Provisions Index

Target disclaims all express and implied warranties regarding its platform, content, and products to the fullest extent permitted by applicable law, including implied warranties of merchantability and fitness for a particular purpose....

Why it matters: This provision disclaims Target's liability for the accuracy, reliability, or suitability of content and services provided through its platform. The qualification 'to the fullest extent permitted by applicable law' acknowledges that some warranties may be non-waivable under certain jurisdictions' consumer protection frameworks....

View provision → Watch Target →

Target's services are not directed at children under 13, and the terms prohibit such users from registering or using the platform. Target states it will remove personal information collected from under-13 users discovered without parental consent....

Why it matters: This provision establishes Target's stated COPPA compliance posture, asserting that the platform does not knowingly collect data from children under 13 and will delete such data upon discovery. The operational effectiveness of this commitment depends on the age verification mechanisms Target has implemented....

View provision → Watch Target →

Target asserts ownership of all content on its digital services, including text, graphics, photographs, images, video, and audio, and states that all such content is protected by intellectual property laws including copyright, trademark, and trade dress....

Why it matters: This provision establishes Target's assertion of comprehensive intellectual property rights over its platform content and restricts user reproduction, distribution, or commercial use of that content without authorization. The provision applies to all visitors, including those who have not created accounts....

View provision → Watch Target →

Minnesota law governs the terms, and any disputes not resolved through arbitration must be litigated in state or federal courts in Hennepin County, Minnesota....

Why it matters: This provision establishes Minnesota as the governing legal jurisdiction and Hennepin County courts as the venue for non-arbitrated disputes, which may require users located in other states to litigate in Minnesota if they pursue court-based claims. Choice-of-law clauses may be subject to challenge where the selected law conflicts with the mandatory consumer protection rules of the user's home state....

View provision → Watch Target →

The notice states that AWS collects directly provided identifiers including name, address, phone number, email address, username, password, and payment information, as well as automatically collected data including IP addresses, browser type, operating system, referring URLs, and website interaction data via cookies and tracking technologies....

Why it matters: This provision establishes the scope of personal data collection applicable to all AWS website visitors and registered users, including both actively provided information and passively collected technical and behavioral data. The combination of directly provided identifiers with automatically collected browsing and device data creates a data profile that may be used for advertising and analytics purposes as described elsewhere in the notice....

View provision → Watch AWS →

The notice authorizes sharing of user data, including browsing activity and identifiers collected via cookies and web beacons, with named third-party advertising and analytics providers including Adobe, Google, and Marketo for the purpose of delivering targeted advertising....

Why it matters: This provision establishes a data sharing arrangement with identified third-party advertising and analytics partners that may involve transfer of personal data outside the direct AWS data controller relationship. Under GDPR, such arrangements require either data processing agreements or, where the third party acts as an independent controller, appropriate legal bases for the transfer. Under CCPA, this sharing may constitute a sale of personal information depending on the nature of the data exchanged and the relationship with each partner....

View provision → Watch AWS →

The notice states that personal information may be transferred to and processed in countries outside the user's country of residence, including countries with data protection standards that differ from those of the user's home jurisdiction....

Why it matters: This provision discloses that personal data may be transferred internationally without specifying the transfer mechanisms used to ensure adequate protection for EU or other regulated transfers. This language is relevant to GDPR Chapter V compliance and may require evaluation of whether Standard Contractual Clauses, adequacy decisions, or other safeguards are in place....

View provision → Watch AWS →

The notice authorizes disclosure of personal information to government authorities, law enforcement, and private parties when required by law or when AWS determines such disclosure is reasonably necessary to enforce its terms or protect its operations and users....

Why it matters: This provision establishes conditions under which personal data may be disclosed to government or law enforcement entities, including a discretionary determination by AWS that disclosure is reasonably necessary for operational or terms enforcement purposes. The discretionary element extends beyond mandatory legal compliance to include AWS-initiated disclosures, which may be relevant to enterprise customers evaluating data confidentiality....

View provision → Watch AWS →

The notice states that EU/EEA residents have GDPR rights including access, correction, deletion, objection, and restriction of processing, and that California residents have CCPA rights including the right to know, delete, and opt out of sale of personal information. Both sets of rights are exercisable by contacting aws-privacy@amazon.com....

Why it matters: This provision establishes the mechanism and contact point for exercising data subject rights for the two largest regulated user populations. The notice's acknowledgment of these rights is a compliance disclosure; the practical effectiveness of these rights depends on AWS's operational response processes, which are not described in detail in the notice....

View provision → Watch AWS →

The notice states that AWS deploys cookies, web beacons, pixel tags, and other tracking technologies on its websites to collect browsing behavior, preference, and interaction data, which may be used for targeted advertising and advertising effectiveness measurement....

Why it matters: This provision establishes that the AWS website engages in behavioral tracking for advertising purposes, including the use of pixel tags and web beacons in addition to cookies. This is operationally distinct from functional or analytical cookies and has specific consent implications under GDPR's ePrivacy requirements and CCPA's cross-context behavioral advertising provisions....

View provision → Watch AWS →

The notice states that personal information is retained for as long as necessary to fulfill the purposes described in the notice, to comply with legal obligations such as tax and accounting requirements, or as otherwise communicated to users. No specific retention periods are specified....

Why it matters: This provision establishes a purpose-based and legally required retention framework without specifying concrete retention periods for any category of personal data. The absence of defined retention timelines may complicate data subject deletion requests and may require evaluation under GDPR's storage limitation principle, which requires that data not be kept longer than necessary....

View provision → Watch AWS →

The notice authorizes sharing of personal information with Amazon.com, Inc. and its subsidiaries, as well as with unspecified business partners offering services in conjunction with or through the AWS website....

Why it matters: This provision establishes that personal data collected through the AWS website may be shared across the broader Amazon corporate group, including Amazon.com, Inc. and unnamed subsidiaries, as well as with third-party business partners whose identity and data use purposes are not specified. The scope of the affiliate sharing authorization and the absence of specific partner identification may be relevant to data flow mapping exercises....

View provision → Watch AWS →

The policy states that voice recordings submitted by users may be processed to train and improve ElevenLabs' AI models, subject to user account settings and applicable consent mechanisms....

Why it matters: This provision authorizes the use of user-submitted voice audio for AI model training, which creates obligations under GDPR lawful basis requirements and may trigger biometric consent statutes in Illinois, Texas, and Washington if voice recordings are characterized as biometric identifiers under those frameworks....

View provision → Watch ElevenLabs →

The policy authorizes disclosure of personal data including identifiers, usage data, and device information to advertising partners and analytics companies engaged to support platform operations....

Why it matters: This provision authorizes data flows to advertising and analytics third parties, which may trigger GDPR data processing agreement requirements, CCPA opt-out rights for sale or sharing of personal information, and disclosure obligations at the point of collection....

View provision → Watch ElevenLabs →

The policy states that personal data including user information may be transferred to a third-party acquirer in connection with a merger, acquisition, asset sale, or similar corporate transaction....

Why it matters: This provision authorizes the transfer of all collected personal data, including voice recordings and account information, to successor entities in corporate transactions without requiring separate user consent at the time of transfer, subject to applicable law....

View provision → Watch ElevenLabs →

The policy discloses that users in qualifying jurisdictions including EU, UK, and California may exercise rights to access, correct, delete, port, restrict, or object to processing of their personal data, and California users may opt out of sale or sharing, by contacting privacy@elevenlabs.io....

Why it matters: This provision establishes the mechanism through which data subjects exercise statutory rights under GDPR, UK GDPR, and CCPA/CPRA; the policy routes all such requests through a single email contact, and compliance teams should verify that response processes meet applicable statutory timeframes....

View provision → Watch ElevenLabs →

The policy states that personal data is processed and stored in the United States and may be transferred to other countries, and asserts that users consent to such transfers by using the platform....

Why it matters: This provision asserts consent-based authorization for cross-border data transfers, including from the EU and UK to the United States; under GDPR, consent alone is generally not a sufficient transfer mechanism and the policy does not specify reliance on Standard Contractual Clauses or other adequacy mechanisms, which may require further evaluation....

View provision → Watch ElevenLabs →

The policy authorizes ElevenLabs and its third-party partners to use cookies, web beacons, pixel tags, and similar technologies to collect browsing activity, device identifiers, IP address, and interaction data across the platform and third-party sites....

Why it matters: This provision authorizes cross-site tracking through third-party partners, which engages GDPR and ePrivacy Directive consent requirements for cookie placement in EU contexts and triggers CCPA/CPRA disclosure and opt-out obligations for sale or sharing of information derived from tracking....

View provision → Watch ElevenLabs →

The policy states that personal data is retained for as long as necessary to fulfill the stated purposes, without specifying fixed retention periods for specific data categories including voice recordings....

Why it matters: The absence of specific retention schedules for voice recordings and other data categories creates compliance exposure under GDPR's storage limitation principle and under state biometric statutes that require defined retention and destruction schedules....

View provision → Watch ElevenLabs →

The policy states that ElevenLabs does not knowingly collect personal data from users under age 13 and commits to deleting such data if discovered, consistent with COPPA requirements....

Why it matters: This provision establishes a COPPA-aligned age restriction and deletion commitment for under-13 user data, which is a standard compliance baseline; however, the policy does not describe age verification mechanisms, which may be relevant to enforcement context....

View provision → Watch ElevenLabs →

The policy prohibits advertisers from targeting LinkedIn members using sensitive data categories including health data, consumer health data, genetic data, biometric data, racial or ethnic origin, political affiliation, religious beliefs, sexual orientation, criminal record, trade union membership, and income. The prohibition applies to direct targeting on these attributes and extends to any categories defined as sensitive under applicable law....

Why it matters: This provision requires advertisers to audit any audience segments, custom audiences, or third-party data sets used in LinkedIn campaigns to confirm they do not incorporate these prohibited categories. Because the prohibition extends to categories as defined by applicable law, the operational scope may vary across jurisdictions, including GDPR special categories in the EU and state-level sensitive data definitions in the US....

View provision → Watch LinkedIn →

The policy prohibits all political advertising globally, including ads advocating for or against candidates, parties, ballot measures, laws, or regulations, as well as ads fundraising for political organizations or exploiting sensitive political issues. In Brazil and the EU, the prohibition is extended by reference to specific regional regulatory instruments....

Why it matters: This provision establishes a platform-wide ban on political advertising that applies to a broad range of content beyond explicit candidate or party promotion, including issue-based ads that exploit sensitive political topics regardless of whether the advertiser declares a political purpose. The EU extension by reference to Regulation 2024/900 incorporates a regulatory definition that may have different boundaries than LinkedIn's general prohibition....

View provision → Watch LinkedIn →

Prescription drugs, over-the-counter drugs, pharmacy services, and telehealth services require prior authorization from LinkedIn before ads can run, and are subject to geographic restrictions limiting them to the United States or jurisdictions where they are legal. All such ads are prohibited from targeting members under 18 years of age....

Why it matters: This provision establishes a pre-campaign approval dependency for healthcare and pharmaceutical advertisers that must be satisfied before any ads in these categories can be submitted or run. Geographic restrictions limit prescription drug and telehealth advertising to the United States or Canada, excluding these categories from other markets regardless of local legal permissibility....

View provision → Watch LinkedIn →

The policy requires that advertisers promoting financial services or products to UK audiences must be authorized by the UK Financial Conduct Authority. This requirement applies to the full scope of financial advertising categories described in the document, including lending, mortgages, credit, investments, insurance, and pensions....

Why it matters: This provision establishes a regulatory authorization prerequisite for any financial services advertiser seeking to reach UK audiences on LinkedIn, creating a pre-campaign eligibility requirement that is externally defined by the FCA rather than LinkedIn's internal review process alone....

View provision → Watch LinkedIn →

The policy prohibits all affiliate advertising on the LinkedIn platform and additionally requires LinkedIn's prior authorization for publishers seeking to include in-stream video ads within sponsored content....

Why it matters: This provision creates a categorical prohibition on affiliate advertising that affects performance marketers, affiliate networks, and publishers whose business model depends on commission-based advertising placements. The separate restriction on in-stream video ads within sponsored content establishes a distinct authorization requirement for publisher monetization arrangements....

View provision → Watch LinkedIn →

The policy requires advertisers to comply with applicable privacy and data protection laws and prohibits the use of persistent or respawning tracking cookies, including ever cookies and zombie cookies, to track users across sites without full disclosure and user consent....

Why it matters: This provision places the compliance burden for privacy and data protection obligations on the advertiser rather than LinkedIn, and specifically prohibits tracking technologies designed to persist despite user deletion attempts. The requirement for full disclosure and consent before cross-site tracking aligns with GDPR and CCPA consent mechanisms but the operational specifics depend on applicable law in each jurisdiction....

View provision → Watch LinkedIn →

All ads must pass through LinkedIn's review process before running, with a stated target review time of 24 hours. LinkedIn reserves the right to determine that a previously approved ad is no longer acceptable following policy updates or changes in LinkedIn's position....

Why it matters: This provision establishes that LinkedIn retains discretion to withdraw approval from previously accepted ads when policies are updated or LinkedIn's position changes, creating an ongoing compliance obligation for running campaigns rather than a one-time review requirement at submission....

View provision → Watch LinkedIn →

The policy prohibits ads that discriminate on the basis of age, gender, gender identity, disability, religion, ethnicity, race, color, national origin, or sexual orientation, and requires compliance with anti-discrimination laws applicable to education, housing, credit, and employment advertising....

Why it matters: This provision extends the non-discrimination obligation to the full scope of ad content and targeting, and specifically references the legally sensitive advertising categories of housing, credit, and employment, where anti-discrimination enforcement by regulatory authorities has been active across multiple jurisdictions....

View provision → Watch LinkedIn →

The policy prohibits fraudulent or deceptive advertising, including unsupported claims, inaccurate competitive comparisons, false affiliation or endorsement implications, and undisclosed partnerships. Any advertised price, discount, or offer must be easily accessible from the ad's destination link....

Why it matters: This provision requires advertisers to maintain substantiation for all ad claims and to disclose material partnerships, aligning with FTC guidance on advertising substantiation and endorsement disclosures. The requirement that advertised prices be easily discoverable from the ad link creates a specific landing page compliance obligation....

View provision → Watch LinkedIn →

The policy requires that any site linked from a LinkedIn ad that collects sensitive information must use HTTPS. Sensitive information is defined to include financial data, government identification, login credentials, information about minors or students, and the sensitive data categories defined elsewhere in the policy....

Why it matters: This provision establishes a technical security requirement for advertiser landing pages, extending LinkedIn's policy obligations to the external sites linked from ads. Compliance requires advertisers to audit landing page configurations before campaign submission....

View provision → Watch LinkedIn →

The notice states that Uber collects facial images and processes biometric data from drivers in applicable markets for identity verification during onboarding and ongoing real-time checks while using the platform....

Why it matters: This provision requires collection and processing of biometric identifiers, which are classified as special category data under GDPR Article 9 and sensitive personal information under CCPA/CPRA, and as biometric identifiers under Illinois BIPA and similar statutes, triggering heightened consent, retention, and security obligations in multiple jurisdictions....

View provision → Watch Uber →

The notice states that Uber collects precise GPS location data from drivers continuously while the app is in the foreground or background, covering the period from trip request through trip completion and a period afterward, and in some markets may collect location data between trips....

Why it matters: Continuous background location collection constitutes processing of precise geolocation data, classified as sensitive personal information under CPRA and subject to heightened protections under GDPR and multiple other frameworks; collection outside active trip periods extends the scope of surveillance beyond what may be operationally necessary for service delivery....

View provision → Watch Uber →

The notice states that Uber collects speed, acceleration, and braking data from drivers' devices during trips and uses this telematics data for safety assessments and incentive eligibility determinations....

Why it matters: This provision establishes that automated data collection about driving behavior is used to make determinations that affect drivers' platform standing and earnings eligibility, which may engage automated decision-making provisions under GDPR Article 22 and transparency requirements under CCPA/CPRA for profiling that produces significant effects....

View provision → Watch Uber →

The notice states that precise location data, trip information, and telematics data may be shared with insurance providers for coverage facilitation, claims processing, and telematics insurance products....

Why it matters: This provision authorizes sharing of sensitive location and behavioral data with insurance partners, which may affect insurance rating, claims outcomes, and coverage eligibility, and creates third-party data flows that require assessment under applicable data protection and insurance regulatory frameworks....

View provision → Watch Uber →

The notice states that Uber may disclose driver personal data to law enforcement and government authorities in response to legal process or regulatory requests, and may disclose data to protect rights and safety without specifying minimum legal process thresholds beyond 'legal obligation.'...

Why it matters: This provision authorizes disclosure of driver data including background check results, location history, communications, and financial data to government authorities, which is operationally significant for drivers in jurisdictions with active regulatory scrutiny of gig worker classification and for those operating in countries with broad government access powers....

View provision → Watch Uber →

The notice states that government-issued identification documents including driver's license information and national ID numbers are collected from drivers as a condition of account registration and regulatory compliance....

Why it matters: Government-issued identification numbers constitute sensitive personal information under CPRA and personal data subject to heightened protection under GDPR, and their collection and retention creates obligations regarding secure storage, access controls, and defined retention periods that should be documented in compliance programs....

View provision → Watch Uber →

The notice states that driver personal data may be transferred internationally including to the United States, and that EU/EEA transfers are covered by Standard Contractual Clauses or other approved mechanisms....

Why it matters: Cross-border data transfers of EU/EEA driver data to the US and other third countries require valid transfer mechanisms under GDPR Chapter V, and the adequacy and supplementary safeguards supporting SCCs must be documented and available for supervisory authority review, particularly given the volume and sensitivity of the data categories involved....

View provision → Watch Uber →

The notice states that drivers in applicable jurisdictions hold rights including access, correction, deletion, portability, objection, and restriction of processing, as well as opt-out rights for data sale or sharing and targeted advertising, with a non-discrimination commitment for exercising these rights....

Why it matters: This provision establishes the framework through which drivers can exercise data rights, and the non-discrimination commitment is a specific CCPA/CPRA requirement; the operational effectiveness of these rights depends on the adequacy of Uber's request handling procedures and response timelines, which are subject to regulatory audit....

View provision → Watch Uber →

The notice states that drivers' first name, photo, vehicle details, license plate number, average rating, and real-time GPS location are shared with riders and delivery recipients during service interactions....

Why it matters: This provision authorizes real-time location and identifying information to be made visible to members of the public (riders and recipients), which creates personal safety considerations for drivers and constitutes a distinct data sharing pathway from internal or business partner disclosures....

View provision → Watch Uber →

The notice states that Uber collects background check reports including criminal and driving records from third-party providers to assess and maintain driver eligibility, with ongoing periodic updates to this data....

Why it matters: The collection and use of background check data for platform eligibility decisions implicates the Fair Credit Reporting Act (FCRA) requirements for adverse action notices and permissible purpose, and the periodic update mechanism means drivers may be subject to ongoing screening throughout their engagement with the platform....

View provision → Watch Uber →

The Parental Insights tool delivers weekly reports to connected parents or guardians disclosing the teen user's total time spent on the platform and the top AI characters the teen has interacted with during that period....

Why it matters: This provision establishes a specific data disclosure mechanism in which teen usage data, including session duration and character interaction records, is transmitted to a third-party email address (the parent or guardian) on a weekly cadence. The data categories disclosed, time spent and top characters interacted with, may constitute personal information subject to applicable privacy and children's data protection frameworks....

View provision → Watch Character.AI →

The Parental Insights feature is activated by the teen user, not the parent, through the Preferences tab; the teen enters the parent or guardian's email and initiates the invitation....

Why it matters: This provision establishes that parental access to teen activity data is gated by the teen user's affirmative action rather than by a parent-initiated or platform-initiated consent mechanism. This design places control over parental oversight with the minor user, which may be relevant to regulatory assessments of whether the platform provides adequate parental oversight mechanisms for minor users....

View provision → Watch Character.AI →

A teen user can request removal of a connected parent or guardian's access by using the dropdown in the Parental Insights tab; the parent or guardian receives an email notification and must confirm approval of the removal request....

Why it matters: This provision establishes that a minor user can initiate disconnection of parental oversight access, subject to parent confirmation via email. The confirmation requirement means a parent receives notice before access is terminated, but the initiation of revocation remains with the teen, which may be relevant to regulatory and institutional assessments of the robustness of the parental oversight mechanism....

View provision → Watch Character.AI →

The Safety Center references a content moderation section and links to community guidelines, presenting these as mechanisms for maintaining platform safety, without disclosing specific moderation criteria, automated systems, human review processes, or enforcement thresholds on this page....

Why it matters: The Safety Center's reference to content moderation and community guidelines without disclosing operational detail means the document functions as a navigational disclosure rather than a substantive description of moderation practices. Compliance assessments of the platform's content governance framework would require review of the separately linked community guidelines and any associated policy documents....

View provision → Watch Character.AI →

The Safety Center includes a dedicated Teen Safety section, accessible via a linked page, presented as a commitment to protecting teen users on the platform, though the specific measures, restrictions, or technical safeguards applied to teen accounts are not described on this overview page....

Why it matters: The document's reference to a teen safety commitment without disclosing specific protective measures, age-based content restrictions, or account controls on this page means the Safety Center functions as a navigational index for teen safety information rather than a substantive policy disclosure. The operational significance of this commitment depends on the content of the linked teen safety page, which was not included in the submitted document....

View provision → Watch Character.AI →

The Safety Center identifies Reporting as one of four safety topic areas, with a dedicated linked page, indicating the existence of a user-facing reporting mechanism for safety concerns, though no detail about the reporting process, categories, response times, or escalation procedures is provided on this overview page....

Why it matters: The disclosure of a reporting mechanism is relevant to regulatory assessments of whether the platform provides accessible user complaint and redress procedures, as required or recommended under the FTC Act, COPPA, and platform accountability frameworks. The operational adequacy of the reporting system cannot be assessed from this overview page alone....

View provision → Watch Character.AI →

The policy states that TikTok may reject or remove any ad and suspend any advertiser account at its discretion, including for policy violations, without specifying a guaranteed timeline for review, reinstatement, or appeal....

Why it matters: This provision reserves broad platform enforcement authority over advertiser access, including account suspension, without defining procedural timelines or guaranteed appeal mechanisms. Advertisers whose business operations depend on continuous TikTok Ads access should note that platform enforcement actions may interrupt campaign delivery without advance notice....

View provision → Watch TikTok Ads →

The policy establishes a list of content categories that are categorically prohibited from advertising on the TikTok platform, including weapons, tobacco products, and adult content, with advertisers bearing responsibility for ensuring their creative materials comply....

Why it matters: This provision defines the outer boundary of advertiser eligibility on the TikTok platform. Advertisers whose primary products or services fall within prohibited categories are ineligible to run paid campaigns regardless of targeting, creative approach, or market....

View provision → Watch TikTok Ads →

The policy establishes a restricted category tier requiring advertisers to obtain advance written authorization from TikTok before running campaigns for products including alcohol, gambling, financial products, and political content....

Why it matters: This provision creates a pre-authorization workflow that conditions campaign launch eligibility for regulated industries on affirmative platform approval. Advertisers in financial services, healthcare, gambling, or alcohol categories cannot activate campaigns without completing this authorization process, directly affecting campaign planning timelines....

View provision → Watch TikTok Ads →

The policy prohibits advertisers from targeting users under 18 with age-restricted content categories and requires advertisers to implement appropriate audience targeting to prevent delivery of restricted content to minors....

Why it matters: This provision places affirmative compliance responsibility on advertisers to configure audience targeting to exclude minors from campaigns for age-restricted products. Failure to implement appropriate targeting parameters may constitute a policy violation triggering ad removal or account action....

View provision → Watch TikTok Ads →