Precise geolocation is classified as sensitive personal data under CPRA and many other privacy laws, triggering stricter consent and use-limitation requirements, and its collection by a video streaming service raises questions about whether such granular tracking is necessary for the stated content licensing purpose.
Precise geolocation is classified as sensitive personal information under several state privacy laws, and its collection for purposes beyond core delivery, including analytics, may require affirmative opt-in consent or at minimum an opt-out mechanism in certain jurisdictions.
Precise geolocation data can reveal sensitive details about your daily movements, routines, and personal life, and is classified as sensitive personal information under CPRA and several other state privacy laws.
Precise geolocation data is classified as sensitive personal information under California law and several other state statutes, meaning its collection and use carry heightened legal obligations and greater privacy implications than general location data.
Fitbit
· Fitbit Privacy Policy
Precise GPS data can reveal where you live, work, and travel routinely, and when combined with workout schedules, creates detailed location profiles that go beyond what is necessary for basic fitness tracking.
Strava
· Strava Privacy Policy
Precise location data is among the most sensitive personal data categories because it can reveal your home address, workplace, daily patterns, and movements over time.
Precise location data is a sensitive category of personal information; the policy states it is collected with permission and also inferred from other data, and is used for purposes including advertising, identity verification, and social features, which may not be obvious to users who enable location access primarily for navigation or map features.
Uber
· Uber Privacy Notice
Precise location data reveals detailed information about a user's movements, routines, home address, workplace, and frequented locations. The policy authorizes collection both during active trips and during general app usage in the foreground.
Precise location data is classified as sensitive personal information under several state privacy laws and may be used to influence insurance underwriting and pricing; the policy directs consumers to a separate document for the complete picture, which limits transparency within this notice alone.
The scope of data collection and sharing practices is governed by a separate Privacy Statement document, meaning users must review multiple documents to fully understand how their data is handled.
This provision incorporates the Privacy Policy by reference, meaning users consent to data practices described in a separate document, which creates a compliance dependency on the Privacy Policy's content and any future updates to it.
Apple collects detailed behavioral data — including every song you play, movie you watch, app you download, and search you conduct — which is used to build a profile of your interests and may be shared with partners under certain circumstances.
GitHub
· GitHub Terms of Service
By accepting these Terms, you are also agreeing to a separate Privacy Statement that governs all data collection — users must read both documents to understand the full scope of GitHub's data practices.
Asana
· Asana Terms of Service
By accepting these terms, you also agree to the Privacy Policy, which governs how Asana collects, uses, and shares your personal and usage data. Reviewing the Privacy Policy separately is important for understanding the full scope of data practices.
Your data rights and Starbucks's data practices are governed by a separate document not reproduced here — you must locate and read the Privacy Statement to understand what data is collected, how it is used, and how it is shared with third parties.
Apple's data collection practices across its ecosystem — including usage patterns, device information, and diagnostic data — are governed by a separate Privacy Policy that this ToS incorporates by reference, and users may not fully understand the scope of data collection they are consenting to.
SoFi
· SoFi Terms of Service
Because SoFi operates across banking, lending, and investment services, it collects a wide range of financial and personal data; the incorporation of a separate Privacy Policy by reference means users must review both documents to understand the full scope of data practices.
This clause incorporates the Privacy Notice by reference as a binding term, meaning data collection and processing practices — which may include behavioral analytics, marketing profiling, and third-party data sharing — are accepted as part of using the site.
Your personal data, usage patterns, and content interactions across Microsoft's ecosystem of services are collected and processed under a privacy framework that consumers must separately review to understand fully.
Apple
· Apple App Store Review Guidelines
Privacy nutrition labels are the primary transparency mechanism consumers can use to understand what data an app collects before downloading it, and inaccurate labels create both consumer harm and regulatory exposure.
Apple
· Apple App Store Review Guidelines
This provision gives consumers a standardized, pre-download disclosure of exactly what data an app will collect, including sensitive categories like health data, financial information, location, and browsing history.
Your personal data, browsing activity, and usage information may be collected and used in ways described in a separate privacy document that you are legally bound by upon accepting this agreement.
Your salary data and job search behavior are among the most commercially sensitive personal information you can disclose, and their combination with identity information creates a rich profile that is valuable to advertisers, employers, and data brokers.
This clause protects Zillow's proprietary listing database, but it also affects legitimate researchers, journalists, and academics who use automated tools to study housing market data and fair housing compliance.
This clause broadly prohibits automated data collection, which affects not just bad actors but also researchers, journalists, and businesses that rely on LinkedIn data — and LinkedIn has actively enforced this through litigation.
Cohere
· Cohere Privacy Policy
If you share confidential, personal, or sensitive information in a prompt, Cohere staff may be able to read it, which could be a concern for users who assume their AI conversations are private.
Users may submit sensitive code, personal thoughts, or confidential business information in prompts without realizing this content is systematically collected and retained by Windsurf.
Broad collection of publicly available internet data for AI training raises copyright, consent, and data accuracy concerns, and may include personal information about individuals who have never used Character.AI's services.
Windsurf
· Windsurf Security & Data Handling
The document states that data transmission occurs continuously in the background without requiring a user action, meaning code and context data is sent to Windsurf servers as a baseline operational behavior rather than only in response to explicit user requests.
Target
· Target Privacy Policy
Financial data collected in connection with RedCard applications is among the most sensitive categories of personal information and is subject to FCRA and Gramm-Leach-Bliley Act protections that limit how it can be used and shared, beyond standard retail privacy rules.