Netflix
· Netflix Privacy Statement
This provision establishes the operational mechanism by which Netflix integrates third-party interest inferences into its ad targeting system. The clause permits cross-platform data aggregation—combining Netflix viewing behavior with external interest signals—to inform ad selection and delivery.
Shein
· Shein Terms and Conditions
The provision establishes the operational infrastructure through which Shein shares user activity data with external advertising partners for behavioral targeting and campaign optimization. This multi-network approach enables coordinated data collection across multiple advertising ecosystems.
Netflix
· Netflix Privacy Statement
This provision authorizes Netflix to incorporate behavioral profiles built from your activity on unaffiliated third-party services into its advertising targeting, meaning Netflix ads may reflect your browsing and purchase activity outside of Netflix.
Acorns
· Acorns Privacy Policy
The provision establishes the operational infrastructure through which Acorns collects behavioral and interaction data to analyze platform usage patterns. This data collection occurs continuously during user sessions and informs product analytics, user experience assessment, and service optimization.
The clause establishes the scope of behavioral and technical data collection that OnlyFans employs for operational, analytical, and service delivery purposes. This data collection forms the informational basis for platform functionality and analytics operations.
This provision establishes the operational framework for behavioral profiling and inference generation as core data processing activities. It specifies both internal use (service personalization) and external sharing (third-party advertising partners) as authorized purposes for derived inferences.
Zillow
· Zillow Privacy Notice
This provision establishes the operational basis for Zillow's behavioral profiling and advertising infrastructure, defining both internal data use and third-party data sharing relationships. It permits collection and analysis of granular real estate activity data to enable targeted marketing campaigns on and off the Zillow platform.
Session replay technology can capture detailed behavioral data including mouse movements, clicks, and potentially form field interactions, which goes beyond standard analytics; the presence of Facebook tracking also means browsing behavior may be shared with Meta for advertising purposes.
The provision establishes the operational basis for TransUnion's data collection infrastructure across its digital properties. It specifies the technical mechanisms deployed and the permitted uses, thereby defining the scope of behavioral data collection that occurs during service use.
Klarna
· Klarna Privacy Policy
The provision establishes Klarna's operational authority to leverage user behavioral information as part of its data monetization and advertising infrastructure, enabling targeted marketing operations across its service ecosystem.
Behavioral keystroke and mouse tracking enables collection of interaction-level data beyond typical usage analytics, which may inform service optimization, fraud detection, or user experience analysis. This tracking mechanism operates continuously during user sessions unless the privacy controls or data collection settings are modified.
Microsoft
· Microsoft Services Agreement (Legacy)
This provision requires US users to resolve most disputes with Microsoft individually through private arbitration, which the agreement states replaces court proceedings, and waives the right to join class actions that allow groups of consumers to pursue claims collectively.
Zoom
· Zoom Terms of Service
The agreement requires individual arbitration for all disputes and waives the right to participate in class action or representative proceedings, which limits the collective remedies available to users with similar grievances.
The clause establishes an alternative dispute resolution mechanism in place of court litigation, with specified consequences for how disputes are adjudicated and what procedural rights are relinquished. This affects the venue, forum, and structure through which disagreements between merchant and platform are resolved.
This clause removes the right to sue Microsoft in court or participate in a class action, which is often the only practical way consumers can pursue small claims against large companies.
This clause removes your ability to take Dropbox to court for most disputes and prevents you from joining class action lawsuits, which are often the only practical way to pursue small or medium-sized claims against a large company.
The arbitration requirement modifies the dispute resolution mechanism available to users, directing claims through a private arbitration process administered outside the court system. This alters the procedural pathway for addressing disagreements between the parties.
Selfie-based age estimation involves the processing of facial image data, which may qualify as biometric data under certain state laws such as Illinois BIPA, creating significant legal and consent obligations that the policy does not explicitly address.
The provision establishes the operational framework for age verification processes, defining what biometric data categories Spotify may process, the methods employed (identity document verification and facial age estimation), and the retention period. This addresses regulatory requirements for age-gated service features and parental consent workflows.
The provision establishes the operational scope of biometric data collection tied to core service features, enabling Snapchat to process facial recognition, body position tracking, and movement analysis as part of AR functionality delivery.
The provision establishes Meta's operational authority to extract and analyze biometric identifiers from user-generated content and stored media. This creates an ongoing data processing mechanism that generates derivative biometric datasets separate from the original photos, expanding the categories of personal information Meta maintains and can deploy across its product ecosystem.
Eufy
· Eufy Privacy Policy
The provision establishes the operational scope of biometric data collection within the product ecosystem. It defines the specific use cases (facial identification and personalized alerts) for which facial recognition processing is authorized under the terms.
The collection of biometric identifiers enables Cash App to conduct identity verification procedures required for account establishment and compliance with financial services regulations. This data category requires separate notice and handling protocols under biometric privacy frameworks in certain jurisdictions.
Airbnb
· Airbnb Privacy Policy
The provision establishes the operational basis for Airbnb's identity verification infrastructure, which the terms characterize as potentially necessary for service delivery. This data collection framework supports the platform's user authentication and fraud prevention procedures.
Fitbit
· Fitbit Privacy Policy
The provision defines the baseline data collection scope that operates automatically upon device use. This establishes the operational parameters for what health metrics the service captures and processes as part of standard device functionality.
Whoop
· Whoop Terms of Use
Biometric and physiological health data is among the most sensitive categories of personal information and, once collected, cannot be changed if misused; understanding how WHOOP uses and shares this data is critical for any user.
Biometric data is among the most sensitive personal information that can be collected because it is permanent and uniquely identifies you. Collection at physical venues like theme parks means this applies even to users who primarily think of themselves as streaming subscribers.
Webull
· Webull Privacy Policy
The clause establishes the operational basis for biometric data collection within the account onboarding and verification workflow, linking the collection practice to specific regulatory compliance requirements rather than optional service features. This framing clarifies that biometric processing occurs pursuant to legal obligations rather than discretionary corporate functions.
Bumble
· Bumble Privacy Policy
Biometric data is among the most sensitive personal information category under both GDPR and multiple US state laws, and its collection by a consumer dating app creates significant legal exposure and personal privacy risk.
This provision establishes operational boundaries for permitted API applications by categorically excluding uses involving unauthorized collection or processing of sensitive personal data categories. The clause functions as a use restriction that applies across all API interactions.