Klarna
· Klarna Privacy Policy
Your personal data flows to merchants when you use Klarna at checkout; the merchant's own privacy practices then govern how that data is used, which may be different from Klarna's own policy.
Uber
· Uber Privacy Notice
This provision authorizes real-time location and identifying information to be made visible to members of the public (riders and recipients), which creates personal safety considerations for drivers and constitutes a distinct data sharing pathway from internal or business partner disclosures.
This provision defines the operational boundaries of external data sharing, including sharing with domain administrators (relevant to Google Workspace users) and partners engaged for processing; the stated restrictions are subject to the listed exceptions, which include broad legal and safety grounds.
Declining to provide certain personal data could result in loss of access to ZipRecruiter's job search or recruiting services, framing data provision as a prerequisite for service access rather than a freely given choice.
The clause operationalizes Revolut's obligations under data protection regulations by establishing procedural mechanisms through which users can assert control over personal data processing. The provision specifies both the substantive rights available and the operational channels through which those rights may be exercised.
These rights are the primary mechanism by which individuals can control their personal data held by Checkout.com, and knowing the contact point and applicable rights is essential to exercising them effectively.
Adyen
· Adyen Privacy Policy
This clause implements statutory data subject rights obligations, establishing the procedural mechanism through which individuals may exercise control over their personal data held by Adyen. The availability of designated contact channels creates an operational requirement for Adyen to receive and respond to rights requests according to applicable data protection frameworks.
The policy discloses specific rights and a contact mechanism, which is relevant because the practical scope of these rights may differ depending on whether the user is a direct consumer or accessing Atlassian through an employer account, where the employer administrator controls data.
This clause operationalizes data subject rights under privacy regulations by establishing the procedural mechanism through which individuals can exercise statutory rights and outlining the verification requirements Apple applies before fulfilling requests.
The provision operationalizes data subject rights commonly required under privacy regulations such as GDPR and CCPA by establishing a framework through which users can exercise control over their personal information retained and processed by the service provider.
The clause implements regional data protection obligations, primarily under regimes like GDPR, by providing a defined mechanism through which users can submit and Stability AI can process individual data rights requests. The operational significance lies in establishing the contact point and acknowledging the jurisdiction-dependent scope of these rights.
Netflix
· Netflix Privacy Statement
This clause creates a procedural mechanism for exercising data subject rights under privacy regulations. By designating a specific contact and email address, the provision establishes the operational pathway through which Netflix processes access, deletion, portability, and correction requests.
Klarna
· Klarna Privacy Policy
These provisions implement statutory data subject rights under regulations like GDPR and similar privacy frameworks, establishing formal mechanisms through which individuals can exercise control over personal data processing and obtain transparency into data holdings.
DeepL
· DeepL Privacy Policy
This provision enumerates the data subject rights DeepL recognizes and the mechanism through which users may exercise them. The right to lodge a supervisory authority complaint provides a direct regulatory escalation path independent of DeepL's own response.
The policy states that data subject rights are exercised through Microsoft's central privacy dashboard rather than through Minecraft-specific channels, which affects how users locate and exercise these rights in practice.
You have formal rights over your personal data held by Mistral AI, and the company has designated a DPO as a named point of contact, which is a meaningful accountability mechanism under GDPR.
These rights are legally enforceable in jurisdictions like California, Colorado, and the EU, meaning Databricks is required to respond to valid requests within specific timeframes and cannot penalize you for exercising them.
Stripe
· Stripe Privacy Policy
The clause establishes the foundational scope and transparency structure of Stripe's privacy practices, including disclosure of data handling procedures and affirmation of data subject rights available under applicable privacy regulations.
The clause operationalizes Apple's compliance with regional privacy regulations (such as GDPR and similar frameworks) by documenting the specific data subject rights Apple recognizes and the mechanism through which users may exercise consent withdrawal. This establishes the procedural framework through which Apple handles requests related to personal data management.
The clause operationalizes data subject rights under privacy regulations by designating a contact point (privacy@oneidentity.com) and establishing a compliance timeline tied to statutory requirements, which creates an administrative process for handling individual data requests.
These rights give users meaningful control over their personal data, but they require users to actively exercise them and understand which rights apply in their jurisdiction.
These rights are legally enforceable under GDPR and UK GDPR, and Palantir is required to respond within specific timeframes — typically 30 days — or provide a reasoned refusal.
DeepL
· DeepL Privacy Policy
These rights give users meaningful control over their personal data held by DeepL, including the ability to request deletion of account information and any retained translation inputs.
This provision operationalizes Mistral AI's GDPR compliance framework by explicitly defining the types of personal data subject to rights requests and establishing a procedural mechanism for users to exercise data access, correction, deletion, and portability rights under applicable EU data protection law.
Your personal data could be transferred to a different company with potentially different privacy practices if Substack undergoes a change of ownership, and the policy does not guarantee notice to users before such a transfer occurs.
Using home security event data for product improvement means that information about when alarms are triggered, which sensors activate, and how you interact with your system may be analyzed beyond the immediate purpose of protecting your home.
The clause establishes Delta's intellectual property ownership over website content and invokes copyright protection as the legal basis for controlling use and distribution of materials on the platform.
RunPod
· RunPod Privacy Policy
A consent-first default configuration is a positive privacy practice that means tracking should not activate until you explicitly agree, particularly for EU users subject to GDPR and the ePrivacy Directive.
Ring
· Ring Privacy Notice
Default encryption means your video footage has a baseline level of protection against unauthorized interception during transmission and unauthorized access in cloud storage, without requiring technical knowledge to configure.
The scope of this permission depends entirely on whether de-identification actually meets legal standards, since improperly de-identified data can still be linked back to individuals, particularly in the crypto context where wallet addresses are pseudonymous rather than anonymous.