Calm
· Calm Privacy Policy
The provision establishes the operational framework under which user information becomes transferable during corporate restructuring events. This defines the scope of authorized data transfers outside the normal course of service provision and clarifies that user data constitutes a transferable asset in M&A contexts.
EA
· EA Privacy and Cookie Policy
This provision establishes the operational framework for information continuity during corporate transactions, clarifying that user data may transfer to successor entities or acquirers while conditioning consent obligations on legal or contractual requirements rather than EA's discretion.
EA
· EA Privacy and Cookie Policy
A corporate transaction could result in your entire EA data history, including gameplay, purchase history, and communications records, being transferred to a new company with different privacy practices.
Calm
· Calm Privacy Policy
In a corporate transaction, your personal data including sensitive wellness and mood data could be transferred to a new entity whose privacy practices you have not agreed to.
Zelle
· Zelle Privacy Policy
Consumers reporting a fraud or scam may not expect that their personal details and account of the incident will automatically be forwarded to the other party's financial institution, which could affect how their report is handled.
The clause establishes the operational scope of data sharing across OpenAI's corporate structure and service delivery ecosystem. It defines categories of recipients who may access personal data as part of normal service operations, vendor management, and product development.
PayPal
· PayPal Privacy Statement
The clause establishes PayPal's authority to respond to legal demands and regulatory obligations by disclosing user information without prior notice. This reflects standard operational requirements for financial services entities subject to law enforcement access, regulatory oversight, and card network compliance obligations.
The clause establishes the conditions under which the entity may share personal data outside its direct control, including both mandatory disclosures pursuant to legal process and discretionary disclosures made at the entity's determination when specified conditions are met.
PayPal
· PayPal Privacy Statement
This clause establishes the operational framework under which PayPal may share user information with governmental and regulatory authorities without prior user consent. The provision specifies circumstances—legal compulsion, legal necessity, harm prevention, and compliance obligations—that trigger permissible disclosure, defining the scope of the entity's information-sharing obligations under law.
This provision establishes the conditions under which DocuSign may share user personal information with government and law enforcement entities without user consent. It defines DocuSign's disclosure obligations and discretionary authority in response to legal compulsion and certain operational circumstances.
The clause establishes Shopify's discretionary authority to share user personal information with government and law enforcement entities based on the company's assessment of legal obligations or safety concerns, without requiring prior notice to the affected user.
Lyft
· Lyft Privacy Policy
The provision establishes Lyft's authority to process and utilize background check and identity verification data as a standard operational practice. This authorization enables Lyft to conduct safety screening and verification procedures that are core to platform operations and risk management.
Slack
· Slack Terms of Service
This provision defines the data governance model for enterprise deployments, establishing the employer as the data controller within the workspace infrastructure. The administrative authority granted to employers affects how personal data, communications, and work product are managed, retained, and potentially transferred or deleted.
Stripe
· Stripe Privacy Policy
This allocation of data controller responsibilities clarifies the contractual relationship and legal obligations regarding personal data. It establishes that the Business User assumes primary responsibility for data subject rights and privacy compliance obligations, while Stripe operates under processor or service provider constraints.
Microsoft
· Microsoft Privacy Statement (Legacy)
This provision establishes a contractual data processing relationship where Microsoft's privacy obligations are defined by the enterprise customer's agreement rather than Microsoft's public privacy statement. The enterprise customer assumes primary responsibility for privacy compliance and data governance under this arrangement.
Enterprise API customers operate under different data terms than regular users, which means the data protections available to a business and its users depend on the specific contractual terms negotiated, not solely on this public privacy policy.
The agreement establishes a structured framework for EU customers to exercise data portability and deletion rights under the EU Data Act, including defined notice periods, transitional support obligations, and post-switch data retention and deletion procedures.
This provision creates a hierarchical governance structure for personal data transfers between the EU/UK and US, establishing DPF compliance obligations as the controlling standard. The clause operationalizes TaskRabbit's accountability under the DPF enforcement regime administered by the US Department of Commerce and relevant EU/UK authorities.
Your personal data does not stay only with Ticketmaster; it flows to multiple third parties who may use it independently, including for their own marketing, and you may have limited visibility into what each Event Partner does with your information once received.
The external processing carve-out means that third-party vendors and affiliates may access your child's data as processors, even without specific parental consent for each such transfer, provided they operate under Google's instructions and privacy commitments.
Rating any Claude output triggers storage of the entire associated conversation as feedback and grants Anthropic unrestricted use rights over that conversation, including for model training, regardless of whether you have opted out of training in your account settings.
Clicking thumbs up or down on a response is a common and seemingly minor action, but it triggers storage of the full conversation as feedback that is exempt from the training opt-out and can be used by Anthropic without limitation.
Stripe
· Stripe Privacy Policy
The policy authorizes sharing of payment and identity data with a broad category of Financial Partners, which includes entities consumers may not have a direct relationship with or awareness of.
Because McDonald's franchisees are independent business operators rather than direct McDonald's employees, data shared with them may be subject to different privacy practices and accountability structures than data retained by McDonald's corporate.
Stripe
· Stripe Privacy Policy
The clause establishes the operational structure through which Stripe delivers financial services, clarifying that service provision occurs through a network of partner financial institutions rather than Stripe alone, which has implications for data flow, liability allocation, and service availability across the payment processing chain.
Zelle
· Zelle Privacy Policy
The clause establishes the operational procedure for fraud report distribution within Zelle's network of financial institutions. This disclosure mechanism enables recipient banks to receive fraud information directly, which supports fraud investigation and prevention processes across participating institutions.
The clause allocates responsibility for data handling between Google and extension providers by limiting Google's accountability for third-party privacy practices while establishing that users' data flows to external entities under separate contractual frameworks.
This provision authorizes sharing of Personal Information with generative AI service providers as part of Substack's service provider relationships. The absence of specific provider names and data category limitations for AI services creates uncertainty about the scope of Personal Information that may be processed by third-party AI systems on Substack's behalf.
This provision sets the operational boundaries for how the platform may be utilized. It establishes the primary use cases under which the service is offered and frames the intended application of genetic data and analysis tools.
Your Ticketmaster profile may be enriched with demographic and interest data sourced from third-party advertising partners rather than information you provided directly, which broadens the scope of personal data held about you beyond what you knowingly shared.