligation to notify advertisers when such activity occurs. The sole remedy for fees affected by invalid activity or technological issues is a claim for non-transferable ad services credit submitted within 90 days....

Why it matters: This provision establishes that advertisers bear the financial risk of fees generated by invalid activity and that LinkedIn's liability for technological issues is limited to issuing ad credits at its discretion. The provision also confirms that LinkedIn has no contractual obligation to proactively notify advertisers of detected invalid activity....

View provision → Watch LinkedIn →

Advertisers are required to indemnify LinkedIn against all third-party claims, damages, losses, and legal costs arising from their ads, landing page destinations, advertised products or services, use of the ad services, or breach of the agreement, even where LinkedIn has reviewed or approved the ad....

Why it matters: This provision establishes a unilateral indemnification obligation on advertisers covering all third-party claims related to ad content and destinations, irrespective of LinkedIn's review or approval of the ad. Agencies accepting the agreement on behalf of advertiser clients should assess whether this indemnification obligation is consistent with their underlying agency agreements....

View provision → Watch LinkedIn →

Advertisers grant LinkedIn a worldwide, royalty-free, sublicensable, and transferable license to use, copy, modify, distribute, and publish ad content for testing, compliance, service improvement, and LinkedIn's own marketing purposes. LinkedIn may retain and publicly display ads and associated targeting and performance data after a campaign concludes or the agreement terminates....

Why it matters: This provision authorizes LinkedIn to use advertiser ad content for LinkedIn's own marketing and promotional purposes and to retain and display that content along with targeting parameters and audience size data after the campaign or agreement ends. The sublicensable and transferable nature of the license means LinkedIn may authorize third parties to use this content....

View provision → Watch LinkedIn →

Advertisers are prohibited from targeting ads based on sensitive data and from transferring to LinkedIn any data collected from children under 16 or constituting sensitive data, including through installation of the LinkedIn Insight Tag on pages collecting medical or financial information. Re-identification of anonymized ad services data without explicit individual opt-in consent is also prohibited....

Why it matters: This provision establishes specific restrictions on data transferred to LinkedIn through the Insight Tag and ad targeting systems, including a categorical prohibition on sensitive data targeting and child data transfers. LinkedIn reserves the right to check advertiser compliance with these restrictions from time to time....

View provision → Watch LinkedIn →

LinkedIn retains the right to reject, remove, or not deliver any ad at any time for any reason, and may discontinue, modify, or terminate the Ad Services or an advertiser's access at its sole discretion, including for credit approval reasons. LinkedIn also reserves the right to compete in its own ad auctions....

Why it matters: This provision establishes that LinkedIn has unilateral authority to reject ads, suspend advertiser access, and modify or discontinue the Ad Services without stated advance notice, and that LinkedIn may participate as a competing bidder in its own auction system. Advertisers should assess the operational dependency this creates for campaigns relying on LinkedIn as a primary or exclusive advertising channel....

View provision → Watch LinkedIn →

The agreement caps each party's total liability to the other at five times the total fees paid or payable in the one-month period preceding the liability-triggering event, or USD $100.00, whichever is greater. Neither party is liable for lost profits, lost business opportunities, data loss, or indirect, incidental, consequential, special, or punitive damages....

Why it matters: This provision establishes a mutual damages cap that, in practice, may result in very low absolute liability limits for advertisers with modest monthly ad spend. The carve-outs for payment, confidentiality, indemnification, fraud, gross negligence, intentional misconduct, personal injury, and IP violations are noted in Section 8 of the agreement....

View provision → Watch LinkedIn →

The agreement incorporates LinkedIn's Data Processing Agreement and Standard Contractual Clauses for any processing of EU personal data under the agreement, and LinkedIn commits to updating the Standard Clauses as required by EU law. The incorporated DPA governs the controller and processor relationship between advertisers and LinkedIn for personal data processed through the Ad Services....

Why it matters: This provision establishes the contractual framework for GDPR-compliant personal data transfers and processing through the LinkedIn Ad Services, incorporating the DPA and Standard Contractual Clauses by reference. The provision also states that LinkedIn will update the Standard Clauses as required by EU law, which is relevant for ongoing compliance with post-Schrems II transfer requirements....

View provision → Watch LinkedIn →

For agencies approved for monthly invoicing, payment liability to LinkedIn is conditioned on the agency having received payment from the advertiser client, a structure the agreement terms Sequential Liability. If the agency cannot confirm its authorized relationship with the advertiser or if applicable law prohibits Sequential Liability, the agency becomes directly liable for all ad service orders....

Why it matters: This provision establishes a conditional payment liability structure for agencies that is available only to those approved for monthly invoicing. The agency's ability to rely on Sequential Liability depends on maintaining documented confirmation of its authorized relationship with the advertiser and the absence of applicable laws prohibiting this structure....

View provision → Watch LinkedIn →

The agreement requires that disputes between customers and W&B be resolved through individual binding arbitration administered by JAMS rather than through court litigation, and prohibits class or representative proceedings. Customers who wish to opt out may do so by providing written notice within 30 days of first accepting the agreement....

Why it matters: This provision requires disputes to proceed through individual JAMS arbitration rather than court, and the class action waiver means customers cannot bring or join class proceedings against W&B. The 30-day opt-out window creates a time-sensitive procedural step for customers who wish to preserve litigation rights....

View provision → Watch Weights & Biases →

The agreement caps each party's total liability for claims arising under the agreement at the fees paid by the customer in the 12 months preceding the incident, and excludes lost profits, data loss, business interruption, and indirect or consequential damages from recoverable losses....

Why it matters: This provision establishes a financial ceiling on W&B's liability tied to trailing 12-month fees, which for organizations paying monthly or on lower-tier plans may represent a materially limited recovery amount relative to potential losses from service disruptions or data incidents involving model artifacts or experiment data....

View provision → Watch Weights & Biases →

The agreement grants W&B a license to use, copy, store, transmit, modify, and display customer-submitted data, including model artifacts, experiment logs, and datasets, for the purpose of delivering the platform services. The license is stated as limited to service delivery and W&B states it will not use customer data for other purposes or share it with third parties except as required to provide the services or by law....

Why it matters: This provision establishes the contractual basis on which W&B processes customer-submitted AI development data, including potentially proprietary model weights and training datasets. The scope of the license, particularly the inclusion of modification rights, and the carve-out for third-party sharing necessary to provide the services may warrant review by customers concerned with IP protection or data confidentiality....

View provision → Watch Weights & Biases →

The agreement authorizes W&B to collect usage statistics, performance data, and aggregated or anonymized data derived from customer data to operate and improve the services, and to use aggregated and anonymized data for broader business purposes including publication and benchmarking....

Why it matters: This provision authorizes W&B to derive and use aggregated and anonymized data from customer interactions and submitted data for business purposes including publication, which may be relevant for customers concerned about competitive exposure through aggregate benchmarking disclosures or inference from usage patterns....

View provision → Watch Weights & Biases →

The agreement establishes mutual confidentiality obligations requiring each party to protect the other's confidential information with at least reasonable care, use it only for purposes of performing under the agreement, and not disclose it to third parties without written consent....

Why it matters: This provision establishes a mutual confidentiality framework covering information exchanged between W&B and its customers, including customer-submitted technical configurations, model architectures, and business information. The reasonable care standard and the mutual structure are consistent with standard commercial SaaS practice....

View provision → Watch Weights & Biases →

The agreement establishes mutual indemnification obligations in which W&B agrees to defend and indemnify customers against third-party IP claims arising from the services, while customers agree to defend and indemnify W&B against third-party IP claims arising from customer data or customer misuse of the services....

Why it matters: This provision allocates IP infringement risk between the parties, with W&B accepting liability for IP claims arising from the platform itself and customers accepting liability for claims arising from their submitted data or use of the services outside the agreement terms. The customer indemnity obligation for customer data IP claims is operationally significant for organizations submitting third-party or licensed data to the platform....

View provision → Watch Weights & Biases →

The agreement permits either party to terminate for material breach with a 30-day cure period, and specifies that upon termination, customer access to the platform ends immediately and customer data is available for export for 30 days before W&B may delete it....

Why it matters: This provision establishes a 30-day post-termination data export window, after which W&B may delete customer data including model artifacts, experiment logs, and other platform-stored content. Organizations should plan data export procedures in advance of any termination event to avoid data loss....

View provision → Watch Weights & Biases →

The agreement prohibits customers from reselling or sublicensing the platform, reverse engineering it, building competitive products using it, submitting unlawful content, violating third-party privacy rights through the platform, transmitting malicious code, or attempting unauthorized access....

Why it matters: This provision establishes the contractual boundaries for permitted platform use and identifies conduct that may result in termination or liability. The prohibition on building competitive products using the services is operationally relevant for organizations that may develop AI tooling adjacent to W&B's platform capabilities....

View provision → Watch Weights & Biases →

The agreement designates California law as governing and San Francisco County courts as the exclusive venue for disputes not subject to arbitration, without regard to conflict of laws rules....

Why it matters: This provision establishes California law as the governing framework for interpreting the agreement and designates San Francisco County as the exclusive venue for any non-arbitrated proceedings, which may create logistical and cost considerations for customers located outside California....

View provision → Watch Weights & Biases →

Customers accessing third-party foundation models through Bedrock are required to comply with each model provider's separately published acceptable use policies, which are incorporated by reference into the AWS Service Terms. These policies are maintained by providers including Anthropic, Meta, and Cohere and may be updated independently....

Why it matters: This provision creates a dynamic compliance obligation that extends beyond the AWS agreement itself; customers must monitor and comply with third-party model provider policies that can be updated outside the AWS contract review cycle. Compliance teams must maintain awareness of each model provider's current terms for all models accessed in production deployments....

View provision → Watch AWS Bedrock →

The terms state that customer prompts submitted to and outputs generated by Amazon Bedrock are not used to train the underlying foundation models made available through the service. This applies to both first-party Amazon models and third-party models accessed through Bedrock....

Why it matters: This provision addresses a material concern for enterprise customers deploying proprietary data in AI workflows; the agreement states that customer content processed through Bedrock does not contribute to foundation model training, which is operationally significant for customers with confidentiality obligations around their data....

View provision → Watch AWS Bedrock →

The terms place full legal responsibility on the customer for all use of Amazon Bedrock and for the content generated by models accessed through the service, including compliance with applicable law and the AWS Acceptable Use Policy. AWS does not assume responsibility for the lawfulness of customer-directed AI outputs....

Why it matters: This provision establishes that customers bear the legal compliance burden for AI-generated content and outputs, which is operationally significant for organizations deploying Bedrock in content generation, automated decision-making, or consumer-facing applications where output accuracy, bias, or legality may be contested....

View provision → Watch AWS Bedrock →

The terms prohibit customers from attempting to disable, bypass, or otherwise circumvent safety filters and content moderation mechanisms built into Amazon Bedrock or the foundation models accessible through the service. Violations of this restriction may constitute a breach of the Service Terms....

Why it matters: This provision establishes an enforceable restriction on prompt engineering or technical approaches designed to override model guardrails, which is operationally significant for red-teaming, security research, and adversarial testing use cases that may require evaluation of model safety boundaries....

View provision → Watch AWS Bedrock →

The terms authorize AWS to process customer inputs and outputs for the purposes of providing and maintaining Bedrock services, and additionally to use this content to improve Bedrock and its features unless the customer has exercised the available opt-out through account settings or documentation-specified instructions....

Why it matters: This provision establishes that service improvement use of customer content is the default state unless an opt-out is actively exercised; customers who do not take affirmative action to opt out operate under terms that permit use of their inputs and outputs for feature improvement purposes....

View provision → Watch AWS Bedrock →

The terms prohibit use of Bedrock to generate content that infringes third-party intellectual property rights and place responsibility on customers for ensuring generated content complies with intellectual property law. AWS does not warrant that model outputs are free of intellectual property issues....

Why it matters: This provision allocates intellectual property compliance risk entirely to the customer for all content generated through Bedrock, including potential copyright infringement claims arising from model outputs, which is operationally significant for organizations using Bedrock in commercial content generation workflows....

View provision → Watch AWS Bedrock →

The terms reserve AWS's right to suspend or terminate customer access to Amazon Bedrock upon AWS's determination that the customer has violated the Service Terms, the AWS Acceptable Use Policy, or any incorporated third-party model provider terms. This determination is made by AWS....

Why it matters: This provision establishes that access to Bedrock, including production AI infrastructure that customers may rely on for live applications, can be suspended by AWS upon a unilateral determination of policy violation, creating operational continuity risk for businesses that have deployed Bedrock in customer-facing services....

View provision → Watch AWS Bedrock →

The terms state that fine-tuning datasets and custom models created by customers using Bedrock's fine-tuning capabilities remain customer content and are not used by AWS to train models made available to other customers. AWS treats these assets as customer content subject to the standard AWS Customer Agreement content provisions....

Why it matters: This provision establishes data isolation protections for customers who invest in fine-tuning foundation models with proprietary datasets through Bedrock; it is operationally significant for organizations that use proprietary training data that may constitute trade secrets or competitively sensitive information....

View provision → Watch AWS Bedrock →

The policy prohibits using ElevenLabs tools to replicate the voice of a real, identifiable person without that person's consent, and prohibits generating audio that places false statements in a real person's voice....

Why it matters: This provision establishes a consent requirement for voice cloning that interacts directly with biometric privacy statutes in multiple US states and with GDPR consent and data processing obligations in the EU; enterprise users building products on top of the ElevenLabs API must assess whether their own consent collection mechanisms satisfy both ElevenLabs' policy requirements and applicable law....

View provision → Watch ElevenLabs →

The policy prohibits generating AI voice content intended to deceive voters or misrepresent candidates, officials, or electoral processes, addressing synthetic media use in political contexts....

Why it matters: This provision directly engages an active legislative landscape of state-level synthetic media election laws, including statutes in California, Texas, Minnesota, and other jurisdictions that impose disclosure requirements or outright prohibitions on AI-generated political content; compliance obligations vary materially by state and by proximity to an election cycle....

View provision → Watch ElevenLabs →

ElevenLabs reserves the right to suspend or terminate user accounts without prior notice based on its determination that conduct violates the terms or is otherwise harmful, including at its sole discretion....

Why it matters: This provision establishes unilateral enforcement authority over account access, which for enterprise API customers and developers represents potential disruption to operational infrastructure and downstream services that depend on continued platform access; the absence of a specified notice or cure period creates operational continuity risk for business users....

View provision → Watch ElevenLabs →

The policy places full legal compliance responsibility on users for any content generated through the platform, including compliance with intellectual property, privacy, defamation, and consumer protection laws in their applicable jurisdiction....

Why it matters: This provision allocates downstream legal liability to users rather than ElevenLabs for content generated using its tools, which has significant implications for enterprise API customers who may face exposure under laws governing synthetic media disclosure, biometric privacy, copyright, and defamation in jurisdictions where they operate or distribute content....

View provision → Watch ElevenLabs →

The policy categorically prohibits using ElevenLabs tools to generate any voice content that sexually exploits minors or constitutes or resembles child sexual abuse material....

Why it matters: This provision reflects categorical legal prohibitions under federal and state law; its inclusion as an explicit acceptable use restriction establishes a compliance baseline but does not change underlying legal obligations, which apply regardless of platform policy....

View provision → Watch ElevenLabs →

The policy prohibits using ElevenLabs to impersonate individuals or entities, generate content for fraudulent purposes, or use synthetic voice to circumvent identity verification systems....

Why it matters: This provision directly addresses voice-based fraud scenarios including vishing, synthetic identity fraud, and circumvention of voice-based authentication systems, all of which are active enforcement priorities for the FTC and state attorneys general and are subject to federal wire fraud statutes....

View provision → Watch ElevenLabs →

The policy prohibits generating voice content that constitutes threats, harassment, incitement to violence, or hate speech targeting individuals or groups based on protected characteristics....

Why it matters: This provision establishes content moderation standards that intersect with platform liability frameworks under Section 230 of the Communications Decency Act and, for EU-based operations, the Digital Services Act's requirements for illegal content removal; enterprise customers distributing AI-generated content through their own platforms must assess their own independent obligations under these frameworks....

View provision → Watch ElevenLabs →

The policy prohibits using ElevenLabs as a component of coordinated disinformation operations, influence campaigns, or automated systems generating synthetic content at scale to manipulate public opinion....

Why it matters: This provision addresses the use of AI voice generation infrastructure in information operations, which engages both domestic and foreign election interference statutes and is an active focus of FTC and DOJ enforcement attention; enterprise users with high-volume API usage should assess whether their use cases could be characterized as coordinated synthetic content generation at scale....

View provision → Watch ElevenLabs →

The policy establishes a three-tier advertising structure: users under 13 receive no personalized advertising; users aged 13-17 may receive some additional features but not personalized ads; personalized advertising is not enabled until age 18....

Why it matters: This provision establishes age-gated advertising eligibility thresholds that govern how the platform serves advertisements across its user base, creating distinct operational obligations for ad delivery systems and age verification processes. The provision's restriction of personalized advertising to users 18 and older sets a higher threshold than COPPA's 13-year floor and interacts with both COPPA and emerging state children's digital privacy laws....

View provision → Watch Roblox →

The policy states that Roblox may collect facial images, including selfies, to estimate user age, and that such images are deleted once the age assurance process is complete. A separate Roblox Facial Media Capture Policy governs additional details of this practice....

Why it matters: This provision authorizes collection of facial images for age estimation purposes, which may trigger obligations under state biometric privacy statutes including Illinois BIPA and Texas CUBI, depending on whether facial geometry data is derived from the images during processing. The stated deletion upon process completion is relevant to retention obligations under those frameworks, but does not necessarily resolve all consent or notice requirements....

View provision → Watch Roblox →

The April 30, 2026 update adds language to the policy describing Roblox's practices for sharing user information with law enforcement and government authorities. The specific scope and conditions of this sharing are described in the updated policy body....

Why it matters: This provision discloses that Roblox shares user information with law enforcement and government authorities, a practice with significant implications for user privacy and for compliance with legal process obligations under applicable law. The provision is newly added as of the April 2026 effective date....

View provision → Watch Roblox →

The policy states that Roblox will not collect additional personal information from users under 13 beyond what is required for account setup and protection, and will delete any excess personal information received, cancel the account, or apply age-appropriate protections....

Why it matters: This provision operationalizes COPPA's data minimization requirement for child users and establishes three specific remedial actions Roblox states it will take upon receiving excess personal information from under-13 users. The provision also reflects the policy's stated commitment to filtering public communications from child users to remove personal information....

View provision → Watch Roblox →

The policy states that Roblox collects IP addresses and unique device identifiers from users including those under 13, and uses these persistent identifiers for six specified internal operations including contextual advertising and content personalization. The policy states that technical and contractual measures are implemented to prevent use of persistent identifiers beyond these stated purposes....

Why it matters: This provision authorizes collection of IP addresses and device identifiers from child users under the COPPA internal operations exception, which permits such collection without verifiable parental consent when limited to the specified purposes. The inclusion of contextual advertising within the permitted internal operations is a notable disclosure, as COPPA's internal operations exception does not permit behavioral advertising to children....

View provision → Watch Roblox →

The policy states that Roblox limits data retention to what is reasonably necessary for specified purposes and employs access controls, purpose-based tagging, employee training, and data segregation to manage data. Persistent identifiers may be retained for safety and security purposes for up to two years following account deletion....

Why it matters: This provision establishes a stated retention framework and specifies a two-year post-deletion retention window for persistent identifiers for safety and security purposes. The two-year post-deletion retention period is an operationally significant disclosure for users who delete their accounts, as identifiers including IP addresses and device identifiers may continue to be processed during that period....

View provision → Watch Roblox →

The policy is titled the Roblox Privacy and Cookie Policy and addresses cookie and tracking technology practices as part of the overall data collection framework. The document references a separate cookie policy framework applicable to Roblox's websites and services....

Why it matters: The policy's combined privacy and cookie governance structure means that cookie consent mechanisms, opt-out rights, and tracking technology disclosures are addressed within a single document, which has operational implications for compliance with GDPR's ePrivacy Directive requirements and US state opt-out rights for targeted advertising using cookies and similar technologies....

View provision → Watch Roblox →

The policy appoints Article 27 EU and UK GDPR representatives and an Article 37 DPO for EU users, and provides separate contact details for EEA, UK, Switzerland, Brazil, Korea, and US state privacy requests. Region-specific addenda govern additional rights for users in those jurisdictions....

Why it matters: The appointment of Article 27 representatives and an Article 37 DPO reflects compliance with GDPR requirements for non-EU controllers processing EU personal data. The policy's multi-jurisdictional structure, including separate addenda for US states, Brazil, and Korea, creates a layered compliance framework where the addenda govern over the main policy in case of conflict....

View provision → Watch Roblox →