GitHub
· GitHub Privacy Statement
This broad automatic collection creates a detailed behavioral profile of every user, which can be used for purposes including advertising targeting and AI model improvement.
Cursor
· Cursor Terms of Service
This provision distinguishes Usage Data from Content (code inputs and suggestions), authorizing Anysphere to collect and process interaction and log data for business purposes and to share it with third parties in aggregated or de-identified form.
Fastly
· Fastly Privacy Policy
Cookie and tracking technology use is the primary mechanism through which personal data is collected from casual website visitors, and it triggers consent and disclosure obligations in the EU, UK, and California.
Affirm
· Affirm Privacy Policy
Third-party tracking on Affirm's platform means your browsing and purchase behavior may be shared with advertising networks, which can follow you across other websites.
Visa
· Visa Privacy Notice
Cross-site tracking by a major financial network like Visa extends surveillance of consumer behavior well beyond the Visa website itself, and may constitute 'sharing' of personal information for targeted advertising purposes under CCPA/CPRA.
Tracking technologies enable the collection of behavioral data that can be linked to your health app usage and used to build advertising profiles, extending data use beyond what you actively input into the app.
Tracking technologies can follow your activity beyond Shopify's own sites, building a profile of your interests and behaviors used for targeted advertising.
Cookie-based tracking across Thomson Reuters' extensive product suite enables detailed behavioral profiling, and the advertising use of this data may surprise users of what they consider professional, non-consumer products.
Tracking technologies allow DoorDash and its advertising partners to build a detailed profile of your browsing and ordering behavior, which is used for targeted advertising both on and off the DoorDash platform.
Intuit
· Intuit Privacy Statement
Tracking technologies collect behavioral data continuously across browsing sessions, and the involvement of third-party advertising partners means this data flows to external companies who may combine it with other data sources.
Noom
· Noom Privacy Policy
Tracking technologies allow Noom and advertising partners to build profiles of user behavior that extend beyond the Noom platform, including users who have entered sensitive health information.
Medium
· Medium Privacy Policy
Cookies and tracking technologies enable Medium and its partners to build a profile of your browsing habits, which can be used for advertising and analytics purposes both on and off the Medium platform.
Ford
· Ford Privacy Policy
Cross-site tracking for targeted advertising is subject to opt-out rights under CPRA and is the type of data sharing that California residents can stop by using the Do Not Sell or Share mechanism or enabling Global Privacy Control.
Twilio
· Twilio Privacy Notice
Unlike using a fully independent third-party analytics tool, Twilio's use of its own Segment platform means your website browsing data can be integrated with other data Twilio holds about you as a customer or prospect, enabling more extensive profiling than typical analytics cookies.
Cross-site tracking cookies deployed on Calendly's scheduling pages affect not just registered users but anyone who visits a Calendly booking page, including meeting invitees who may be unaware of this tracking.
Rumble
· Rumble Privacy Policy
Content you upload to Rumble, along with account details and payment information, is collected and retained by the company, potentially for uses beyond simply hosting your video.
Figma
· Figma Privacy Policy
The collection of the actual content of design files, not just metadata, means that proprietary creative work, business strategies, and client materials stored in Figma are within the scope of Figma's data collection and may be used as described elsewhere in this policy.
Runway
· Runway Privacy Policy
The policy states that prompts, generated outputs, and associated metadata including geographic and temporal information are collected as user content, which has implications for users who input sensitive, proprietary, or third-party-owned material into Runway's generative tools.
API call logs can contain sensitive technical and business intelligence data; the scope of collection and sharing disclosed here is broad and governed by a separate policy that users must independently review.
Waze
· Waze Privacy Policy
Reports you submit may be linked to your account and location at the time of submission, creating a record of your activity and whereabouts.
SoFi
· SoFi Privacy Notice
VWO's heatmap and session recording capabilities — visible in the code — can capture detailed behavioral data including mouse movements, clicks, and scroll patterns on pages that display sensitive financial information.
VWO's 'body hiding' technique — which makes the entire page invisible until VWO scripts load — is a known performance and user experience issue, and the tracking of your behavior across A/B test variants constitutes processing of personal data requiring appropriate legal basis and disclosure.
Voice and audio data is a biometric-adjacent category of information that carries heightened sensitivity, and the notice's framing of implied consent through the act of calling may not satisfy explicit consent requirements in all jurisdictions.
Voice recordings are a biometric-adjacent data type that can be used to identify individuals, and their collection and storage carries meaningful privacy implications, particularly in jurisdictions with biometric data laws.
Voice data is particularly sensitive because it can be used for voice recognition and biometric identification, and the collection of audio through smart speakers or streaming devices may occur in shared home environments.
Microsoft
· Microsoft Privacy Statement (Legacy)
Voice data is a sensitive biometric-adjacent category of personal data; the statement authorizes its collection and use for service improvement, and consumers in states with biometric privacy laws such as Illinois should be aware of this practice.
Voice recordings collected in your home or on your device may be processed by Samsung or third-party service providers, creating a record of your spoken interactions that goes beyond typical text or click-based data.
The policy states that voice audio is discarded after processing, but the text transcriptions derived from voice input are retained as Log and Usage Information, which is subject to AI training and other described data uses.
Audio recordings of the voice may constitute biometric data under some state laws, and voice data collection is subject to heightened consent and retention requirements in Illinois and other states with biometric privacy statutes.
Roblox
· Roblox Privacy Policy
Voice recordings can constitute biometric identifiers in certain jurisdictions, and their collection and storage for safety and moderation purposes creates data retention and consent obligations that vary significantly by geography.