Provisions Index

This privacy notice explicitly covers only data collected on Twilio's website and does not apply to data processed through Twilio's API products — meaning the communications data of end-users of Twilio-powered apps is governed by separate contracts, not this notice....

Why it matters: Consumers who receive SMS messages or calls routed through Twilio's platform may not realize their communications data is not protected by this policy, creating a transparency gap about how their personal data is handled in Twilio's core business....

Twilio transfers personal data collected on its website to servers and vendors located in the United States and other countries, using Standard Contractual Clauses or other legal mechanisms to legitimize transfers from the EU and UK....

Why it matters: If you are in the EU or UK, your personal data is transferred to the US where data protection laws differ significantly from GDPR, and you should be aware of the transfer mechanisms Twilio uses to protect your data....

Twilio uses TrustArc's consent management platform to obtain and record your preferences for cookies, including advertising and analytics cookies, and you can change your preferences at any time using the consent tool on the site....

Why it matters: Your ability to control whether Twilio and its advertising partners track your browsing behavior depends entirely on whether the TrustArc consent tool is properly configured and honors your choices, including signals from privacy tools like the Global Privacy Control....

Twilio states that individuals in the EU, UK, and California have rights to access, delete, correct, and port their personal data, and can submit requests through Twilio's privacy portal or by contacting privacy@twilio.com....

Why it matters: Knowing how to exercise your data rights is essential if you want to find out what information Twilio has about you or have it deleted — and the process needs to be straightforward and timely to be meaningful....

Twilio uses Segment, its own customer data platform subsidiary, to collect and analyze behavioral data from visitors to twilio.com, creating a direct pipeline between website visitor data and Twilio's broader marketing and customer data infrastructure....

Why it matters: Unlike using a fully independent third-party analytics tool, Twilio's use of its own Segment platform means your website browsing data can be integrated with other data Twilio holds about you as a customer or prospect, enabling more extensive profiling than typical analytics cookies....

Twilio retains personal data collected on its website for as long as necessary to fulfill the purposes described in the notice, or as required by law, without specifying fixed retention periods for most data categories....

Why it matters: Without specific retention periods disclosed for each data category, you cannot know how long Twilio keeps your browsing behavior, contact information, or marketing interaction data, making it harder to exercise your right to erasure effectively....

Square collects personal and transactional data from consumers who pay at businesses using Square's payment systems, even if those consumers have never created a Square account or directly agreed to Square's terms....

Why it matters: This means your name, payment card details, and purchase history can end up in Square's systems simply by swiping your card at a café or retail store that uses Square — without your direct knowledge or consent....

Square may use data collected across its various products — including payment processing, Cash App, and other financial tools — to build consumer profiles and deliver targeted marketing and product recommendations....

Why it matters: Your transaction history, account activity, and behavioral data across Square's ecosystem can be combined and used for profiling purposes, which goes beyond what most consumers expect when they simply use a payment terminal....

Square collects government-issued identification documents and, in some cases, biometric data as part of identity verification processes for account opening and financial compliance purposes....

Why it matters: Providing a government ID or biometric data to Square creates a sensitive data record that is subject to strict legal protections, and any breach or misuse of this data carries significant identity theft risk....

Square shares personal and financial data with banks, card networks (such as Visa and Mastercard), and other financial institution partners in order to process transactions and comply with financial regulations....

Why it matters: Your financial transaction data flows to multiple third-party financial institutions and payment networks as part of normal processing — this sharing is largely non-optional if you use Square-powered payment services....

California residents have the right to know what personal data Square collects, request deletion or correction of their data, opt out of the sale or sharing of their personal information, and not be discriminated against for exercising these rights....

Why it matters: These rights give California consumers meaningful control over their personal data held by Square, including the ability to stop Square from sharing their information with third parties for targeted advertising or other purposes....

Square retains personal and financial data for as long as necessary to provide its services, comply with legal obligations, resolve disputes, enforce agreements, and prevent fraud — which may mean data is retained indefinitely in some circumstances....

Why it matters: Even if you close your Square account or request data deletion, Square may retain certain records — including transaction history and identity data — to comply with financial regulations or fraud prevention obligations, limiting the practical effect of deletion requests....

Square collects precise and approximate location data from devices used to access its services, including through mobile apps and merchant hardware, for purposes including fraud detection, service personalization, and compliance....

Why it matters: Precise location data is one of the most sensitive categories of personal information — it can reveal where you live, work, worship, and receive medical care, and its collection by a payment processor extends well beyond what many consumers would expect....

EU and EEA users have rights under GDPR to access, correct, delete, port, and restrict processing of their personal data, as well as the right to object to processing and to not be subject to solely automated decisions....

Why it matters: EU users have stronger legal protections than users in many other jurisdictions, including the right to full data erasure and the right to object to profiling — Square is legally obligated to respond to these requests within one month....

Square's services are not directed at children under the age of 13, and Square states it does not knowingly collect personal data from children under 13 without parental consent....

Why it matters: If a child under 13 uses Square's services without parental knowledge, Square may have inadvertently collected their data — and parents have the right to request deletion of any such data....

Square uses cookies, pixel tags, and similar tracking technologies on its websites and may allow third-party advertising and analytics partners to collect data about users' online behavior across sites....

Why it matters: Third-party tracking technologies enable Square and its partners to monitor your browsing behavior beyond Square's own properties, which can be used for targeted advertising and behavioral profiling without explicit consent in some jurisdictions....

If you have a dispute with Poshmark, you must resolve it through individual arbitration — not in court, and not as part of a class action lawsuit with other users....

Why it matters: This clause strips users of the right to sue Poshmark in court and prevents them from joining together with other harmed users in a class action, which is often the only practical way to pursue small or systemic claims....

Poshmark automatically deducts a fee from every sale: $2.95 for sales under $15, or 20% of the sale price for sales of $15 or more — and sellers receive the remainder....

Why it matters: This fee structure directly reduces seller earnings on every transaction and is non-negotiable, making it critical for sellers to factor this cost into their pricing strategy....

When you post photos, descriptions, or other content on Poshmark, you give Poshmark a permanent, worldwide, royalty-free license to use, copy, modify, and display that content for any purpose — even after you delete your account....

Why it matters: This means Poshmark can continue to use your listing photos and descriptions commercially indefinitely, and you cannot revoke this permission even if you close your account or delete the content....

Poshmark can change these Terms of Service at any time by posting an updated version on their website, and your continued use of the platform after changes are posted means you agree to the new terms....

Why it matters: You could be bound by significantly different terms — including new fees, data practices, or dispute resolution rules — without receiving direct personal notice, simply by continuing to use the app....

Poshmark can suspend or permanently close your account at any time, for any reason, including violations of their policies — and they are not required to refund any outstanding balance or pending transactions....

Why it matters: If your account is suspended, you could lose access to pending sale proceeds, active listings, and your transaction history with limited ability to appeal or recover funds....

Poshmark maintains a list of items and transaction types that are not permitted on the platform — selling prohibited items can result in immediate account suspension and potential forfeiture of proceeds....

Why it matters: Sellers who unknowingly list prohibited items (such as certain counterfeit goods, hazardous materials, or regulated items) face account termination and possible financial penalties, and buyers may receive no recourse for prohibited transactions....

Poshmark limits its total financial liability to you to the amount you paid in fees in the 12 months before your claim, and disclaims liability for lost profits, data loss, or indirect damages....

Why it matters: Even if Poshmark causes significant financial harm — such as a data breach exposing your payment information or a platform error causing you to lose sales — your legal recovery is capped at the fees you paid, which could be a very small amount....

Poshmark's terms are governed by California law, and any disputes not resolved through arbitration must be brought in courts located in San Francisco County, California....

Why it matters: If you live outside California and have a dispute that is not subject to arbitration, you would need to litigate in California courts, which is expensive and impractical for most consumers....

Poshmark requires users to be at least 13 years old, and users between 13 and 18 must have parental permission to use the platform and engage in financial transactions....

Why it matters: Minors who use Poshmark are conducting real financial transactions — buying and selling goods — and parents may be liable for transactions made by their children under their supervision....

Patreon collects a wide range of information about you, including your name, email address, payment details, IP address, browsing behavior on the platform, and any messages you send through the service....

Why it matters: The breadth of data collected — including financial and behavioral data — means Patreon holds a detailed profile of both your identity and your activity, which can be used for purposes beyond simply running the platform....

Patreon shares your personal data — including behavioral and usage data — with third-party advertising networks and analytics companies, which may use this information to serve you targeted advertisements on and off the Patreon platform....

Why it matters: Your activity on Patreon may follow you across the internet through ad targeting, and your data is passed to companies whose privacy practices are outside Patreon's direct control....

Patreon uses a third-party vendor called Transcend to manage requests from users who want to access, delete, or export their personal data, meaning your privacy rights request is processed by an external company rather than directly by Patreon....

Why it matters: Routing your data rights request through a third-party vendor introduces an additional layer of processing that could affect how quickly and completely your request is fulfilled....

Patreon collects detailed financial information from creators, including payout details, tax identification information, and earnings data, which may be shared with financial partners and tax compliance services....

Why it matters: Creators provide sensitive financial and tax identity information to Patreon, and this data is shared with third-party financial and compliance vendors, creating additional exposure if those vendors experience a breach....

Patreon uses cookies, pixel tags, and similar tracking technologies to monitor your activity on the platform and across third-party websites, enabling behavioral advertising and analytics....

Why it matters: Tracking technologies follow your activity beyond the Patreon website itself, building a behavioral profile that is shared with advertising partners and used to target you with ads on other platforms....

Patreon transfers personal data from the EU and other regions to the United States and other countries, relying on legal mechanisms such as Standard Contractual Clauses to authorize those transfers....

Why it matters: When your data is transferred to the US, it may be subject to US surveillance laws and different privacy protections than those in your home country, and the legal mechanisms used to authorize these transfers are subject to ongoing legal challenge....

Patreon retains your personal data for as long as your account is active and for a period after closure, as required for legal, tax, and business purposes, which may mean your data is held long after you stop using the service....

Why it matters: Even after you close your Patreon account, your personal and financial data may be retained for months or years for compliance and business reasons, limiting the effectiveness of deletion requests....

You can request to close your Patreon account and have your personal data deleted, but some information may be retained for legal, tax, or fraud prevention purposes even after closure....

Why it matters: Knowing how to close your account and what happens to your data afterward helps you make an informed decision about leaving the platform and understand what privacy protections remain after you leave....

Max does not present its actual Terms of Use on this page. Instead, it provides a list of links to separate, country-specific terms documents, meaning the rules that govern your account depend entirely on which regional document applies to your location....

Why it matters: If you do not navigate to and read your specific regional terms, you are agreeing to rules you have never seen, which could include mandatory arbitration, class action waivers, or data sharing provisions that significantly affect your rights....

Max provides its terms in dozens of languages and country-specific versions, meaning the actual contractual terms — including your rights — may differ significantly depending on where you live and which language version you access....

Why it matters: Users in different countries may have materially different rights, including different dispute resolution mechanisms, data rights, and cancellation terms, even though they are using the same streaming service....

Max organizes its terms by geographic region (North America, Latin America, Europe, Asia Pacific, Middle East, Africa), indicating that the service and its associated legal terms are only available in certain countries, and users outside those regions may have no contractual relationship with Max....

Why it matters: Consumers traveling internationally or relocating may find that their existing Max subscription is governed by a different set of terms than they originally agreed to, or that the service is unavailable in their new location....

This page contains no actual contract terms — no arbitration clause, no privacy disclosures, no cancellation policy, no liability limitations. All substantive terms are in separate documents accessible only by clicking through to a regional link....

Why it matters: Users who land on this page and do not click through to their regional document have no information about the rules governing their subscription, meaning they are effectively agreeing blind to terms they cannot see on this page....

Max provides terms in dozens of languages, including English, Spanish, French, German, Portuguese, Arabic, and many others, allowing users to read terms in their native language across most regions where the service is available....

Why it matters: Providing terms in a user's native language is a meaningful step toward informed consent, but where only one language is available for a given country, users who do not speak that language may be agreeing to terms they cannot understand....

T-Mobile collects your precise GPS location and network-derived location data and may share it with third-party advertising partners, analytics companies, and affiliated businesses. This happens through your use of their network and apps, not just when you explicitly share your location....

Why it matters: Your location data is among the most sensitive personal information you generate — it can reveal your home, workplace, medical appointments, religious practices, and daily routines, and once shared with third parties it is difficult to control....

T-Mobile uses your Customer Proprietary Network Information — which includes records of calls you make, who you called, when, for how long, and from where — to market additional services to you unless you opt out. Federal law gives you the right to restrict this use....

Why it matters: CPNI is highly sensitive telecommunications data that reveals your communication patterns and personal relationships; federal law (47 U.S.C. § 222) specifically restricts how carriers may use this data and requires them to obtain your approval before using it for marketing beyond your existing servi...

T-Mobile shares your personal data — including device identifiers, browsing behavior, app usage, and demographic inferences — with advertising networks and marketing partners to serve you targeted ads both on and off T-Mobile's own platforms. This constitutes a 'sale' or 'sharing' of personal data u...

Why it matters: Sharing your data with advertising networks means your behavioral and demographic profile is distributed to companies you have no relationship with, and this data can be combined with other sources to create detailed commercial profiles used to influence your purchasing decisions and potentially aff...

T-Mobile's services are not directed to children under 13, and the company states it does not knowingly collect personal data from children under 13 without verifiable parental consent. However, T-Mobile offers family plans where minors are account lines, creating practical data collection exposure....

Why it matters: If T-Mobile collects data from children under 13 on family plan lines without adequate COPPA-compliant parental consent, both the company and parents face significant risks — the company faces FTC enforcement fines, and children's location, communication, and behavioral data may be processed and sha...

T-Mobile provides customers — and particularly California residents — with rights to access, correct, delete, and obtain a portable copy of their personal data. Requests can be submitted through the Privacy Center online or by phone....

Why it matters: These rights give you meaningful control over the personal data T-Mobile holds about you, including the ability to find out exactly what data they have, request deletion of data you don't want retained, and correct inaccurate information that could affect your account or credit....

T-Mobile retains your personal data for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements — but does not commit to specific maximum retention periods for most data categories. This means data may be retained indefinitely in some circums...

Why it matters: Indefinite or open-ended data retention means your historical location records, call logs, financial data, and behavioral profiles could be stored for years or decades, increasing the risk of exposure in future data breaches and limiting your practical ability to delete your data footprint....

T-Mobile states that it uses reasonable security measures to protect your personal data but does not guarantee the security of your data and acknowledges that no security system is perfect. T-Mobile has experienced multiple major data breaches affecting tens of millions of customers....

Why it matters: T-Mobile has suffered some of the largest consumer data breaches in US history — including a 2021 breach affecting 76 million customers and a 2023 breach affecting 37 million — meaning the promise of 'reasonable security measures' in this notice has historically not been sufficient to protect custom...

T-Mobile collects sensitive categories of personal information including precise geolocation, financial account details, government-issued ID numbers (Social Security numbers), and potentially biometric identifiers, and uses this data for service provision, fraud prevention, and in some cases for ma...

Why it matters: Sensitive personal information such as Social Security numbers, precise location, and financial data represents your highest-risk data — exposure or misuse of this data can enable identity theft, financial fraud, stalking, or discrimination, and US law provides specific protections for these categor...

If you have a dispute with Square, you must resolve it through private arbitration rather than going to court, and you cannot join or lead a class action lawsuit against Square. There is a 30-day window to opt out of this requirement after creating your account....

Why it matters: This provision removes your right to sue Square in court or participate in group lawsuits, which are often the only practical remedy for small-dollar claims or widespread consumer harm....

Square can suspend, restrict, or terminate your account at any time at its sole discretion, and may hold funds in your account for an extended period — potentially 90 to 180 days — if it suspects fraud, policy violations, or elevated financial risk....

Why it matters: For merchants who process daily payments through Square, an unexpected account suspension combined with a fund hold can cause immediate, severe cash flow disruption and potentially threaten business viability....

Square can change these Terms of Service at any time, and your continued use of Square's services after notice is posted constitutes your acceptance of the new terms, even if you did not read them....

Why it matters: This provision allows Square to materially alter the contract governing your business relationship without requiring your explicit consent, meaning new obligations or restrictions can bind you simply because you kept using the service....

When you submit content — such as your business name, logo, or other materials — to Square, you grant Square a broad, royalty-free license to use, reproduce, modify, and display that content in connection with operating and promoting its services....

Why it matters: Businesses that upload branding, product images, or other proprietary content to Square's platform grant Square significant rights to that content, which may extend beyond what users reasonably expect....