Lime
· Lime Privacy Policy
Precise location data reveals your daily movements, home address, workplace, and travel patterns, making it one of the most sensitive categories of personal data collected by the service.
Oura
· Oura Privacy Policy
Reproductive health data carries heightened legal and personal risk, particularly given evolving US state laws on reproductive rights; users should understand that this data is stored by Oura and, in Platform contexts, can be shared with third-party Data Recipients.
23andMe
· 23andMe Privacy Statement
The policy discloses that Research consent, once acted upon and data shared, creates an irreversible commitment; withdrawal from Research stops future sharing but does not remove already-contributed data from third-party researchers who received it.
Meta
· Meta Platform Policy
This provision establishes a baseline protection for minors by restricting developer access to Meta's platform for child-directed applications unless specific approval and legal compliance obligations are met, particularly under COPPA.
Meta
· Meta Platform Policy
This clause establishes restrictions on data use for child-directed applications and creates a compliance obligation for developers to adhere to regulatory requirements governing the collection and use of minors' data.
Meta
· Llama API Terms of Service
This provision establishes categorical prohibitions on specific uses of platform data that intersect with anti-discrimination law and data protection frameworks governing special categories of personal data, creating compliance obligations for any developer whose application processes or could infer such attributes from platform data.
This exception creates a carve-out from the opt-out mechanism that allows the entity to retain training rights over flagged or reported content regardless of a user's training opt-out election. The provision operationalizes safety review and user-initiated reporting as independent grounds for data use authorization.
Grindr
· Grindr Privacy Policy
The clause establishes a default data sharing arrangement with advertising partners while providing users with a mechanism to control participation in this specific practice. The opt-out/opt-in structure determines whether personal data flows to marketing partners for targeted advertising purposes.
This provision establishes that Equifax engages in data sharing practices that qualify as a sale or share under CPRA and potentially other state privacy statutes, triggering opt-out rights for residents of qualifying states and requiring a conspicuous opt-out mechanism.
The provision establishes the operational framework under which user data becomes a functional component of the platform's advertising delivery system. This authorization governs how personal information flows to external parties and defines the permissible uses of that data within the advertising ecosystem.
Yelp
· Yelp Privacy Policy
This provision establishes the operational framework for Yelp's data sharing practices with external advertising partners. It clarifies that information shared under this authorization is limited to non-identifiable and aggregated forms, which defines the scope of third-party data access permitted under the policy.
The policy explicitly acknowledges that personal information is sold and shared within the meaning of CCPA, which means your purchase history, device identifiers, and browsing behavior may be transferred to third-party advertising and analytics companies.
This provision triggers opt-out rights under CCPA/CPRA for California residents and requires Walgreens to provide a clear and accessible opt-out mechanism, including recognition of the Global Privacy Control signal. The provision also implicates CPRA's annual data minimization obligations for data shared with advertising partners.
The provision operationalizes CCPA/CPRA compliance by creating an accessible consumer control mechanism and establishing a heightened consent standard for minors. The dual-track approach (opt-out for general consumers, opt-in for minors under 16) reflects statutory requirements for data sale and sharing practices.
Target
· Target Privacy Policy
The clause establishes a mechanism for users to affirmatively restrict how Target uses personal information for advertising purposes and establishes Target's procedural obligation to honor Global Privacy Control signals as equivalent to formal opt-out requests.
This clause operationalizes state-law opt-out rights by designating specific mechanisms (online portal and phone line) and establishing a processing timeline, creating procedural obligations for the company to honor consumer election of data usage restrictions.
Palantir's most significant data operations involve analyzing large datasets for government and corporate clients, and those processing activities are entirely outside the scope of this public privacy statement.
Unity
· Unity Privacy Policy
This provision affects potentially hundreds of millions of mobile game players who have no direct relationship with Unity but whose data Unity collects and uses for advertising profiling.
This provision requires sellers to submit sensitive personal and financial data categories that are subject to heightened protection under state financial privacy laws, data breach notification statutes, and potentially federal requirements depending on the nature of payout processing relationships.
eBay
· eBay Privacy Notice
Sellers are required to submit highly sensitive identity data including government IDs, social security numbers, and selfie photos, which represents a significant privacy commitment and creates elevated risk if this data were ever compromised or misused.
This provision discloses that sensitive personal data categories are processed within Meta's advertising infrastructure. The distinction between 'exclusionary' and 'targeting' use of special category data may require evaluation under GDPR Article 9, which restricts processing of such data regardless of the direction of its application in ad delivery.
The collection and inference of special category data carries heightened legal obligations under GDPR and many other frameworks, and creates elevated privacy risk if that data is used in advertising targeting or shared with partners.
The collection of social security numbers, government photo ID, and criminal history represents some of the most sensitive categories of personal data, and their exposure in a breach or unauthorized disclosure carries significant identity theft and discrimination risk.
This provision establishes specific restrictions on data transferred to LinkedIn through the Insight Tag and ad targeting systems, including a categorical prohibition on sensitive data targeting and child data transfers. LinkedIn reserves the right to check advertiser compliance with these restrictions from time to time.
Most privacy frameworks that designate sensitive personal information as a distinct category do so specifically to limit its use for commercial purposes like advertising; using sensitive data for targeted advertising is among the more expansive assertions in this policy.
Fitbit
· Fitbit Privacy Policy
The breadth of health categories collected, particularly menstrual cycle tracking and ECG data, places this data among the most sensitive personal information categories, with implications for how it may be used, shared, or subpoenaed under applicable law.
Sexual orientation and gender identity are categorized as special category data under GDPR, requiring explicit consent and heightened protection standards. Sharing this data with a platform and its potential partners carries material privacy risks.
Grindr
· Grindr Terms of Service
HIV status and sexual orientation are among the most sensitive categories of personal data, and their collection and potential disclosure can create significant real-world risks for users including discrimination, outing, and safety threats.
Tinder
· Tinder Privacy Policy
Sexual orientation and health status are among the most sensitive categories of personal data, and once disclosed on a dating platform, they are processed and potentially shared in ways users may not fully anticipate.
ADP
· ADP Privacy Statement
These are among the most sensitive categories of personal information recognized under privacy law globally. Payroll and HR platforms often require some of this data, but its collection by a single provider at scale creates elevated risk if data is breached or misused.