In-store data collection through cameras and other technologies may capture biometric or behavioral data beyond what customers expect from a typical retail transaction, and the use of such data for marketing purposes creates disclosure and consent obligations under state privacy laws including Illinois BIPA and California's CPRA.
Third-party tracking technologies operated by analytics and advertising partners collect behavioral data independently and may combine it with information they hold about you from other sources, extending the data profile beyond what Grubhub alone controls.
Workday
· Workday Privacy Statement
Workday retains applicant data after rejection for an unspecified period for 'future consideration,' which may result in your sensitive professional and personal information being held indefinitely without your active knowledge or ongoing consent.
Diversity information, which may include characteristics protected under federal or state law, is collected from job applicants and retained for recruitment statistics purposes; applicants should understand what they are disclosing and how it may be used.
Voluntarily provided diversity information (which may include race, ethnicity, disability status, or gender) is sensitive personal data under multiple frameworks, and its collection and use requires careful legal handling.
Job application data is among the most personally sensitive information you can share, and once transmitted to employers through the platform, Glassdoor's privacy protections may no longer apply to how that employer handles your data.
Adyen
· Adyen Privacy Policy
Long-term retention of government-issued identity documents creates significant data security risk — a breach of this data could expose you to identity theft with data that cannot be changed, like passport numbers or national ID numbers.
Relying on legitimate interests rather than consent means Telegram does not need to ask your permission to collect and process data, though you have the right to object to such processing under GDPR.
The collection of unique identifiers associated with other Facebook Company products on the same device creates a technical linkage between your WhatsApp usage and your activity on other Meta platforms, supporting cross-platform data integration described elsewhere in the policy.
Precise location data combined with financial transaction data can reveal sensitive information about where you live, work, and spend money, and this data is available to third-party analytics and advertising partners under the policy.
Location data combined with AI conversation content can create a detailed profile of a user's activities, health concerns, relationships, and behavior — even if individual data points seem innocuous.
Using legitimate interests rather than consent for location and device data collection means TaskRabbit does not need your permission before collecting this data — though EU/UK users retain the right to object to this processing.
Precise location data is among the most sensitive categories of personal information, and its use for advertising personalisation raises significant privacy concerns especially for vulnerable users.
TikTok
· TikTok Privacy Policy
Approximate location is collected by default even without enabling location services, and precise location is available if you grant the permission, enabling detailed tracking of your physical movements.
The policy authorizes collection of precise and approximate location data for advertising and personalization purposes, which represents a category of data that can reveal sensitive personal patterns including home address, workplace, and frequented locations.
Location data enables Paramount+ to control which content you can access based on where you are, and may also be used for advertising targeting purposes, making it a category of data with both service and commercial uses.
Airbnb
· Airbnb Privacy Policy
The policy authorizes collection of precise location data, which is classified as sensitive personal information under CPRA and subject to heightened processing restrictions, and which may reveal sensitive patterns of movement or behavior.
The policy authorizes collection of both approximate location (from IP address and device settings without explicit permission) and precise location (with device-level permission), which may be used for content personalization, advertising, and other purposes.
Location data is sensitive personal information that can reveal where you live, work, and travel, and its use for advertising purposes goes beyond what many users would expect from a streaming service.
Even if you deny GPS location permission, Apple can still infer your location from network signals and IP address, meaning location tracking is more pervasive than a simple permission toggle suggests.
Precise location data is among the most sensitive personal information because it can reveal home and work addresses, medical appointments, religious attendance, and other highly private activities.
Chase
· Chase Privacy Notice
Real-time location data is among the most sensitive categories of personal information, and its collection for marketing offers goes beyond what is strictly necessary to deliver core banking services.
Eufy
· Eufy Privacy Policy
Precise location data reveals sensitive behavioral patterns including your home address, daily routines, and periods of absence, making it one of the most privacy-sensitive data categories collected by consumer devices.
Precise location data is among the most sensitive categories of personal information and, when combined with Meta's broader data sharing practices, can reveal home address, workplace, religious attendance, medical visits, and other sensitive behavioral patterns.
Zillow
· Zillow Privacy Notice
Precise location data is among the most sensitive personal data categories and can reveal daily routines, home address, and patterns of movement; its sharing with third-party providers extends its exposure beyond Zillow.
Location data is among the most sensitive categories of personal information because it can reveal home address, health-related visits, religious practices, and other behavioral patterns over time.
Venmo
· Venmo Privacy Policy
The policy authorizes collection of both precise device geolocation and IP-derived approximate location, creating a location history associated with the user's financial activity and identity.
Precise location data is among the most sensitive categories of personal information, and its collection — even with permission — creates risks if retained long-term or combined with other data to infer sensitive information such as health conditions or religious practices.
Location data is among the most sensitive categories of personal information and can reveal patterns about your daily life, workplace, and behavior.
Precise real-time location data is one of the most sensitive categories of personal information because it can reveal where you live, work, worship, seek medical care, and who you associate with. The fact that this data may be shared with partners and licensees extends its reach beyond Apple.