Found in 38 of 343 platforms tracked (11% adoption) · 40 provisions
This provision establishes Equifax's security obligations and the standard of care (reasonable measures rather than absolute protection) applicable to personal information in its possession. The clau…
The clause establishes Ledger's security standard as 'commercially acceptable means' rather than absolute protection, defining the operational scope of the entity's security obligations and limiting …
The provision defines the scope of Plaid's security responsibilities and establishes baseline protections for financial data processed through the platform. This framing clarifies what security pract…
The security interest establishes a creditor claim against account assets that Robinhood can assert to satisfy customer obligations. The rehypothecation authorization permits Robinhood to use custome…
This provision sets the operational standard for T-Mobile's security obligations by defining what protections are in place while establishing the notification requirement that governs T-Mobile's proc…
The collection of government identification data enables Uber to perform identity verification and background screening processes required for onboarding and ongoing compliance with regulatory and ta…
The provision allocates security obligations and liability exposure between the parties. By establishing user responsibility for account monitoring and prompt breach notification, the terms define th…
This provision establishes Acorns' security practices and contemporaneously limits the scope of security assurances provided, allocating risk exposure related to inherent limitations of internet and …
The clause allocates account security obligations to the user rather than Amazon, establishing that the account holder is liable for unauthorized activity conducted through their credentials. This fr…
The provision establishes the scope of BAM's data handling authority across the corporate group and identifies the Privacy Policy as the governing instrument for information practices. This framing e…
This provision allocates account security obligations and liability to the user rather than the service provider. The clause establishes that credential-based access triggers a presumption of authori…
This provision establishes Chase's operational framework for information security and access controls. It defines the baseline security practices and access restrictions that govern how the bank hand…
The clause establishes Chime's operational obligation to maintain security infrastructure and frames this obligation by reference to federal legal compliance standards rather than specifying particul…
The clause allocates security obligations and liability risk to the account holder rather than the service provider, establishing that GitHub's liability for account compromise or unauthorized activi…
This provision establishes Glean's security obligations and specifies the notification procedures that govern breach response. It allocates responsibility between Glean (notification to business cust…
This provision establishes Khan Academy's security obligations while defining the limits of those obligations through a non-guarantee clause. The institutional framing acknowledges inherent limitatio…
This clause defines Lyft's operational obligation regarding data protection infrastructure. It establishes that the company maintains security controls to prevent compromise of user information, whic…
This clause establishes the security framework Mercury maintains and creates a limitation on the guarantees provided regarding data protection. The operational significance lies in setting the baseli…
This clause allocates security obligations and liability between the user and Meta. By requiring user notification of breaches and disclaiming Meta's liability for user-caused security failures, the …
This commitment establishes Microsoft's operational framework for protecting AI systems against technical attacks and integrity threats throughout the system lifecycle. The provision formalizes secur…
This provision defines Microsoft's operational framework for managing privacy and security risks in AI deployments. It establishes baseline expectations for how personal data is protected and how AI …
This provision establishes Miro's security obligations and establishes the notification framework governing breach response. The clause creates dual accountability—to affected users and to regulatory…
This provision establishes operational boundaries on permissible use by restricting activities that could degrade system integrity, create security risks, or undermine safety mechanisms. The restrict…
This provision establishes Monday.com's security obligations and the conditions triggering mandatory breach notification. It clarifies that while security measures are implemented, absolute security …
This clause establishes Nintendo's security obligations while defining the limits of those obligations through a security-as-reasonable-efforts standard rather than a guarantee of absolute protection…
This provision establishes Palantir's security obligations while simultaneously defining the scope of those obligations and noting inherent limitations in data protection technology. The acknowledgme…
This provision establishes Progressive's security practices while defining the limits of its security obligations. The inclusion of a security limitation clause clarifies that Progressive's liability…
This provision establishes the security standard the entity commits to maintain while explicitly defining the limits of that commitment. The acknowledgment of inherent security limitations in interne…
The provision establishes encryption as a mandatory baseline security control rather than an optional feature, meaning all video data receives this protection without requiring user configuration. Th…
The operational significance of this clause is limited, as it articulates a general design principle rather than establishing enforceable obligations or specific privacy protections. The statement fu…
This provision establishes Squarespace's commitment to implement protective measures while limiting the scope of that commitment by stating the inherent limitations of security practices. The acknowl…
This allocation of responsibility establishes the operational framework for account security accountability. By assigning full responsibility to the account holder, the provision defines TaskRabbit's…
This provision establishes Thomson Reuters' operational obligation to maintain a security posture commensurate with industry practice and proportionate to the sensitivity of data processed. The claus…
The clause allocates security responsibility by committing to a reasonable security standard while explicitly disclaiming liability for breaches resulting from the inherent vulnerabilities of digital…
This provision establishes Webull's security obligations while defining the scope of those obligations and the limits of the company's liability for security failures. The disclaimer of absolute secu…
This provision establishes Wix's security obligations as reasonable efforts rather than absolute assurance, and allocates risk by clarifying that residual security vulnerabilities remain inherent to …
The clause creates operational requirements for account security that define the customer's responsibility for protecting authentication credentials and detecting compromise. This allocation of secur…
This provision establishes Fastly's baseline security obligations while defining the limits of those obligations through a security disclaimer. The clause operationalizes the company's commitment to …
This provision establishes Signal's architectural inability to access message content, which defines the scope of data Signal processes and controls. The queuing mechanism for offline delivery repres…
This provision establishes the technical and operational architecture for a specific message category, defining what data Telegram retains and how encryption is applied within the Secret Chat functio…
Create a free account and watch the platforms that matter to you. We'll email you the moment something changes.
A security clause is a provision in a platform's terms of service or privacy policy governing security-related rights, obligations, or restrictions.
ConductAtlas tracks 38 platforms with security clauses - roughly 11% of platforms in the archive. 7 are classified as high severity.
Severity reflects the magnitude of rights waived, availability of opt-out, breadth of users affected, financial or legal exposure created, and the degree of discretion retained by the platform.