Asana
· Asana Privacy Statement
This provision operationalizes Asana's compliance obligations under California privacy law by enumerating the specific consumer rights the company recognizes and the corresponding mechanisms residents may invoke. The non-discrimination clause establishes that exercise of these rights does not alter service availability, pricing, or quality.
OpenAI
· OpenAI Privacy Policy
The provision operationalizes OpenAI's obligations under California state privacy law, establishing procedures through which California residents can request data access, deletion, and opt-out elections. These statutory rights affect how OpenAI processes and discloses personal information for California-based users.
Chime
· Chime Privacy Policy
California residents have stronger privacy protections than most other US users, including the right to stop Chime from sharing your data with advertising partners, which is directly relevant given the breadth of advertising technology integrations the company uses.
This clause establishes Uniswap's operational obligation to provide California residents with data access, portability, and deletion mechanisms as mandated by state law, creating procedural requirements for responding to verified consumer requests within statutory timeframes.
This provision establishes CCPA/CPRA compliance obligations for ElevenLabs with respect to California residents, including a specific opt-out right for the sale or sharing of personal information with advertising partners that must be operationally implemented and accessible.
DeepL
· DeepL Privacy Policy
This provision explicitly acknowledges California residents' CCPA rights and the opt-out from sale of personal information. The non-discrimination guarantee means that California users who exercise privacy rights may not be denied service or subjected to differential pricing as a result.
Medium
· Medium Privacy Policy
California law gives residents enforceable rights to control how their personal information is used and shared, including the right to stop Medium from selling their data to third parties.
The policy enumerates the full set of CCPA rights available to California residents, including the right to opt out of sharing for cross-context behavioral advertising and the right to limit use of sensitive personal information, which are rights added by the CPRA amendments.
This provision operationalizes statutory obligations under the CCPA by specifying the data subject rights available to California consumers and establishing the procedural mechanism for submitting requests. The non-discrimination clause requires that Craigslist not impose differential treatment or penalties on users who exercise these rights.
This acknowledgment confirms that advertising-related data flows may constitute a sale under CCPA, which gives California residents a legally enforceable right to stop that data sharing, and signals the breadth of TaskRabbit's advertising data practices.
The provision operationalizes CCPA statutory rights by creating a documented mechanism for users to restrict data monetization practices. This establishes a procedural pathway for exercising consumer choice rights regarding data commercialization activities.
Twilio
· Twilio Privacy Notice
The notice acknowledges that sharing data with advertising partners may qualify as a sale or sharing under CCPA/CPRA, which triggers a legally mandated right for California residents to opt out of this specific data use.
Slack
· Slack Privacy Policy
This provision establishes Slack's baseline data sharing practices under California privacy law and defines the scope of permitted third-party advertising partnerships. It specifies the technical mechanism (Global Privacy Control) through which users can restrict sharing tied to cookie identifiers, establishing the operational framework for user control over behavioral targeting.
OpenAI
· OpenAI Enterprise Privacy
The service provider designation under CCPA has direct implications for enterprise customers' compliance obligations: if OpenAI qualifies as a service provider, its processing is excluded from the definition of a sale or share under the CCPA, and customers can represent to their own users that data shared with OpenAI is covered by service provider restrictions. The designation must be reflected in a written contract to be legally operative.
This clause establishes the procedural mechanism by which privacy policy modifications become binding on users. It creates an operational framework where policy changes take effect upon posting and email notice (where required), rather than requiring affirmative re-consent to continued service.
Acceptance of updated privacy terms by continued use rather than explicit re-consent means that changes to data practices take effect without requiring your affirmative agreement, which is significant if material changes expand data collection or sharing.
Private chat messages on OnlyFans are retained by the platform as personal data, which means they could be accessed by OnlyFans staff, shared with third parties under applicable circumstances, or exposed in a data breach.
This provision establishes that parents or legal guardians bear contractual liability for child users' actions on PlayStation Services. The agreement also references Child Account functionality and parental control features governed in Section 4, which are directly relevant to COPPA compliance for users under 13.
Zoom
· Zoom Privacy Statement
This provision establishes Zoom's stated age threshold at 16, which is above the 13-year threshold established by COPPA in the United States but aligns with GDPR's default age of digital consent in several EU member states. Educational institutions deploying Zoom for students younger than 16 should review whether separate contractual terms or product configurations govern those deployments.
This provision establishes the stated age restriction framework for Meta's products and the policy's asserted exclusion of child personal data collection, with the applicable minimum age varying by jurisdiction.
This provision establishes the minimum age as 13, which aligns with COPPA's threshold; however, it does not describe age verification mechanisms, which may affect practical enforcement of this restriction.
Zoom
· Zoom Privacy Statement
This provision establishes Zoom's stated policy on data collection from minors, which is relevant for parents, schools, and organizations that use Zoom in educational contexts. It sets a minimum age threshold of 16, which is higher than the US COPPA threshold of 13.
StockX
· StockX Privacy Policy
While COPPA compliance is addressed for under-13 users, the policy's handling of teen users between 13 and 17 who may be buying or selling on the platform is less clearly specified, which matters given the platform's appeal to younger sneaker and streetwear collectors.
The provision operationalizes age-based differential treatment of advertising data practices, implementing a transition mechanism from restricted to standard advertising targeting when users age into eligibility. This establishes Spotify's procedural framework for compliance with child-directed advertising restrictions and age-gating requirements.
Data about children is among the most sensitive and most strictly regulated categories of personal data, and parents should understand what information is collected about their children and how it is used.
The provision creates a tiered access structure based on age categories and establishes that Spotify does not knowingly collect personal data from children below the Age Limit outside of Managed Accounts or Spotify Kids. This structures the operational relationship between the service and minor users through parental gatekeeping mechanisms.
If a child under 13 uses Inflection AI's services, there is no proactive age verification mechanism described in the policy, meaning the protection relies on reactive deletion rather than prevention.
Pika
· Pika Privacy Policy
If Pika's service is not intended for children, this section likely prohibits minors from using the platform and explains what happens if such data is collected, which is relevant for parents and guardians.
This provision establishes the stated compliance posture under the Children's Online Privacy Protection Act for online data collection from minors. The 'knowingly' qualifier is standard COPPA framing and limits the obligation to situations where Verizon has actual knowledge of a user's age.
Replit
· Replit Privacy Policy
This provision structures Replit's compliance with the Children's Online Privacy Protection Act (COPPA) by establishing age-based collection restrictions and a parental consent requirement for minors. The deletion mechanism establishes a procedural safeguard for inadvertent collection of child personal information.