These rights give you meaningful control over your personal data held by AI21, including the ability to request deletion or restrict use of your data for advertising purposes, but exercising them requires you to proactively contact AI21.
Airbnb
· Airbnb Privacy Policy
These rights are legally enforceable under GDPR and CCPA and give you meaningful control over your personal data, including the ability to request full deletion even of your account history.
Notion
· Notion Privacy Policy
The policy explicitly grants access, correction, deletion, portability, restriction, and objection rights to users in applicable jurisdictions, and directs users to contact privacy@makenotion.com to exercise these rights, providing a concrete mechanism for data control.
These rights give users meaningful control over their personal data, but exercising them requires proactive action — Copy.ai does not automatically delete or restrict processing of your data.
These rights are legally enforceable under GDPR, meaning monday.com must respond to your requests within 30 days and cannot refuse without a lawful justification.
These rights are legally enforceable under GDPR and similar laws — if Coursera fails to respond adequately, you can escalate to your national data protection authority.
Fastly
· Fastly Privacy Policy
Knowing how to exercise your data rights gives you control over what Fastly knows about you and how it uses that information.
ADP
· ADP Privacy Statement
The identity verification requirement and the ability to deny requests 'where the request conflicts with the data controller client' — meaning your employer — could delay or block your ability to exercise fundamental privacy rights under GDPR or CCPA.
These rights are your primary tool for controlling your personal data held by a major information services company — understanding how to exercise them effectively is essential, especially given the breadth of Thomson Reuters' data collection.
Routing your data rights request through a third-party vendor introduces an additional layer of processing that could affect how quickly and completely your request is fulfilled.
Stripe
· Stripe Terms of Service
Stripe's use of aggregated transaction data for its own business purposes — including competitive intelligence and product development — means your business data contributes to Stripe's commercial advantage without direct compensation.
23andMe
· 23andMe Privacy Statement
Participating in DNA Relatives means your genetic profile is compared against other users' profiles and potential biological relatives are identified, which can surface unexpected family relationships including those involving donor conception, non-paternity, or previously unknown relatives, with significant personal implications.
Hulu
· Hulu Privacy Policy
The California Privacy Rights Act gives California residents enforceable rights to stop their data from being used for cross-context behavioral advertising, and this clause describes how to exercise those rights.
Roblox
· Roblox Privacy Policy
CPRA grants California residents a statutory right to opt out of the sale and sharing of personal information for cross-context behavioral advertising; this provision establishes the mechanism by which that right can be exercised on the Roblox platform.
Noom
· Noom Privacy Policy
This right allows you to stop Noom from sharing your data for advertising purposes, but you must actively exercise it — Noom does not apply this opt-out by default.
Slack
· Slack Privacy Policy
The CCPA opt-out right is a legally enforceable protection for California residents that limits how Slack can use personal data for commercial purposes beyond service delivery, including potential use for targeted advertising.
This provision establishes the mechanism by which consumers can exercise their statutory opt-out rights under CCPA/CPRA and analogous state laws, and discloses that opting out may affect the personalized experience consumers receive.
Yelp
· Yelp Privacy Policy
This opt-out right is one of the most powerful consumer privacy tools available — exercising it stops Yelp from monetizing your data through advertising partnerships, though it does not stop all data collection.
Uber
· Uber Privacy Notice
Knowing and exercising these rights is the primary way drivers can control what data Uber holds about them, correct inaccuracies that could affect their account, and request deletion of data they no longer want Uber to retain.
Stripe
· Stripe Privacy Policy
When Stripe acts as a processor, your privacy rights are primarily directed at the merchant, not Stripe — which can make it harder for consumers to know who is responsible for their data and where to direct complaints.
GDPR rights are among the strongest consumer data protections globally, and Grammarly's policy acknowledges them for EEA and UK users, meaning those users have enforceable legal recourse if their data is mishandled.
Suno
· Suno Privacy Policy
EEA users can object to processing carried out under legitimate interests, including potentially Suno's use of their Content and prompts for AI model training, which gives these users more control over their data than users in most other jurisdictions.
EU/EEA/UK users have stronger privacy protections than US users under GDPR, including rights to access, erasure, restriction of processing, data portability, and the right to object to processing, all of which must be honored by Xfinity.
If you are a European, Swiss, or UK customer using Comcast or Sky services, you have stronger legal rights over your personal data than US customers, including the right to object to processing and data portability.
Pika
· Pika Privacy Policy
If you are in the EU or UK, you have strong legally enforceable data rights under GDPR, including the right to have your data deleted and to complain to a supervisory authority if you are unsatisfied with Pika's response.
Affirm
· Affirm Terms of Service
This consent covers legally required financial disclosures including tax statements and loan agreements; if you miss an electronic notice, you may miss important deadlines or changes to your loan terms.
E-SIGN Act requirements generally permit consumers to withdraw electronic consent, but this clause ties that withdrawal to potential account closure, which creates a practical disincentive that may limit the meaningful exercise of that right.
Gusto
· Gusto Privacy Policy
As an employee, your primary relationship for data rights may be with your employer, not Gusto directly — this can limit your ability to compel Gusto to delete or correct your data.
This is a meaningful privacy protection for message content, but it does not cover metadata such as who you message, how often, and when — which WhatsApp does collect.
End-to-end encryption is a significant privacy protection for message content, but the policy makes clear this applies to message content in transit and does not necessarily protect metadata (such as who you message, when, and how frequently) which WhatsApp does collect and may share.