This provision establishes the entity's operational policy regarding compliance with children's privacy protections under applicable law (including COPPA in the U.S.). The deletion mechanism creates a procedural requirement when non-compliant collection is identified.
Minecraft
· Minecraft End User License Agreement
The clause allocates account creation responsibility and terms acceptance to parents or legal guardians rather than minors, establishing the administrative and contractual authority structure for accounts associated with minor users.
This provision allocates legal responsibility for underage user conduct to parents or guardians who authorize Service access. It establishes the operational framework through which the Service permits younger children to access its platform while designating parental accountability for compliance with the Service terms.
This provision authorizes Mistral AI to act as an independent Controller for AI training purposes, which is a distinct legal role from its Processor role, and means the data use is governed by Mistral AI's own purposes rather than solely by customer instructions. Business customers must actively opt out or select an opted-out-by-default product to prevent this processing.
The provision establishes a tiered consent model where the opt-out right does not apply uniformly—certain categories of user-submitted content (feedback and flagged materials) remain available for model training regardless of opt-out status. This creates an operational distinction between materials subject to user preference settings and materials subject to mandatory training use.
xAI
· xAI Terms of Service
The clause creates a bifurcated data governance framework: logged-in users receive an affirmative choice mechanism regarding model training use of their content, while non-authenticated users operate under an authorization permitting unrestricted data use for these purposes. This distinction establishes different data handling pathways based on authentication status.
The provision creates a conditional data usage framework where the opt-out applies to routine training operations but does not extend to feedback submissions or safety-flagged materials. This structure maintains Anthropic's ability to incorporate safety-related materials into model training even when users have elected out of general training use.
The provision creates a default data use practice for model training while preserving the company's ability to use flagged or reported content for safety enforcement and AI safety research purposes even after opt-out. This operational structure means the opt-out mechanism does not fully restrict data use in safety-critical or user-initiated reporting scenarios.
The provision establishes a mechanism for disclosing state-specific privacy rights and obligations that operate alongside the primary privacy policy. This structure acknowledges differential legal requirements across multiple state privacy statutes, including the California Consumer Privacy Act and similar state-level frameworks.
This provision authorizes collection and advertising use of telecommunications network data, including call records and browsing activity at the network layer, which is subject to FCC CPNI obligations as well as general consumer privacy frameworks. The combination of network-layer data collection with advertising product development is operationally distinct from data practices of non-carrier companies.
Cohere
· Cohere Enterprise Data Commitments
This provision directly addresses a common concern for enterprise customers deploying AI: whether proprietary business data submitted as prompts or documents could be incorporated into shared model training. The document states this requires explicit opt-in rather than an opt-out.
The clause establishes the baseline data-sharing practice as permissible sharing with nonaffiliates for marketing, with opt-out as the mechanism through which customers can restrict this activity rather than requiring prior consent.
This provision means your activity across a wide range of third-party digital and physical environments can be linked back to your Meta profile and used to target you with advertising, even if you never consciously shared that activity with Meta.
This provision states that Pinterest's advertising data collection is not limited to activity on its own platform; it extends to third-party sites and apps that have embedded Pinterest partner tools, meaning your browsing behavior elsewhere on the internet may inform the ads you see on Pinterest.
This provision establishes that Meta's data collection extends beyond its own products to include off-platform browsing, purchase, and behavioral data sourced from third parties, which is incorporated into user profiles used for advertising and personalization across Meta's services.
This provision operationalizes Eventbrite's obligation to provide users with a method to exercise opt-out rights under applicable privacy regulations. The specified mechanism—accessible link, toggle submission, and Privacy Center processing—establishes the procedural pathway through which the company processes and honors opt-out elections.
The clause operationalizes CCPA/CPRA compliance requirements by creating a documented mechanism for California residents to control data sale and sharing practices. It establishes a specific processing timeline and creates a special protection category for minors under 16.
Calm
· Calm Privacy Policy
The provision establishes Calm's operational practices regarding targeted advertising and specifies the mechanism by which California residents can exercise opt-out rights under state privacy statutes. It clarifies that certain data handling practices fall within the scope of regulated activities under privacy laws and designates a specific process for consumer objection.
The terms establish that Admin Users can enable prompt logging, chat logging, and model training for all Authorized Users in their organization; individual Authorized Users may not have independent visibility into or control over these configurations.
This provision delegates data handling configuration, including prompt logging and model training enablement, to organizational Admin Users rather than to individual Authorized Users. The data handling posture of Authorized Users, including whether their prompts are logged or used for model training, is determined by Admin User settings rather than individual consent.
Oura
· Oura Privacy Policy
This provision establishes that Oura's privacy obligations cease to directly govern user health data once it is shared with a Data Recipient, shifting data controller responsibility to the receiving entity. Compliance teams evaluating employer wellness deployments or research partnerships should assess whether the consent mechanism presented to users meets applicable standards for valid, freely given consent, particularly under GDPR Article 9 in employment contexts.
Parents who set up or accept the Terms for a child's Epic Games Account take on full financial responsibility for all transactions, including unauthorized or unexpected purchases made by the child, which can create significant financial exposure in games with in-app purchase mechanics.
The parental consent requirement creates a gatekeeping mechanism that aligns the service with legal obligations under the Children's Online Privacy Protection Act (COPPA). This provision establishes the operational structure through which the service differentiates access based on age and obtains documented authorization from account holders legally responsible for minors.
Parental controls are opt-in rather than default, meaning children may access unrestricted content and their data may be collected under standard adult data practices unless a parent actively configures these settings.
This provision establishes the consent basis under which Google shares location, payment, and device data with a broad set of third parties. The non-exhaustive list of recipients and the absence of specific data retention or enumeration language may require evaluation under GDPR and equivalent national data protection frameworks in non-US jurisdictions.
The operational significance is that opt-out effectiveness is contingent on per-device and per-browser implementation rather than account-level settings, which means the burden of compliance maintenance falls on the user across multiple access points. Cookie clearing events trigger the need to re-execute opt-out procedures, creating an ongoing procedural requirement tied to browser behavior.
Roblox
· Roblox Privacy and Cookie Policy
The collection of persistent identifiers enables core platform operations including device connectivity, user recognition across sessions, and advertising delivery. This data collection supports both infrastructure maintenance and commercial functions within the service.
Roblox
· Roblox Privacy Policy
This provision invokes the COPPA internal operations exception to justify collecting persistent identifiers from children without separate verifiable parental consent. The scope of permitted uses, including contextual advertising frequency capping, may warrant evaluation against FTC guidance on what constitutes permissible internal operations under COPPA.
Google Ads
· Google Ads Advertising Policies Overview
This provision restricts advertiser use of sensitive data categories for audience targeting, establishing platform-level limitations on targeting functionality that interact with data protection law prohibitions on processing sensitive personal data.
Your face and voice are among the most sensitive categories of personal data and may qualify as biometric data under Illinois, Texas, or Washington state law, triggering specific consent, retention, and deletion obligations.