Provisions Index

You agree to protect Coinbase from any legal claims, costs, or damages arising from your use of the platform, including legal fees, if your actions lead to Coinbase being sued or incurring expenses....

Why it matters: If your account activity causes Coinbase to face legal action or costs — even in circumstances where the law is unclear — you could be personally responsible for paying Coinbase's legal bills and any damages they suffer....

This agreement is governed by the laws of the State of California, and any disputes that do go to court must be filed in California courts....

Why it matters: If you live outside California and have a dispute that somehow reaches court, you would need to litigate in California — which can be costly and impractical for most consumers....

Every time you use your Visa card, Visa records details about that purchase — what you bought, where, when, and how much — and uses that information for its own analytics and products sold to banks....

Why it matters: This means your full spending history is collected and commercially analyzed by Visa at the network level, not just by your bank, and that data fuels revenue-generating products sold to third parties....

Visa shares your personal information — including your spending data — with banks, merchants, and other companies in the payment network, including to help those companies market products to you....

Why it matters: Your data flows to a wide ecosystem of financial and commercial entities beyond your own bank, and those entities may use it to target you with offers, which goes beyond what most consumers expect when swiping a card....

Visa turns your spending data into commercial analytics products and sells those products to banks and merchants to help them understand consumer trends and behavior....

Why it matters: Your personal financial behavior is the raw material for a revenue-generating analytics business that Visa operates — and this use of your data goes well beyond what is needed to process your payment....

If you live in California, you have the legal right to ask Visa what data it has on you, request that it be deleted, and opt out of Visa selling or sharing your data — and Visa cannot penalize you for exercising these rights....

Why it matters: California residents have more actionable privacy protections than most U.S. consumers, and this provision gives them real tools to limit how Visa uses their spending data commercially....

Visa may send your personal data to other countries, including the U.S., where privacy laws may provide less protection than in your home country — though Visa says it takes steps to protect the data during these transfers....

Why it matters: For EU and UK users especially, cross-border data transfers to the U.S. are a significant legal and practical risk, and 'steps to ensure adequate protection' is a vague commitment without specific mechanisms named....

Visa keeps your personal information for as long as it decides is necessary, without specifying exact timeframes — the retention period is open-ended and determined by Visa....

Why it matters: Indefinite or open-ended data retention means Visa could hold detailed records of your financial transactions for years, increasing the risk of data breaches and limiting your ability to have your data fully deleted....

Visa tracks your activity on its websites using cookies and similar tools, and uses that data to personalize content and serve targeted ads....

Why it matters: Cookie-based tracking on financial services websites captures behavioral data beyond transaction records and may be shared with advertising technology partners, expanding Visa's data collection footprint....

Visa's services are not intended for children under 13, and Visa says it will delete any data it discovers was collected from a child under 13....

Why it matters: While this is a standard COPPA compliance clause, it means there is no affirmative age verification mechanism in place — Visa relies on self-reporting, leaving a gap in protection for minors who may use Visa's website or services....

Visa uses security measures to protect your data but cannot guarantee it will never be breached — the policy acknowledges the inherent security limitations of digital storage and transmission....

Why it matters: Given the volume and sensitivity of financial transaction data Visa holds, a breach could expose millions of consumers' spending histories — and this disclaimer limits Visa's legal accountability for security failures....

Visa can change its privacy policy at any time, and for major changes may simply update the date on the policy page — you may not receive direct notification of changes that affect how your data is used....

Why it matters: Without guaranteed direct notification of material changes, consumers may be unaware that Visa has expanded its data collection or sharing practices, making it important to periodically review the policy independently....

Shopify can shut down your store at any time and for any reason, including immediately if it believes you violated the Acceptable Use Policy, with no requirement to warn you first....

Why it matters: If your store is suspended without warning, you could lose access to your product listings, customer data, and active orders — potentially halting your business and revenue overnight....

Shopify can raise its subscription or transaction fees at any time, and if you keep using the platform after 30 days, you are deemed to have accepted the new prices — even if you weren't actively watching for the notice....

Why it matters: Merchants on thin margins who miss a fee change notice could face unexpected cost increases with no recourse, since continued use of the platform constitutes automatic acceptance of the new rates....

When you upload product images, descriptions, or other content to your Shopify store, you give Shopify a permanent, worldwide, royalty-free license to use, copy, and modify that content to operate and improve its services....

Why it matters: Merchants who upload proprietary product content, brand assets, or customer-facing materials should understand that Shopify retains a broad license to use this content, potentially including for training AI models or improving platform features beyond simply displaying the merchant's store....

Merchants are fully responsible for everything that happens under their Shopify account, including actions taken by employees, contractors, or anyone else who has access — and for keeping their login credentials secure....

Why it matters: If an employee misuses your Shopify account or your credentials are compromised, Shopify bears no liability for the resulting harm — the entire risk falls on the merchant....

Shopify limits its financial liability to you — if Shopify's service fails and your business suffers lost sales, lost data, or reputational damage, Shopify is not responsible for those losses....

Why it matters: If a Shopify outage causes your store to go offline during a major sales event like Black Friday, or if a platform error corrupts your customer data, Shopify's terms disclaim liability for the resulting financial harm to your business....

All legal disputes with Shopify must be resolved under Canadian law in Ontario courts — even if you are a merchant based in the United States, Europe, or elsewhere....

Why it matters: If you have a serious dispute with Shopify, you would need to pursue legal action under Canadian law in Ontario courts, which may be impractical and costly for merchants based in other countries....

Merchants must follow all applicable laws and Shopify's Acceptable Use Policy, and any violation — even inadvertent — can result in immediate termination of the merchant's account and store access....

Why it matters: Because 'breach or violation of any of the Terms' triggers immediate termination, even a minor technical violation could result in a merchant losing access to their entire store without warning....

Shopify is not responsible for third-party apps and tools available in the Shopify App Store, and merchants use them entirely at their own risk — Shopify provides no warranties and accepts no liability for these third-party services....

Why it matters: Merchants who rely on third-party Shopify apps for critical business functions — such as inventory management, email marketing, or customer reviews — have no recourse against Shopify if those apps fail, expose customer data, or cause financial harm....

Merchants pay a monthly subscription fee in advance, and the fee is non-refundable — even if you cancel partway through the billing period. Additional transaction fees apply if you use Shopify Payments or third-party payment processors....

Why it matters: Because subscription fees are non-refundable, merchants who cancel their Shopify plan mid-month will not receive a prorated refund for the unused portion of their subscription period....

LinkedIn uses your personal data — including your profile, posts, and activity — to train its artificial intelligence and generative AI systems, such as writing suggestion tools....

Why it matters: This means your professional history, content, and behavior on LinkedIn may permanently contribute to AI systems, and the policy does not specify data minimization or anonymization standards applied before training....

LinkedIn shares your personal data with Microsoft Corporation and all of Microsoft's other subsidiaries and affiliates, meaning your professional data can flow across the broader Microsoft ecosystem....

Why it matters: Microsoft is one of the world's largest technology companies with hundreds of subsidiaries; sharing your LinkedIn data across this entire corporate family vastly expands who can access your professional identity, contacts, and activity....

LinkedIn creates inferences about your political views, beliefs, and other sensitive characteristics based on your profile and activity, even if you never directly provided this information....

Why it matters: Inferred sensitive attributes like political views are treated as special category data under GDPR and carry heightened legal protections, yet LinkedIn derives and stores these without requiring explicit consent for this specific purpose....

If LinkedIn changes its privacy policy and you keep using the service, LinkedIn treats that as your agreement to the new terms — even if you never actively clicked 'I agree'....

Why it matters: This provision uses passive behavior (not deleting your account) as a mechanism for obtaining consent to potentially significant new data uses, which may not meet the GDPR standard of freely given, specific, informed, and unambiguous consent....

LinkedIn receives information about you from outside sources, including data brokers, advertisers, your employer, and people in your network — meaning LinkedIn may know things about you that you never directly told them....

Why it matters: Data collected about you from third parties can be combined with your LinkedIn profile to build a more detailed picture of you than you have directly shared, and you may have limited visibility into what data has been received or from whom....

LinkedIn uses your profile data, browsing behavior, and inferences about your career seniority, industry, and interests to show you targeted ads, both on LinkedIn and on third-party websites....

Why it matters: LinkedIn's advertising targeting uses a combination of your stated profile data and inferred characteristics to create an advertising profile, which is shared with advertising partners both on and off the LinkedIn platform....

You have the right to ask LinkedIn to delete your data, correct inaccuracies, limit how your data is used, and receive a copy of everything LinkedIn holds about you....

Why it matters: These rights are legally enforceable under GDPR and CCPA/CPRA, but exercising them requires you to actively submit requests — and LinkedIn's timeline and scope of compliance will vary by jurisdiction....

LinkedIn collects data about the messages you send through the platform, as well as your clicks, searches, and browsing behavior even when you are not logged into your account....

Why it matters: The collection of messaging data and off-session browsing behavior means LinkedIn maintains a behavioral profile that extends beyond your active, logged-in use of the platform....

Stripe collects device information, IP addresses, and behavioral data about people who complete payments on any website powered by Stripe — even if those people never created a Stripe account....

Why it matters: Millions of people who have never signed up for Stripe may have their data collected and profiled simply by checking out on a merchant website, without realizing Stripe is involved....

Stripe creates fraud risk scores based on your device information and payment behavior, and these scores may be used to approve or decline your payments across multiple merchants....

Why it matters: A fraud risk score assigned by Stripe could result in your payment being declined at any merchant using Stripe, without your knowledge of how the score was generated or the ability to contest it....

Stripe shares your personal and payment data with a broad network of banks, card networks, payment processors, and other financial institutions involved in processing your transactions....

Why it matters: Your financial data, identity information, and behavioral signals are shared across a wide ecosystem of third parties, many of whom you have no direct relationship with and whose own privacy practices are not governed by this policy....

Stripe sometimes controls how your data is used (as a 'controller'), and sometimes processes it only on behalf of the merchant you bought from (as a 'processor') — and the rules that protect your data differ depending on which role applies....

Why it matters: When Stripe acts as a processor, your privacy rights are primarily directed at the merchant, not Stripe — which can make it harder for consumers to know who is responsible for their data and where to direct complaints....

Stripe transfers your personal data from Europe to the US and other countries using legal mechanisms like Standard Contractual Clauses and the EU-US Data Privacy Framework to comply with EU and UK data protection laws....

Why it matters: EU and UK users' data is transferred internationally and protected by contractual safeguards, but those safeguards have faced legal challenges and may be subject to US government surveillance laws....

Stripe provides rights to access, correct, delete, restrict, or port your personal data, and allows you to object to certain processing — accessible through Stripe's Privacy Center or by emailing privacy@stripe.com....

Why it matters: Knowing and exercising these rights is the primary mechanism consumers have to control how Stripe uses their data, including requesting deletion or objecting to profiling for fraud prevention purposes....

Stripe keeps your personal data for as long as it needs to — which can be many years — to meet legal requirements like anti-money laundering rules, even after you stop using Stripe services....

Why it matters: Even if you request deletion of your data, Stripe may retain it for extended periods to comply with financial regulations, meaning your right to erasure is limited in the financial services context....

Stripe may send you marketing emails about its products and services, but you can unsubscribe at any time using the link in the email or by contacting privacy@stripe.com....

Why it matters: Stripe uses your contact information collected during payment processing or account creation to send promotional messages, and you need to actively opt out rather than being opted out by default....

Stripe shares your personal data with its affiliated companies and with outside vendors who help run its services — including analytics companies, marketing firms, and fraud prevention services....

Why it matters: Your personal data flows to Stripe's corporate affiliates and numerous third-party vendors, each of which has its own data practices and security posture, creating a broad data exposure footprint....

Pinterest states that it may use your personal data, including your activity and content on the platform, to train and improve its artificial intelligence and machine learning models....

Why it matters: Your personal browsing habits, pins, and interactions could be used to train AI systems, which raises concerns about consent and the long-term use of your data beyond the original purpose....

Pinterest shares your personal data with advertisers and advertising partners to deliver targeted ads based on your behavior both on and off the Pinterest platform....

Why it matters: Your browsing history and activity — including on other websites — can be used to target you with ads, which many consumers find intrusive and are unaware is happening....

Pinterest transfers your personal data to the United States and other countries, which may have different data protection standards than your home country....

Why it matters: If you are located in the EU, UK, or other regions with strong privacy laws, your data may be sent to countries with weaker protections, which carries privacy risks....

Pinterest collects data about people who have never signed up for Pinterest, through cookies, pixels, and other tracking technologies embedded on third-party websites....

Why it matters: Even if you have never created a Pinterest account, the company may be building a profile about your online behavior using tracking tools placed on other websites....

Pinterest provides different privacy rights depending on where you live — EU/EEA/UK users have the most comprehensive rights under GDPR, while US users' rights vary by state, with California residents having the broadest US rights....

Why it matters: The rights you have over your personal data — including the ability to delete it, access it, or stop it being shared — depend heavily on where you live, meaning many users worldwide have significantly fewer protections....

Pinterest retains your personal data for as long as it considers necessary for business purposes, which may extend beyond the period you actively use the platform....

Why it matters: Your data may be kept by Pinterest for an indefinite or extended period even after you stop using the service, limiting your control over your personal information....

Pinterest states its service is not directed at children under the age of 13 (or a higher age in some regions), and that it does not knowingly collect personal data from children....

Why it matters: While Pinterest prohibits use by young children, the platform's age verification mechanisms are limited, meaning younger users may still access the service and have their data collected....

Pinterest shares your personal data with a range of third parties including advertisers, analytics companies, business partners, and service providers who may use it for their own purposes....

Why it matters: Once your data is shared with third parties, Pinterest's privacy policy no longer governs how those parties use your information, meaning you have less control over your personal data....

Pinterest uses cookies, pixels, and similar tracking technologies to collect data about your behavior on and off Pinterest, and to enable advertising and analytics functions....

Why it matters: Cookies and trackers allow Pinterest and its partners to monitor your online behavior extensively, including on websites that have nothing to do with Pinterest, building a detailed profile about you....

Pinterest infers information about your interests, preferences, and characteristics from your activity, which may include sensitive categories such as health interests, political views, or religious beliefs....

Why it matters: Pinterest can build detailed profiles about sensitive aspects of your life based on what you search, save, and click — even if you never explicitly share this information....

Microsoft may use content you generate and interactions you have with Copilot and other AI-powered services to improve and train its AI models....

Why it matters: Your conversations, prompts, and outputs in AI tools like Copilot may contribute to training future AI systems, raising questions about the privacy of sensitive information shared in those sessions....

Microsoft combines data collected across different products and services — such as Bing searches, Windows activity, and Xbox usage — to build a profile of your interests and serve you targeted advertisements....

Why it matters: Data from completely different parts of your digital life is merged to target you with ads, which means your activity in one Microsoft product can influence what you see in others, with limited transparency into how this profile is built....