Found in 177 of 343 platforms tracked (52% adoption) · 344 provisions
The clause operationalizes a distinction between sample retention and data retention: while physical samples are subject to removal upon request, research data derived from prior research participati…
This clause establishes a unilateral content governance mechanism that grants the service provider broad authority to restrict access to user data based on internal compliance assessments. The 'sole …
The provision establishes the scope of data collection and permitted uses for Siri voice interactions, defining what device information Apple may access and how that information may be processed to d…
The provision defines the foundational scope of the privacy framework governing data handling practices across Binance.US and affiliated entities. It establishes that the Privacy Policy applies to th…
This provision establishes the operational limits of Bluesky's deletion authority within a decentralized network architecture. It clarifies that while Bluesky will initiate removal procedures within …
This provision establishes an exception to standard data deletion practices by carving out shared Characters as persistent service content. It operationalizes the distinction between personal account…
This provision establishes that shared user-generated content becomes subject to separate retention and operational authority once made available to other users. The clause creates a distinction betw…
The clause establishes an open-ended retention framework that extends data storage obligations beyond the active service period, with retention decisions determined by EA's assessment of legal and op…
The provision creates a mechanism by which content licensing obligations extend beyond the active service relationship. This establishes that termination of a user account does not automatically term…
The provision establishes the default data retention period and grants Google authorization to retain and process activity data for service improvement purposes. It also establishes that users have c…
This provision defines the operational data lifecycle for Gemini Apps interactions and establishes differentiated retention policies based on account type. The authorization for post-deletion retenti…
The provision establishes a tiered retention framework that permits users to control the duration conversation data remains accessible in their accounts, with differentiated options based on user age…
The clause defines the operational data retention window that applies regardless of activity setting preference, establishing a fixed timeframe during which Google maintains access to conversation da…
The provision operationalizes data retention policies by creating a default retention window, permitting users to modify retention duration, and establishing distinct processing pathways based on Act…
This clause establishes Amazon's operational authority to unilaterally alter service availability and user access to purchased content based on a broad range of determinations, including subjective c…
This provision defines Meta's data retention and deletion obligations post-termination, establishing the operational procedure for handling personal data after the service relationship concludes. It …
The clause establishes a specific operational timeline and procedural mechanism for data deletion compliance. It clarifies that deletion obligations are triggered by user request, consent withdrawal,…
This clause allocates responsibility for data management post-account termination, requiring users rather than the platform to execute deletion of downloaded or stored platform data. It operationaliz…
The clause establishes the operational scope of data collection for voice and conversational AI services, specifying both the types of data collected (voice input, query content, response content) an…
The clause establishes Microsoft's authority to manage account lifecycle and content retention independent of user action, with a defined inactivity threshold of two years and a procedural requiremen…
The clause specifies the operational mechanism for account wind-down and data retention obligations post-termination. It defines the scope of data subject to deletion and the timeframe within which d…
This provision defines the operational scope of OpenSea's data deletion obligations under privacy regulations by identifying a technical limitation external to the platform's systems. The clause clar…
This provision defines the operational scope of data persistence within Plaid's systems and establishes the regulatory and business bases that govern retention duration. The framework creates distinc…
This authorization establishes the technical mechanism by which Spotify accesses device hardware necessary for service delivery and advertising distribution. The provision permits delegation of these…
The provision operationalizes data retention by establishing multiple retention triggers—account activity status, service delivery requirements, legal compliance obligations, and dispute resolution n…
The linkage requirement creates a structural dependency between the two services, meaning the Threads service cannot be used independently of Instagram account status. This architectural design affec…
The provision creates an operational dependency between the two services, establishing that Threads account persistence is contingent upon Instagram account maintenance. This reflects the architectur…
The clause establishes the operational limitation of Uniswap's data handling authority: while the entity collects certain user data it can manage, blockchain-recorded transaction history and associat…
This provision clarifies the scope and limits of Uniswap's data management responsibilities under the privacy policy. It distinguishes between data Uniswap controls (collected through its interface) …
The provision creates a temporal distinction between license termination and actual data deletion, establishing that YouTube maintains technical copies of content for a defined operational period fol…
The operational significance is that Zillow establishes a flexible retention framework without maximum retention periods, allowing the company to determine retention duration on a case-by-case basis …
The operational significance is that account deletion does not automatically purge all genetic data from 23andMe's infrastructure; retention policies apply independently of account status. This affec…
The clause creates a retention framework tied to service necessity rather than indefinite storage, establishing operational obligations for data lifecycle management. It specifies procedural requirem…
This provision establishes the data retention framework governing how long AWS maintains personal information in its systems. The retention period is tied to service delivery necessity, stated purpos…
The provision clarifies the operational conditions under which personal data remains in Acorns' systems beyond active service use. By conditioning retention on legal requirements and legitimate busin…
The data controller designation establishes Activision's legal responsibility for determining the purposes and means of information processing under applicable data protection frameworks. This alloca…
This provision establishes Adobe's data retention schedule across two categories: operational data tied to active account status and compliance-related data with extended retention periods. The ten-y…
The retention and use framework establishes the operational scope and duration of data processing. The authorization for analytics use permits processing of personal information beyond transactional …
This provision establishes the operational scope and duration of data retention by defining retention triggers (contract performance and legal compliance) and creates a mechanism for users to initiat…
The clause defines the operational scope and duration of data retention by tying retention periods to specific functional and legal purposes rather than establishing fixed time limits, which affects …
The provision operationalizes data subject rights that arise under various privacy regulations by designating account settings and direct contact as the primary mechanisms for users to request exerci…
This provision establishes the operational framework for data retention following user deletion requests. It clarifies that the service architecture maintains backup copies for feature functionality …
The retention standard establishes that data retention is tied to service provision, legal compliance obligations, and disclosed purposes rather than automatic deletion upon account closure or servic…
The provision establishes the procedural mechanism for exercising data subject rights while defining the scope and duration of data retention practices. The retention framework ties data lifecycle to…
The clause establishes the operational framework for data retention periods, conditioning retention duration on three categories: service functionality, legal compliance obligations, and explicit not…
The operational significance lies in establishing a flexible retention standard rather than a fixed timeline. This approach allows the entity to maintain data across multiple operational purposes—tra…
The clause establishes procedural mechanisms for users to exercise data subject rights under applicable privacy regulations. It delegates implementation of these rights to Amazon's privacy portal inf…
This provision establishes the operational mechanism by which users exercise data subject rights under applicable privacy regulations. It designates a specific platform interface (Your Account) as th…
The clause defines the operational scope and duration of data retention by establishing multiple grounds for retention: service functionality, stated privacy purposes, legal compliance requirements, …
This provision establishes the operational framework governing how long Ancestry maintains user data and the circumstances under which retention continues post-deletion. The clause creates exceptions…
The provision creates a formal mechanism for users to exercise statutory data rights across jurisdictions, with enhanced rights explicitly recognized for California residents. It establishes privacy@…
The clause establishes a retention and deletion mechanism that distinguishes between immediate user-facing removal and backend data deletion timelines, defining the operational window for complete co…
The provision establishes a data deletion mechanism with two operational pathways: user-initiated deletion requests for personal data (subject to exceptions) and automatic deletion of conversation re…
The provision establishes a deletion mechanism with two operational components: a general data deletion request process subject to exceptions, and an immediate conversation-level deletion with a defi…
The provision establishes a dual deletion mechanism: user-initiated deletion requests processed under data protection frameworks, and automated conversation deletion with a specified 30-day back-end …
This provision establishes the operational scope of Anthropic's feedback collection and retention practices. It clarifies that feedback submissions trigger storage of not only the rating itself but a…
The provision establishes a dual deletion mechanism: user-initiated requests for personal data deletion subject to exceptions, and automatic backend deletion of conversation records within a defined …
This provision establishes a mandatory operational requirement for app developers to implement account deletion functionality as a standard feature. It ensures that account lifecycle management inclu…
This provision operationalizes Apple's retention obligations by establishing criteria for determining storage duration rather than specifying fixed retention periods. The framework ties retention dur…
This provision defines the operational scope and duration of data retention by establishing multiple retention categories—service provision, legal compliance, dispute resolution, and contract enforce…
The clause establishes procedural mechanisms through which data subjects can exercise statutory privacy rights under applicable data protection frameworks. It specifies the portal submission process …
The provision establishes a procedural mechanism for data subject rights compliance, defining both the submission process and the company's response timeline. It creates an operational obligation for…
The provision operationalizes statutory data subject rights across jurisdictions with varying legal frameworks. It establishes the procedural mechanism (email contact) and response timeline obligatio…
The provision creates a defined data lifecycle management framework that complies with regional data protection standards while establishing the temporal boundaries for information storage. This stru…
This provision defines the operational scope and duration of data holdings, establishing both the retention triggers (service provision, legal compliance, dispute resolution, agreement enforcement) a…
This provision establishes the temporal scope and operational basis for data retention. By anchoring retention to legal compliance obligations and dispute resolution, the clause creates an indefinite…
The clause creates a dual retention framework: a general principle limiting retention to necessary periods, paired with a carve-out that permits extended retention post-deletion for specific operatio…
The clause operationalizes data retention constraints by tying data lifecycle management to dual criteria: functional necessity and legal compliance ceilings. This establishes a procedural framework …
The provision establishes the operational mechanism for account termination and defines the timeline distinction between account deletion (immediate) and content removal (delayed). It creates a react…
This clause defines the operational scope and duration of Calendly's data stewardship obligations. It establishes that retention decisions are tied to stated business purposes and legal requirements,…
This provision establishes the operational framework for post-deletion data lifecycle management, specifying both the retention trigger (legitimate business need) and the termination condition (purpo…
This provision establishes the operational framework governing how long Character.AI maintains user data in its systems. It conditions retention duration on both the original collection purpose and u…
The provision establishes the operational mechanism by which Character.AI obtains user identity information through federated authentication, rather than requiring users to create separate credential…
This provision operationally establishes Chase's baseline security obligations under applicable law and regulation. It creates the framework through which Chase implements protections for personal in…
The provision operationalizes Checkout.com's compliance obligations under data protection and financial services regulations, which typically mandate multi-year retention of transaction records for a…
This provision establishes the operational parameters for data lifecycle management within Chegg's systems. It clarifies that retention duration is tied to specific business and legal purposes rather…
The clause operationalizes data subject rights under privacy regulations by defining how account closure and data deletion requests are handled administratively. It establishes the company's obligati…
This clause defines the post-termination data lifecycle and establishes the conditions under which ClickUp maintains or removes personal information after an account ends. The provision creates opera…
This provision operationalizes Coinbase's compliance obligations under anti-money laundering (AML) and know-your-customer (KYC) regulatory frameworks, which require financial institutions to maintain…
The provision creates a retention framework tied to dual standards: operational necessity and regulatory compliance. This establishes that data deletion requests may be subject to mandatory retention…
The clause creates a discretionary retention framework where data persistence is tied to operational necessity and compliance requirements rather than fixed deletion timelines. This structure permits…
The provision creates a dual retention framework: one based on operational necessity and a second based on regulatory mandate. This structure establishes that retention periods are determined partly …
The provision operationalizes data retention as a function of service delivery, legal compliance, and dispute resolution rather than a fixed timeline. This framework authorizes ongoing data storage c…
This clause specifies the operational framework for data lifecycle management post-account-termination and establishes the conditions triggering deletion obligations. It delineates Coinbase's respons…
The clause establishes a retention framework that extends beyond active service delivery to encompass statutory and regulatory obligations, creating institutional bases for post-closure data maintena…
The clause defines the data retention scope post-deletion, establishing that account closure does not automatically trigger immediate deletion of all personal data. This creates operational categorie…
The provision establishes procedural mechanisms through which users can exercise data subject rights recognized under certain legal regimes. These requests operate as formal channels for users to exe…
The absence of a specified data retention limit means the company retains operational discretion over retention duration based on stated purposes, rather than a defined schedule or automatic deletion…
This provision establishes that codebase indexing involves server-side processing and persistent storage of derived data (embeddings and metadata) rather than plaintext source code, creating a distin…
The provision creates a conditional data handling framework where Privacy Mode activation triggers modified data retention policies with external model providers while preserving Cursor's ability to …
The clause establishes the operational conditions under which account data is removed from the service platform. It creates two separate termination pathways: one automatic upon failed payment proces…
The clause creates a defined operational procedure for processing user-initiated privacy requests and establishes verification requirements that condition processing on identity confirmation. It also…
This clause operationalizes Databricks' retention obligations by establishing the criteria and decision-making framework that governs how long personal data remains in the company's systems. It creat…
The provision creates a distinction between default deletion (non-archived content) and indefinite retention (archived content), establishing the operational retention periods that structure data lif…
This provision establishes the operational framework for data lifecycle management, defining retention periods tied to purpose necessity and legal requirements rather than indefinite storage. It crea…
The provision defines Discord's operational retention obligations post-termination and creates a distinction between personal data subject to deletion and shared content that persists in the service.…
The clause establishes retention duration based on operational criteria rather than fixed timelines, which means the actual retention period for any given data category remains contingent on Disney+'…
The clause defines the operational parameters for data lifecycle management by tying retention duration to stated business and legal purposes rather than establishing a fixed time period, which affec…
The clause creates an operational standard for data lifecycle management by tying retention duration to specific, enumerated purposes rather than indefinite retention. It establishes that data destru…
The clause defines the operational retention timeline for user data and establishes a deletion initiation process rather than immediate deletion upon account termination. The 30-day window creates a …
The provision establishes operational criteria for data lifecycle management rather than fixed retention periods. This approach permits extended retention based on institutional assessment of necessi…
This provision defines the operational framework for data lifecycle management, establishing both the retention trigger (service provision and stated purposes) and the termination mechanism (deletion…
This clause allocates discretion to Duolingo to determine retention duration based on operational necessity and legal compliance obligations. It establishes a standards-based retention framework rath…
This clause operationalizes data subject rights that vary by jurisdiction, establishing a procedural mechanism for users to exercise legally-recognized rights where applicable. It designates privacy@…
Open-ended retention standards create operational flexibility for the entity to maintain data archives beyond typical engagement periods, which has implications for the duration users' personal infor…
This clause operationalizes data subject rights under privacy regulations by establishing a defined request mechanism and contact point. The provision creates a procedural structure through which use…
This clause defines the operational data retention framework for surveillance content, establishing that retention duration is contingent on service functionality, regulatory compliance needs, and co…
The provision operationalizes Eventbrite's data lifecycle management by establishing retention as a function of service delivery and legal compliance rather than user request. This structure allows t…
The clause defines the operational framework for data lifecycle management, establishing both retention triggers (fulfillment of stated purposes and legal obligations) and termination conditions (del…
This provision establishes Figma's compliance framework for children's data protection under laws including COPPA and GDPR, defining the age eligibility boundary for service use and limiting personal…
The clause establishes retention criteria based on functional necessity rather than fixed time periods, meaning data persistence is tied to stated operational and legal purposes rather than automatic…
The provision establishes a data minimization practice for open model operations, meaning user prompts and outputs are processed but not persisted in Fireworks AI's systems absent affirmative user el…
The clause establishes a self-service mechanism for data subject exercise of access, portability, and deletion rights. It conditions the scope of these rights on jurisdictional requirements, meaning …
This provision establishes the operational basis for data retention across different data categories, distinguishing between account infrastructure data (required for service continuity) and user-gen…
The clause operationalizes data deletion procedures while establishing exceptions that permit retention in specific circumstances, defining the scope and duration of data persistence after account te…
The retention framework creates an operational structure where data persistence extends beyond active service delivery to encompass post-termination periods, establishing legitimate business purposes…
This provision establishes Ford's data retention framework by defining retention duration as purpose-dependent rather than indefinite, while specifying the institutional factors that govern retention…
This provision establishes Garmin's data retention framework by conditioning retention duration on service delivery needs and legal/contractual requirements rather than establishing fixed deletion ti…
The provision defines the operational scope and duration of GitHub's data processing activities, establishing both a necessity standard for retention and a mandatory disposition process for data no l…
The provision establishes procedural obligations for GitHub to process data subject requests and operationalizes statutory rights that vary by jurisdiction. The response timeline requirement creates …
The clause creates a framework where data retention extends beyond account deletion based on operational and legal necessity rather than account status alone. This operational approach reflects commo…
The clause establishes the operational framework for data retention periods across different processing contexts. It distinguishes between Glean's independent data controller retention practices and …
This provision establishes the operational framework for individual data subject rights under privacy regulations such as GDPR and CCPA. It creates the procedural mechanism by which users may exercis…
The provision establishes a dual-purpose data retention and use framework: one tied to service delivery and compliance obligations, and a second permitting derivative use of Cloud service data for pr…
This clause defines the operational distinction between long-term account storage and temporary service-delivery retention. The 72-hour temporary retention applies independently of user Activity pref…
The clause establishes a standard data retention practice for reviewed conversations, defining the temporal scope of data persistence in the service infrastructure. This retention period governs how …
The clause creates a two-phase deletion process: immediate deletion of primary activity data coupled with permissible short-term retention of ancillary data for technical system purposes. This struct…
The provision establishes user-controlled data retention parameters, allowing modification of the default 18-month retention period through settings. This mechanism determines the duration Google Gem…
The clause establishes Grammarly's procedural obligations to honor user data rights requests and identifies the mechanisms through which users can exercise those rights, with response timelines tied …
The retention framework operationalizes Grindr's data stewardship practices by defining temporal boundaries for different data categories and establishing that post-deletion retention serves specific…
This provision establishes the operational framework governing how long personal information remains in Groq's systems. The multi-factor retention standard creates flexibility in retention periods ac…
The retention standard ties data storage duration to functional necessity and regulatory compliance rather than indefinite retention, establishing a defined operational scope for data lifecycle manag…
The clause establishes that data retention obligations are determined by regulatory requirements rather than user preference, creating a structural limitation on data deletion capabilities within the…
The retention policy creates a tiered framework that ties data persistence to operational relationship status and legal requirements rather than a fixed retention schedule. This structure permits ext…
The provision operationalizes data subject rights that vary by jurisdiction, establishing Hinge's obligation to implement mechanisms through which users can exercise control over their personal data …
The clause creates a defined data retention schedule that balances service operations and legal compliance with member deletion requests, specifying a post-deletion retention period for safety invest…
This provision establishes Home Depot's operational framework for data lifecycle management, defining both the retention period (tied to stated purposes and legal obligations) and the company's oblig…
The clause operationalizes data retention by defining retention duration as tied to functional necessity and regulatory compliance, rather than establishing fixed retention periods or immediate delet…
This provision operationalizes data subject rights that vary by jurisdiction, establishing Inflection AI's procedure for receiving and processing individual rights requests. The availability of these…
The retention policy defines the operational lifespan of user data within Instacart's systems and establishes the framework governing when data deletion or anonymization occurs. This directly affects…
This provision operationalizes Intuit's data lifecycle management by creating categories of permissible retention periods (purpose-driven, legally-mandated, and claims-related) and establishing a pro…
This provision establishes the retention framework governing personal data storage duration and creates a mechanism for users to initiate deletion requests. The operational significance lies in defin…
The clause defines the retention standard as tied to legitimate business necessity rather than establishing fixed retention periods, which means data retention duration depends on the classified purp…
This clause operationalizes data subject rights by creating a defined process through which users can exercise control over retained personal information. The provision establishes Kick's obligation …
Data retention policies define operational obligations for service providers regarding storage duration and deletion procedures, establishing the administrative framework for data lifecycle managemen…
This clause operationalizes data subject rights that vary by jurisdiction, establishing the procedural mechanism through which users can request Klarna to provide, modify, or cease processing of thei…
This provision establishes the operational framework for data retention duration, permitting extended retention periods when justified by legal compliance requirements or contractual enforcement need…
The retention policy defines the operational lifecycle of user data within Leonardo AI's systems and establishes the conditions under which data disposal or anonymization occurs. This framework addre…
The clause defines the operational scope of Lime's data retention authority by tying retention duration to functional business purposes rather than establishing a fixed time period, which establishes…
This provision establishes the temporal scope and forms under which LinkedIn maintains user-generated and inferred data. The authorization to retain depersonalized or aggregated data creates a distin…
This provision establishes the operational scope and duration of data retention within Loom's service infrastructure. The clause authorizes extended retention periods beyond active service use by ref…
The clause establishes that data deletion requests do not trigger immediate removal of all personal information retained by the entity. Post-deletion retention is conditioned on legal obligations, re…
This clause establishes the operational mechanism through which Lyft fulfills deletion obligations under privacy statutes. The provision conditions deletion on verification of the consumer request an…
This provision establishes the data retention framework by defining multiple legitimate bases for retaining personal information beyond the active service period, including compliance obligations and…
The clause operationalizes McDonald's retention obligations by tying data lifecycle to multiple operational and legal factors rather than establishing fixed retention periods. This approach allows Mc…
This clause defines the operational framework for data retention duration and grounds for post-termination retention. It establishes that retention extends beyond active account status for specified …
The clause establishes Mercury's post-closure data retention authority under legal and regulatory requirements. This affects the scope and duration of data processing obligations the entity maintains…
The clause establishes data retention limits and Meta's authority to require deletion, creating an operational requirement that users manage data lifecycles according to both Meta's direction and the…
The clause defines the temporal scope of Meta's content license and establishes user-initiated deletion as the mechanism for license termination. It clarifies that visibility removal and backend data…
This provision establishes the operational scope of data deletion following account termination and creates categories of information exempt from deletion requirements. It establishes Meta's authorit…
This provision establishes Meta's operational framework for data retention and deletion, specifying that retention determinations are individualized rather than standardized, and clarifying the scope…
This clause establishes the operational parameters governing how long MetaMask maintains personal data, incorporating both functional necessity and risk-based assessment as retention determinants. Th…
The provision operationalizes data retention as a function of multiple institutional factors rather than a fixed timeline, establishing that Microsoft determines retention periods through assessment …
The provision creates a variable retention model rather than fixed deletion timelines, meaning data persistence depends on operational necessity determinations and product-specific contexts. This fra…
The provision defines the operational scope and duration of data retention practices, establishing that retention extends beyond the primary service delivery purpose to encompass legal compliance, di…
The clause creates a variable retention framework rather than fixed deletion timelines, which means data lifecycle management is contingent on operational necessity and legal requirements rather than…
The provision defines the operational scope and timeline for data retention across active accounts, post-termination states, and legal compliance scenarios. It establishes that Miro may maintain copi…
The provision creates differentiated retention schedules across API product lines, establishing operational periods during which Mistral AI maintains access to input and output data for service deliv…
The provision creates differentiated retention schedules across API product lines, with standard APIs subject to the 30-day rolling window while specialized APIs (Agents and Fine-Tuning) maintain lon…
The clause defines the operational duration of data retention and establishes user-initiated deletion as the mechanism for terminating storage. This determines the period during which Mistral AI main…
This provision establishes the operational framework for data lifecycle management, allocating configuration authority to customers while maintaining Mixpanel's discretion over retention periods need…
The clause conditions data retention duration on subscription tier, creating differentiated data lifecycle management based on customer classification. This operational structure determines the timef…
This provision establishes the operational framework governing the company's data lifecycle management, defining both the retention triggers (service provision and stated purposes) and the mandatory …
This provision establishes the operational framework governing data lifecycle management, defining both the retention period (necessity-based) and the deletion mechanism (upon request with specified …
The provision establishes that MyFitnessPal recognizes jurisdiction-dependent data subject rights and makes these rights available to users where applicable by law. The clause creates an operational …
This provision establishes the operational framework governing how long Neon maintains personal data in its systems. The retention standard ties duration to purpose fulfillment and legal obligation r…
The clause establishes procedural mechanisms through which users can exercise data subject rights under privacy regulations, requiring Netflix to maintain processes for receiving and responding to su…
Data retention periods determine the operational lifecycle of personal information within Netflix's systems and establish the timeframes during which Netflix maintains records for service delivery, l…
The absence of defined retention limits allows Netflix operational flexibility in data management across active accounts, inactive accounts, and regulatory compliance periods, while placing the deter…
This clause establishes Netflix's operational framework for data persistence post-cancellation, clarifying that service termination does not automatically trigger deletion of personal information. Th…
The absence of defined retention timelines creates operational flexibility for Netflix to maintain personal information based on service delivery needs and legal requirements, rather than fixed sched…
This provision establishes the operational framework governing data retention duration and grounds for continued storage post-deletion. The clause ties retention obligations to service delivery needs…
The clause defines the operational framework for data lifecycle management, establishing that retention decisions are tied to functional necessity and legal compliance rather than fixed timeframes. T…
The provision establishes the operational framework for data lifecycle management beyond active service use, defining retention authority separate from the active account period. This creates a disti…
The provision establishes that user data rights are conditional on applicable law by location, meaning the scope and availability of these rights vary by jurisdiction rather than applying uniformly t…
This clause establishes a data deletion mechanism while preserving Notion's operational ability to retain data where legally required or necessary for dispute resolution and contract enforcement. The…
This provision establishes the operational framework governing data lifecycle management, linking retention duration to business necessity and regulatory mandate rather than indefinite storage. The m…
The provision creates dual retention standards: a primary baseline tied to operational necessity and legal requirements, and an extended retention authorization upon occurrence of specified condition…
The clause operationalizes data subject rights by establishing procedures through which users can exercise control over personal information processing. The availability and scope of these rights are…
This clause establishes OpenAI's operational framework for responding to privacy rights requests that vary by jurisdiction. The provision designates a centralized mechanism (Privacy Portal) through w…
The provision establishes a mechanism for users to control whether their conversation data contributes to model training, while also specifying data retention parameters and deletion procedures. This…
The clause operationalizes data lifecycle management by anchoring retention to multiple justified purposes rather than a fixed timeline. This structure permits extended retention where legal or opera…
The provision operationalizes OpenAI's compliance framework with varying privacy regulations across jurisdictions by explicitly enumerating the individual rights users may invoke. This establishes th…
The clause authorizes data retention across multiple operational categories (service provision, legal obligations, dispute resolution, contract enforcement) without specifying fixed retention timelin…
This provision establishes OpenSea's data retention framework, which defines how long personal information remains in the entity's systems and when deletion or destruction occurs. The operational sig…
The clause creates a consent-based processing framework where the company conditions sensitive data processing on affirmative user action, either through explicit consent or through functional use of…
This clause establishes the operational framework for data lifecycle management, permitting indefinite retention where legally authorized or operationally necessary while requiring deletion once purp…
Data retention policies establish operational standards for how long service providers maintain user information and define the lifecycle of data within their systems. This provision governs complian…
The clause defines the retention period as functionally tied to service delivery and regulatory requirements rather than a fixed timeframe, which establishes an indefinite retention standard subject …
The provision operationalizes Paramount+'s retention obligations by establishing a necessity-based standard rather than a fixed retention period, while creating a procedural mechanism for deletion re…
This clause defines the operational parameters for data lifecycle management, specifying retention triggers tied to service delivery, legal compliance, dispute resolution, and agreement enforcement. …
Data retention policies establish the operational framework for when personal information is deleted or anonymized, affecting the scope and duration of Patreon's data stewardship obligations and dete…
This clause defines the data retention framework by establishing necessity as the operational standard for how long information is maintained, while carving out exceptions for legally mandated retent…
This clause defines the operational scope and duration of data retention practices, establishing both the purposes that justify ongoing data storage and the procedural requirement for deletion or ano…
The provision establishes a document structure where state-specific privacy obligations, including data retention requirements, are consolidated in a separate notice rather than integrated into the p…
This provision operationalizes legally mandated data subject rights by establishing a request mechanism and designating a contact point for rights exercise. The availability of these rights depends o…
The provision operationalizes data rights that may be mandated under applicable privacy laws by establishing a procedural mechanism for users to assert those rights. This creates a documented process…
This provision establishes the operational basis for data retention across Pinterest's service infrastructure. The clause authorizes retention tied to service delivery and business operations rather …
Data deletion rights provisions establish operational obligations for the service provider to implement consumer-initiated data removal requests within defined parameters. This provision governs how …
The clause defines the operational framework for data retention by anchoring the duration of storage to functional necessity and regulatory compliance rather than indefinite retention. This establish…
The clause creates an operational mechanism for data subject access and control, establishing the procedural pathway through which users exercise statutory rights to review, modify, and request delet…
The clause ties data retention duration to multiple operational justifications rather than a fixed time period, which means retention may extend beyond account closure for specific purposes enumerate…
The retention standard is defined by operational necessity and legal obligation rather than a fixed time period, which means data retention duration varies depending on the specific purpose and legal…
The clause establishes the operational basis for post-closure data retention, distinguishing between retention periods driven by service necessity versus those mandated by regulatory or legal require…
The provision addresses the operational distinction between account deactivation and complete data deletion. By authorizing retention of personal information post-closure for defined institutional pu…
The provision creates a two-stage deletion process: account visibility termination is immediate, but content persistence depends on prior user action. This distinction establishes Reddit's data reten…
The clause establishes a self-service mechanism for account termination and specifies the operational effect of deletion on profile visibility and content attribution, clarifying the scope of what ac…
The clause establishes that data retention obligations may persist beyond user-initiated updates, creating a distinction between current information in active systems and archival records maintained …
The clause establishes a multi-category retention framework that extends data retention beyond active service periods, conditioned on operational and legal justifications rather than fixed time limit…
The provision operationalizes Revolut's data retention obligations under anti-money laundering and financial services regulations, which typically mandate multi-year record preservation. The extended…
This provision establishes the operational framework governing how long Riot Games maintains user personal data across multiple institutional functions including legal compliance, fraud prevention, a…
The clause establishes the operational data retention framework for a regulated financial services entity, which requires maintaining records beyond the active relationship period to satisfy complian…
This provision establishes the retention framework governing how long Robinhood maintains personal data in its systems. The operational significance lies in the connection between retention duration …
This clause establishes the operational framework under which RHS monetizes securities lending activity. By retaining all compensation from lending activities, RHS creates a revenue stream from accou…
This provision operationalizes jurisdictional data protection requirements by establishing the mechanism through which users can exercise legally recognized rights. The clause conditions availability…
The clause creates a carve-out from full data deletion by permitting extended retention of identifying information beyond account termination, which maintains the entity's ability to track or recogni…
The clause establishes the operational framework governing data lifecycle management, defining both the retention period (tied to service necessity and legal obligations) and the mechanism for dispos…
The clause establishes a formal mechanism for parental oversight of children's data practices, requiring Roblox to process access and deletion requests submitted through its designated support channe…
This clause creates an operational standard for data lifecycle management rather than establishing fixed retention periods. It grants Roblox discretion to retain personal data based on multifactor an…
The clause creates a standard data retention framework tied to operational necessity while preserving Rumble's ability to maintain data longer when legally required, establishing the institutional ba…
This provision establishes RunPod's data retention framework by authorizing retention based on functional necessity rather than specifying fixed deletion timelines. The operational significance lies …
This provision establishes the operational framework governing Samsung's data retention lifecycle and specifies the conditions under which personal information will be removed or anonymized from acti…
The operational significance is that user-facing data (such as language preferences and cached content) persists on the user's device for an extended period before automatic deletion, reducing the fr…
This provision creates a carve-out from typical data retention limits by permitting indefinite retention of data once it has undergone de-identification or aggregation processing. The operational sig…
The clause defines the data retention timeline and establishes operational procedures for post-account data management, affecting the duration of data persistence in Shopify's systems after merchant …
This provision establishes the retention timeline and deletion procedures for personal data held by Shopify. It defines the operational framework under which data lifecycle management occurs, specify…
The provision establishes the operational mechanism through which Shopify implements data subject rights obligations that vary by jurisdiction. It creates a defined submission pathway that allows the…
This provision establishes SimpliSafe's data retention framework by tying retention periods to operational necessity and legal obligation, rather than specifying fixed retention windows. The clause a…
The clause operationalizes data retention through customer-configurable controls while establishing a defined deletion timeline post-termination, thereby allocating responsibility for retention confi…
The provision establishes user-initiated deletion mechanisms as a standard service feature, clarifying which data categories are subject to user-directed removal and distinguishing between full accou…
This provision establishes the operational scope of Snapchat's data retention infrastructure by delineating which content classes are subject to deletion protocols versus retention requirements. The …
The clause establishes that data deletion requests do not automatically result in complete data removal, as the company retains authority to maintain records when legal obligations, abuse investigati…
The provision clarifies the operational scope of data retention across account lifecycle states and specifies the permissible bases for post-closure retention. This establishes the duration and justi…
The clause creates operational exceptions to data deletion obligations, establishing that deletion rights are subject to competing institutional interests in fraud prevention, legal compliance, and c…
The provision creates a framework for balancing user data deletion rights against Spotify's operational and legal retention obligations. It establishes that deletion requests are subject to defined l…
This clause establishes Square's data retention framework by conditioning storage duration on operational and legal necessities rather than specifying predetermined deletion schedules. This operation…
The clause establishes Square's data retention authority across multiple operational categories, creating an indeterminate retention timeline that extends beyond active account status. This structure…
The clause creates a need-based retention standard rather than fixed retention periods, authorizing Squarespace to maintain data for operational and compliance purposes while establishing obligations…
The clause defines the operational retention framework for personal data processing, establishing both a necessity standard and a hard temporal limit that aligns with privacy-by-design principles whi…
The clause operationalizes data retention by conditioning it on purpose alignment and legal necessity rather than establishing fixed retention periods. This authorization permits indefinite retention…
The clause establishes that data retention obligations and regulatory compliance requirements take precedence over account deletion requests, and clarifies that deletion requests are scoped to a sing…
This provision establishes the operational framework governing data lifecycle management within Valve's systems, specifying both the retention trigger (purposes fulfilled) and the disposal mechanism …
This provision operationalizes the principle of purpose limitation by creating a linkage between stated collection purposes and downstream data governance practices (retention, access, user rights). …
The provision operationalizes a multi-document privacy framework for US users, requiring reference to state-specific notices and health data policies in addition to the base policy. This structure in…
The provision defines the operational parameters for data removal, establishing both a processing delay and a permanent deletion standard. This creates an irreversible endpoint for account recovery a…
The retention standard ties data persistence to multiple operational categories—service delivery, regulatory compliance, dispute resolution, and agreement enforcement—rather than establishing a fixed…
This definition establishes the scope of information subject to Stripe's data handling practices and retention policies. The broad categorization of Personal Data—including technical identifiers like…
The retention standard creates an operational baseline tied to functional necessity and legal mandate rather than a fixed timeline, establishing that retention duration varies by data category and re…
Data retention for compliance and fraud prevention is standard operational practice in payment processing, as financial services entities are subject to regulatory mandates requiring preservation of …
Data retention policies establish the operational timeline for when personal information is deleted or anonymized from company systems, which affects the scope and duration of data processing activit…
This provision establishes T-Mobile's operational framework for data lifecycle management, requiring documented retention decisions based on defined criteria rather than indefinite storage. The frame…
This provision establishes the operational framework for T-Mobile's data lifecycle management, defining retention periods across multiple service categories and business functions. The clause grounds…
The provision creates a dual retention framework: a service-necessity standard for ongoing operations, and a broader set of institutional purposes (legal compliance, dispute resolution, fraud prevent…
This provision establishes Target's data retention framework by anchoring retention periods to multiple operational and legal criteria rather than fixed timeframes. The clause authorizes extended ret…
This provision establishes the operational framework for Target's data retention practices by specifying retention is conditioned on purpose fulfillment and regulatory compliance obligations, rather …
The provision operationalizes how long Thomson Reuters maintains personal data across its systems and establishes the criteria governing retention decisions. This framework directly affects data life…
The clause creates a dual-trigger retention standard: service necessity and account deletion status. This approach authorizes indefinite retention during active service use while conditioning data re…
The provision creates a data lifecycle framework that ties retention periods to regulatory compliance obligations and operational necessity, while establishing authorized uses of sensitive health inf…
The clause establishes TikTok's data-sharing framework by carving out a specific prohibition on third-party sharing for behavioral advertising in jurisdictions with legal restrictions, while maintain…
This provision establishes the operational framework for how long TransUnion maintains personal data in its systems. The retention standard ties data lifecycle to specific institutional functions rat…
The provision operationalizes TurboTax's retention obligations by establishing a multi-factor standard—service delivery, legal compliance, dispute resolution, and agreement enforcement—rather than fi…
The provision grants Twilio operational discretion to determine retention duration based on stated purposes and legal obligations rather than establishing defined retention windows. This approach all…
This provision establishes the operational framework for data handling post-account termination, specifying that data deletion is not immediate but occurs after a defined retention period determined …
The clause defines the operational scope and duration of data retention by linking retention periods to specific business and legal functions rather than establishing fixed time limits, which affects…
The clause defines the operational scope and duration of data retention by linking retention periods to specific business and legal purposes rather than establishing fixed retention windows. This est…
The provision operationalizes data retention by tying the retention period to purpose fulfillment and legal requirements rather than establishing a fixed deletion timeline. This creates a variable re…
This clause operationalizes data subject rights by defining the mechanism and scope of individual data access and deletion requests. The provision also establishes Uber's retention authority for data…
This clause establishes a procedural mechanism by which users can exercise data subject rights recognized under applicable privacy laws. The provision's scope and applicability depend on the user's l…
The provision establishes a flexible retention framework that ties data persistence to operational and legal necessity rather than fixed time periods. This structure authorizes retention decisions ba…
The provision establishes the operational basis for chatbot data collection and use, defining the permissible purposes for processing support interactions and specifying retention authority for quali…
The clause establishes the operational framework for data handling within the Support Chatbot feature, defining the permissible uses of conversation data and establishing that users bear responsibili…
The provision defines the operational framework for data lifecycle management post-closure, establishing that retention duration depends on identification of legitimate business purposes rather than …
The clause operationalizes data retention by anchoring it to functional necessity rather than fixed time periods, which means retention duration varies based on the specific purposes for which data w…
The operational significance of this provision is that it establishes a specific authorized use case for customer data beyond transactional service delivery. The program generates aggregate behaviora…
The retention standard ties data lifecycle to operational necessity rather than a fixed time period, creating a framework where retention duration varies by purpose. The safeguards commitment establi…
The clause defines the operational scope and duration of data retention practices, establishing that retention periods are determined by functional necessity rather than fixed time limits, and explic…
Data retention tied to business and legal obligations creates a framework where retention periods are not fixed or user-controlled, but instead determined by Visa's assessment of regulatory mandates …
This provision establishes the operational framework governing how long Walmart maintains personal data in its systems. The clause ties retention duration to specific business and legal functions rat…
The provision defines the operational scope of data retention by linking persistence to service delivery and legal obligations, while separately authorizing prolonged retention of location and usage …
The provision grants operational discretion to Waze in determining retention timelines across different data categories, subject to legal compliance and stated purposes. This framework allows the ent…
This provision reflects a constraint on Wealthfront's data deletion practices arising from financial regulatory obligations rather than a discretionary policy choice. The operational significance is …
This provision establishes Webull's operational framework for data lifecycle management post-account closure. The retention criteria create a standard whereby personal information persists in systems…
This clause defines the operational boundaries for how long Webull stores user data, establishing that retention periods are governed by necessity of purpose and legal compliance rather than indefini…
This provision operationalizes data subject rights commonly established under privacy regulations. It establishes the procedural framework through which users can exercise control over their personal…
The provision operationalizes distinct data deletion protocols based on the method of account termination, establishing that the in-app deletion process triggers immediate removal of specified data c…
The clause operationalizes account deletion procedures while establishing exceptions that preserve data in backup infrastructure and under legal retention obligations, creating a tiered deletion time…
This provision establishes the data retention and deletion procedures that govern how WhatsApp handles user information lifecycle management. The distinction between active deletion and backup retent…
The clause establishes an operational procedure for account termination triggered by payment method failure at renewal, while limiting the company's legal exposure for such deletion through an explic…
The clause establishes a discretionary data handling framework for Pro Users, permitting them to implement stricter data retention and usage controls than the default service terms, with explicit car…
The provision operationalizes different data handling standards based on subscription tier, with enterprise and team arrangements automatically excluding data retention while individual users must af…
The provision creates a conditional data governance framework where Pro Users can elect restrictive data practices for standard operations, but the restrictions are suspended when using designated mo…
The clause defines the operational framework for data lifecycle management, establishing that retention is conditioned on service delivery necessity and legal compliance rather than indefinite retent…
The retention policy creates operational distinctions across data categories, establishing different lifecycle periods based on information type and legal or business justification, which determines …
The provision creates a phased deletion structure that balances account removal with data recovery capability, establishing a 30-day operational window before permanent deletion processes commence. T…
This provision establishes X's data retention framework and specifies exceptions to deletion requests. The operational significance is that account deletion does not automatically result in complete …
The clause distinguishes between public post visibility (which is modified upon closure) and data retention (which continues for purposes stated in the Privacy Policy), establishing that account clos…
This provision establishes the operational framework for data handling after account termination, specifying both the limitations on personal information visibility and the circumstances under which …
The provision establishes discretionary authority for data retention duration based on internal company assessments of business and legal necessity, rather than fixed schedules or external review pro…
The provision operationalizes data deletion by distinguishing between functional removal (stopping active use in personalization) and complete data removal from backend systems, establishing a define…
The provision operationalizes Google's discretionary retention authority while creating user-accessible deletion mechanisms. This establishes the operational basis for differentiated data lifecycle m…
The provision operationalizes Google's approach to managing data lifecycles across its systems, establishing differential retention periods and outlining the procedural steps Google undertakes follow…
The provision operationalizes Google's discretion to maintain data across multiple retention categories rather than applying a uniform deletion timeline. This structure allows the entity to balance u…
The provision establishes user-initiated control mechanisms for personal data management and advertising preferences. These controls operate as self-service administrative functions that allow users …
The provision operationalizes Google's data lifecycle management by creating distinct retention categories rather than uniform retention periods. This structure allows the company to maintain data ne…
The retention schedule creates distinct operational timeframes for different data classes, with longer retention for B2B institutional relationships compared to consumer browsing data. This structure…
The extended retention period establishes a data lifecycle standard for B2B personal information that exceeds the active relationship duration, reflecting compliance or operational requirements for f…
The provision operationalizes data subject rights that vary by jurisdiction and establishes the procedural mechanism through which users can exercise statutory privacy rights. The clause conditions t…
Without clearly specified retention periods, it is difficult for users to know how long their job search history, resume data, and profile information will remain in ZipRecruiter's systems and access…
This provision operationalizes legal obligations arising from privacy regulations in different jurisdictions (such as GDPR, CCPA, and similar frameworks) by recognizing that users may initiate reques…
The provision establishes a data deletion mechanism with two operational components: a general deletion right subject to limitations, and an expedited deletion pathway for conversation-level data wit…
The clause establishes a two-stage deletion process: immediate removal from user-facing history followed by backend deletion within a specified retention window, creating a defined data lifecycle for…
The clause defines the retention standard as tied to business necessity and legal compliance rather than specifying fixed retention periods, meaning data persistence duration depends on the company's…
The retention requirement reflects Betterment's obligation to comply with federal recordkeeping standards that mandate preservation of customer financial records. This practice affects the company's …
The provision creates an operational framework where data retention is bounded by purpose-limitation principles, with an exception carved for legally mandated storage. This establishes both a default…
This provision creates an operational mechanism through which users can exercise statutory privacy rights under applicable data protection laws. The clause establishes Cursor's procedural obligations…
The provision operationalizes different data retention policies between API users and paid plan subscribers, establishing automatic deletion as the default practice for API submissions while preservi…
The provision operationalizes Delta's data sharing practices by notifying customers of partner relationships and establishing a framework for customers to exercise control over privacy settings, ther…
This clause defines the operational framework governing how long DoorDash maintains user data in its systems. The retention standard ties data persistence to functional necessity and legal requiremen…
Data retention periods define the operational duration of personal data storage and establish when deletion or anonymization occurs. This provision determines the scope and duration of Ledger's data …
The clause operationalizes data subject rights by specifying the mechanisms through which users can exercise control over their account information and personal data records, establishing LinkedIn's …
The provision establishes a variable retention framework rather than fixed deletion schedules, meaning data retention periods are determined by operational necessity and legal obligation rather than …
The provision operationalizes data subject rights by designating a specific portal where users can exercise control over their personal data. This establishes the procedural mechanism through which M…
This provision establishes the operational framework governing Notion's data lifecycle management and defines the triggering events for data deletion. The retention standard tied to stated purposes a…
The clause defines the operational framework governing data lifecycle management, establishing both the primary retention period (service delivery and policy purposes) and extended retention categori…
This provision establishes the operational framework for data retention lifecycle management, distinguishing between Customer Data (subject to customer-directed retention controls) and Other Informat…
This provision establishes Slack's age-gating requirements and creates a procedural channel for compliance with children's privacy regulations. The notification-based deletion mechanism establishes o…
The provision operationalizes Snapchat's data lifecycle management by defining automatic deletion schedules for ephemeral content while carving out exceptions for legally-required or operationally-ne…
The clause implements regional data protection obligations, primarily under regimes like GDPR, by providing a defined mechanism through which users can submit and Stability AI can process individual …
This clause establishes the legal basis for Threads' data retention practices and defines the retention scope by functional utility rather than explicit time limits. It authorizes retention of both d…
This provision establishes the operational framework governing how long Twilio maintains personal data. The retention determination process is structured around multiple criteria rather than a fixed …
The provision establishes a procedural mechanism through which users can exercise data subject rights under applicable privacy regulations. It defines the scope of requests Uber will process and ties…
The clause defines the operational scope and duration of data retention by establishing three retention triggers: service delivery, legal obligation, and dispute/enforcement purposes. This framework …
Data retention and security policies establish the operational framework governing how long personal data remains in Walmart's systems and what technical and administrative controls apply to that dat…
This provision establishes the operational framework governing how user-initiated account termination and data removal are handled, defining the company's obligations and procedures when users exerci…
Create a free account and watch the platforms that matter to you. We'll email you the moment something changes.
A data retention clause is a provision in a platform's terms of service or privacy policy governing data retention-related rights, obligations, or restrictions.
ConductAtlas tracks 177 platforms with data retention clauses - roughly 52% of platforms in the archive. 31 are classified as high severity.
Severity reflects the magnitude of rights waived, availability of opt-out, breadth of users affected, financial or legal exposure created, and the degree of discretion retained by the platform.