This means that once you become a client, you effectively lose the right to have your personal data deleted, even if you close your account, …
Implied consent through continued service use is increasingly challenged by regulators as insufficient for sensitive data processing, particularly for biometric data, AI model training, and …
Meta
· Meta Platform Policy
This provision requires genuine, informed consent from users before their Facebook data is used in new or unexpected ways, which is a meaningful protection against …
TikTok
· TikTok Community Guidelines
This shows TikTok has a consent management platform (CMP) in place, but the effectiveness and granularity of consent collection determines whether EU and UK users' …
Chegg
· Chegg Privacy Policy
This provision is legally required under the Children's Online Privacy Protection Act (COPPA) and provides important protections for minors using the platform.
Meta
· Meta Platform Policy
This gives Facebook users a contractual right to have their data deleted from third-party apps, which is a meaningful consumer protection especially for apps they …
Slack
· Slack Terms of Service
Organizations subject to GDPR or CCPA must ensure they have an executed DPA with Slack; without it, their use of Slack for personal data processing …
The acknowledgment that training dataset requests are 'complex' and may be declined signals that data deletion and correction rights are not fully enforceable in practice …
Most social commerce platforms offer privacy controls, but making transaction history publicly visible by default exposes users to unwanted scrutiny of their purchasing habits without …
EU and UK users benefit from strong statutory data rights over their sensitive health and wellness data, and can compel Headspace to stop processing their …
The opt-out is incomplete — disabling conversation saving is meaningfully different from opting out of AI training data use, and users may not realize these …
Gemini
· Gemini Privacy Policy
This means consumers in states with strong privacy laws (like California) may have fewer rights over their data than they would with non-financial companies, because …
This means California residents who believe they have the right to delete their data may find that Robinhood refuses deletion for most core financial data, …
Most users will not understand that their therapy session data has HIPAA protections but their meditation and mood data on the same app does not …
Microsoft
· Microsoft Services Agreement (Legacy)
This provision means your private communications and documents stored in Microsoft services are not fully private — Microsoft reserves the right to review and disclose …
TikTok
· TikTok Community Guidelines
TikTok has a documented history of COPPA violations and has been subject to regulatory enforcement actions specifically concerning children's data; the adequacy of its age …
TikTok
· TikTok Community Guidelines
COPPA imposes strict verifiable parental consent requirements before collecting personal data from children under 13, and TikTok's embedded device monitoring on publicly accessible policy pages …
Xbox
· Xbox Privacy Statement
Children under 13 are a protected class under COPPA, and if Microsoft's parental consent mechanisms are insufficient or if data collection from child accounts exceeds …
TikTok
· TikTok Privacy Policy
Children's privacy is subject to stricter legal requirements, and parents and guardians should understand what data TikTok collects about minors and what protections are in …
TikTok
· TikTok Community Guidelines
Children and teenagers are among TikTok's largest user groups, and the adequacy of age verification and parental consent mechanisms directly affects compliance with COPPA, GDPR …
The opt-out is not a complete opt-out: two broad exceptions—feedback interactions and safety flags—mean a significant portion of your conversations may still be used for …
Depending on your state, you may have stronger legal rights over your data than you realize — including the right to have your data deleted …
Without opting out, your browsing behavior, event interests, and personal details may be used to serve you targeted ads across the internet.
This provision places the legal responsibility for consenting to data collection on the parent, meaning parents are directly accountable for what their child does and …
This creates a significant exception to the opt-out right — any conversation Anthropic deems relevant to safety can still be retained and used for training, …
Grindr
· Grindr Privacy Policy
Under CCPA/CPRA, selling or sharing personal data without offering a clear opt-out is a significant consumer rights issue, particularly when the data relates to sensitive …
California residents have a legal right to opt out of this sharing, and exercising this right can reduce the amount of targeted advertising you receive …
Yelp
· Yelp Privacy Policy
Under CCPA/CPRA, sharing data for cross-context behavioral advertising is treated as a 'sale' of personal information, giving California residents the right to opt out.
Target
· Target Privacy Policy
Without actively opting out, your personal data continues to be used for cross-context behavioral advertising by default, meaning Target and its partners can profit from …
Grindr
· Grindr Privacy Policy
This provision gives California users specific rights to limit how their most sensitive data is used, which is particularly significant given Grindr's user base and …