A corporate transaction could result in your data being controlled by a company with materially different privacy practices, and the policy does not commit to notifying users before such a transfer occurs.
A corporate transaction could result in your personal data being transferred to a new entity with potentially different privacy practices, and this clause permits that transfer even during the negotiation phase before any transaction is complete.
This provision establishes the operational framework for information handling during corporate restructuring events. It clarifies that user data may be subject to transfer to successor entities or acquirers as part of business transitions, without requiring separate user consent beyond the terms as written.
Garmin
· Garmin Privacy Statement
A corporate acquisition could transfer your sensitive health and GPS data to a new entity with different privacy practices, and your ability to prevent this transfer under the current policy is limited.
Auth0
· Auth0 Privacy Policy
In a corporate transaction, your authentication data, device identifiers, and behavioral profiles could transfer to a new owner whose privacy practices may differ materially from Okta's current policy, and the commitment to notify is a notice right rather than a consent or opt-out right.
Calm
· Calm Privacy Policy
The provision establishes the operational framework for international data processing and specifies the legal mechanisms Calm uses to comply with cross-border transfer requirements. This addresses the regulatory requirement that personal data transferred outside the EU/EEA must have adequate protective measures in place.
Cross-border data transfer provisions establish the operational framework for how personal information moves through Nintendo's global infrastructure and defines the jurisdictional scope of data processing. This mechanism determines which privacy frameworks and regulatory standards apply to user data depending on destination jurisdiction.
While customer data ownership is confirmed, the operational license granted to Supabase is broad in scope and includes worldwide rights to reproduce and distribute customer data, which is the standard mechanism by which Supabase can store, back up, and deliver your data through its infrastructure.
The provision establishes Meta's operational framework for enabling user control over personal data through self-service mechanisms and structured data export processes, which reflects implementation of data portability and access rights.
This clause establishes the operational mechanism by which user data may be transferred to acquiring entities or transaction counterparties. It clarifies that information sharing during corporate restructuring events is within the scope of authorized data practices under the privacy policy.
This provision establishes the operational framework under which user data may be transferred to successor entities or acquirers during corporate restructuring events. It clarifies that information collected under the privacy policy may be treated as a transferable business asset subject to the same privacy obligations.
In a business acquisition or merger, your personal data could be transferred to a new company with different privacy practices, and you may not receive advance notice or have an opportunity to opt out before the transfer occurs.
Uber
· Uber Privacy Notice
Data sharing with service providers is operationally necessary for Uber to execute ride and delivery transactions. The provision specifies which data categories are transmitted to which parties, establishing the scope of third-party access required for service delivery.
Your personal data could be transferred to a different company with potentially different privacy practices if Substack undergoes a change of ownership, and the policy does not guarantee notice to users before such a transfer occurs.
This clause establishes the operational framework for how personal data is treated during corporate restructuring events. It permits the transfer of user data alongside business assets, establishing continuity of data stewardship under new ownership.
YouTube
· YouTube Community Guidelines
GIFCT membership involves sharing data or signals about harmful content across platforms, which has implications for how content and potentially account information may be shared with third-party technology companies outside of YouTube's direct data sharing policies.
This means your Google Pay setup status is shared with merchant websites as a form of device or account profiling, even before you initiate any transaction, though an opt-out is available.
This clause establishes the conditions under which the company may transfer user data to government entities without independent user consent, defining compliance obligations under applicable law.
Sharing within affiliated companies is generally permitted under GLBA without an opt-out requirement, meaning your data can circulate across the entire Progressive enterprise for marketing and business purposes without additional notice.
The clause establishes the operational framework for international data processing, specifying that data may be maintained across multiple jurisdictions while requiring the Company to implement security measures and maintain compliance with stated privacy standards regardless of where processing occurs.
This clause establishes the operational framework under which Snapchat may respond to legal demands and disclose user data without separate user authorization. It defines the institutional conditions under which the company may share information with government and law enforcement entities, which affects how user data flows through legal and regulatory processes.
EA
· EA Privacy and Cookie Policy
This clause establishes the operational framework under which personal data may be conveyed to a successor entity during corporate restructuring events. It clarifies that data transfers in these scenarios are permitted under the privacy policy rather than requiring separate user consent for each transaction.
Arlo
· Arlo Privacy Policy
The Bing Ads tag sends data about your behavior on Arlo's site to Microsoft, adding another advertising platform to the list of third parties receiving your browsing and purchase data.
This provision defines the scope of Apple's authorized data practices by excluding certain commercial data transfers. The operational significance is that Apple restricts third-party access to personal data for marketing use, establishing boundaries on downstream data sharing.
Zelle
· Zelle Privacy Policy
While Zelle asserts it does not sell data, the notice separately confirms that browsing data and identifiers are shared with advertising networks for behavioral advertising, which is regulated as 'sharing' under CPRA even if not technically a sale.
This provision establishes a contractual limitation on data monetization and secondary use practices. By restricting the sale or rental of personal information, the clause defines the operational scope of how collected financial data may be used or disclosed by the entity.
The provision defines the contractual framework for Salesforce's partner ecosystem, establishing which third parties may operate within or integrate with the platform and under what operational constraints. This allocation of authorization affects service availability, feature delivery, and the scope of entities with access to customer data or service infrastructure.
GitHub
· GitHub Privacy Statement
The collection of payment information is operationally necessary to facilitate billing and subscription management for paid service tiers, and establishes the scope of personal financial data GitHub processes in its capacity as a payment processor.
Activating the shared view feature for a joint account automatically authorizes disclosure of your personal financial data to another person, so it is important to understand what information is shared before enabling this feature.
Miro
· Miro Terms of Service
The Subprocessors List is a material disclosure for customers assessing their data supply chain obligations under GDPR Article 28 and equivalent frameworks. The terms authorize Miro to update this list, and enterprise customers should monitor it for changes that may affect their data transfer or processing assessments.