These rights are legally enforceable under GDPR and CCPA, meaning AI21 is obligated — not just invited — to respond to your requests within statutory deadlines.
These rights are legally enforceable in the EU, UK, and California, meaning Stability AI is legally obligated to respond to your requests within set timeframes — typically 30 days under GDPR.
These rights give EU and UK users meaningful control over their personal data, including the ability to request complete deletion — though the practical ease and completeness of honoring such requests varies by platform.
Asana
· Asana Privacy Statement
These rights are legally enforceable for EU/UK and California users, but the practical ability to exercise them depends on whether you are an individual or employer-managed account user — employer-managed users must go through their organization.
These rights are legally enforceable under GDPR, CCPA, and other privacy laws, and DocuSign is required to respond within statutory timeframes — typically 30 days under GDPR and 45 days under CCPA.
These rights allow you to control your personal data, but they are conditioned on where you live — users outside of regulated jurisdictions like the EU, UK, or California may have fewer enforceable rights.
Knowing and exercising your data rights is the most direct way to control what Riot knows about you and to request deletion of your data including gaming history, device information, and communications records.
These rights — guaranteed under GDPR and CCPA — give you meaningful control over your personal data, but they are only available to the extent local law applies and require you to proactively submit a request.
Miro
· Miro Privacy Policy
These rights give you meaningful control over your personal information held by Miro, including the ability to have your data permanently deleted from their systems.
Stripe
· Stripe Privacy Policy
Your rights over your own financial and identity data vary significantly depending on where you live — EU and UK residents have stronger legal protections than US residents in most states.
Figma
· Figma Privacy Policy
These rights give you meaningful control over your personal data held by Figma, but the exercise of these rights depends on Figma's response timelines and the completeness of the data it identifies and returns.
Unity
· Unity Privacy Policy
These rights are particularly important given the scale of Unity's data collection from third-party apps — but exercising them may be difficult if you have never directly interacted with Unity and Unity cannot identify you without additional verification.
Intuit
· Intuit Privacy Statement
These rights are especially significant given the breadth and sensitivity of data Intuit holds, but they are geographically conditional — users outside California, the EU, and other regulated jurisdictions may have limited or no formal rights.
Uber
· Uber Privacy Notice
These rights are legally enforceable in many jurisdictions and represent the primary mechanism through which consumers can control how Uber uses their personal data.
Microsoft
· Microsoft Privacy Statement (Legacy)
Understanding and using these rights is essential for controlling what Microsoft knows about you — especially given the broad data collection across Microsoft's products — and these rights are legally enforceable in the EU, UK, California, and other jurisdictions.
The availability and enforceability of these rights varies significantly by jurisdiction, meaning not all users have the same level of protection or ability to control their data.
The availability and ease of exercising these rights varies by jurisdiction, and users in non-EU/UK regions may find their rights more limited; the policy directs users to contact Epic but does not specify legally mandated response timeframes.
Uber
· Uber Privacy Notice
Exercising your data rights is one of the most important tools you have to understand and control what Uber knows about you, but the effectiveness of these rights depends on Uber responding correctly and within required legal timeframes.
Okta
· Okta Privacy Policy
These rights are legally enforceable under GDPR and CCPA, but their practical value depends on Okta's response times and whether the controller/processor distinction limits what Okta will act on for enterprise end-users.
These rights give you meaningful control over your personal information and allow you to hold Riot accountable for how your data is used.
Cohere
· Cohere Privacy Policy
These rights allow consumers to control their personal data held by Cohere, but the policy conditions them on location, meaning not all users have equal access to these protections.
These rights are legally enforceable under GDPR and CCPA, and knowing how to exercise them gives you control over your data including any biometric recordings used for AI avatars.
Knowing how to exercise your privacy rights — and the timeline for response — is essential for consumers who want to control their personal information held by a major payment processor.
If you live in California, Colorado, Connecticut, Virginia, or other states with comprehensive privacy laws, you have enforceable rights to control how Cash App uses your data, including the right to opt out of having your data sold or shared with advertisers.
These rights are legally enforceable under GDPR and UK GDPR, giving EU and UK users meaningful control over their personal data and a clear escalation path to regulators if Cloudflare does not respond properly.
These rights are legally enforceable and Zendesk must respond within 30 days under GDPR — but the scope of rights you can exercise directly against Zendesk is limited if your data was processed through a business customer's Zendesk instance.
These rights under GDPR are enforceable by law, and if HubSpot fails to honor them within the required 30-day window, you can escalate to your national Data Protection Authority.
The policy acknowledges data subject rights under GDPR and CCPA, providing a contact mechanism for users to exercise access, correction, deletion, and restriction rights, which is a material protection for users in those jurisdictions.
Cohere
· Cohere Privacy Policy
This provision establishes the mechanism for users to exercise their privacy rights and names the contact point for submitting data requests, which is the primary action channel for consumers wanting to manage their personal data held by Cohere.
Auth0
· Auth0 Privacy Policy
This provision grants meaningful legal rights to EU, UK, and California users to control their personal data held by Okta, including the right to request deletion of marketing profiles and opt out of behavioral advertising.