This provision establishes the operational scope and authorization for health data collection practices across NBCUniversal's service ecosystem. It creates a framework for integrating third-party health data sources into the company's analytics and personalization infrastructure, defining what data categories the company is permitted to process and how that data may be combined with other information streams.
Calm
· Calm Privacy Policy
The provision establishes a data-sharing mechanism with platform-level health systems and defines the scope of permissible processing, limiting Calm's use of health app data to sleep metrics without inferential analysis for other health attributes.
Microsoft
· Microsoft Privacy Statement (Legacy)
This provision establishes the operational scope and legal framework for health data processing under Microsoft health products. By delegating detailed health data governance to a separate policy document, the provision creates a dual-policy structure that specifies collection, use, and handling practices specific to health information categories.
Microsoft
· Microsoft Privacy Statement (Legacy)
The clause establishes a document incorporation mechanism by reference, requiring users to consult additional policies to obtain complete information about data processing practices and state-specific privacy rights rather than relying solely on the legacy privacy statement.
This provision establishes the operational scope of health data collection through digital channels, specifying which categories of sensitive health information are collected and through which platform mechanisms, which defines the data processing activities disclosed in the privacy policy.
Uber
· Uber Privacy Notice
This provision establishes the operational framework for identity authentication and regulatory compliance in Uber's driver onboarding and management processes. The use of automated verification technology creates an ongoing verification mechanism rather than a one-time authentication event.
The provision explains the operational basis for identity document collection in the secondary ticket sales process, clarifying that such collection is required by the payment processor's regulatory obligations rather than by Ticketmaster's discretionary choice.
This clause establishes the scope of biometric and identity data collection practices DocuSign implements to support identity verification services. The provision specifies the categories of sensitive personal information the entity is authorized to process in connection with verification transactions.
Identity verification is a core operational requirement for regulated financial services platforms. The provision establishes the scope of personal data collection necessary for compliance with anti-money laundering and know-your-customer regulatory obligations, and specifies that biometric processing may be delegated to external service providers.
Square
· Square Privacy Notice
The clause establishes the categories of identity documentation and biometric information Square may collect during account verification procedures. This defines the scope of personal data types the entity is authorized to process as part of its identity verification and compliance operations.
Uber
· Uber Privacy Notice
The provision establishes Uber's authorization to access in-cabin recordings generated by driver-operated devices for specific operational and risk management purposes, subject to jurisdictional legal requirements.
The provision establishes that LinkedIn's data collection encompasses both explicit user inputs and derived inferences about sensitive attributes. This operational scope means the service processes user activity data to generate attribute classifications beyond information users directly supply.
The clause establishes that LinkedIn's data processing includes inferential analytics that extend beyond explicitly provided information. This enables the platform to expand its data profiles on users through computational inference tied to stated business purposes.
PayPal
· PayPal Privacy Statement
The clause establishes PayPal's operational authority to construct user profiles using inferential analytics beyond explicitly provided information, enabling the service to generate risk assessments and behavioral models for operational and commercial purposes.
The provision establishes the operational framework for Amazon's cross-site advertising infrastructure, distinguishing between the collection of behavioral data (authorized across multiple digital properties) and the display mechanism (which operates without personally identifying information in the ad itself). This reflects Amazon's technical approach to interest-based advertising deployment.
This provision establishes that Calendly's data collection practices extend beyond registered account holders to third parties who participate in the scheduling process. The operational significance is that Invitees have their personal information processed by Calendly based on actions taken by Users or Members, not by their own account creation or explicit registration with Calendly.
The clause establishes the operational framework through which Riot Games implements automated enforcement mechanisms for terms violations. By authorizing background anti-cheat software with autonomous decision-making capacity, the provision creates a technological enforcement layer that operates independently of manual review processes.
The provision establishes the operational framework for Coinbase's Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance procedures. It delineates the categories of personal and financial information the platform is authorized to collect as a prerequisite to service access, which is standard institutional practice for regulated financial services platforms.
Identity verification through document collection and biometric matching (selfie-to-ID verification) establishes the procedural framework for customer identity verification and account authentication. This mechanism fulfills the operational requirements for account activation and regulatory compliance in financial services.
Plaid
· Plaid End User Privacy Policy
Because consent to Plaid's data collection is embedded in a third-party app experience, many users may not realize they are entering into a direct data relationship with Plaid as well as with the app they intentionally signed up for.
The clause establishes the operational basis for Waze's continuous location tracking infrastructure. It specifies three distinct uses of collected location data—service delivery, service improvement, and data accuracy enhancement—which define the scope of authorized data processing under the agreement.
Location data collection is foundational to Uber's service delivery, enabling ride matching, routing, and service fulfillment. The provision's specification of foreground and background collection parameters establishes the operational scope of location tracking across different regional jurisdictions.
Lime
· Lime Terms of Service
The clause establishes the operational basis for location data collection as a condition of service use. This data collection supports core service delivery and compliance mechanisms that Lime employs to manage its fleet and user behavior.
Square
· Square Privacy Notice
The provision conditions access to specific Services on consent to location data collection, making geolocation information a functional requirement rather than an optional feature. This establishes the operational dependency between location access and service availability.
Fitbit
· Fitbit Privacy Policy
This provision establishes the mechanisms and scope of location data collection available to Fitbit, specifying both the sources of geolocation data and the user control mechanism for disabling collection. The authorization applies across multiple data sources, including those that operate independently of explicit GPS permissions.
The provision establishes the operational basis for location data collection, specifying the technical methods available and conditioning collection on explicit user authorization. This defines the scope of location-based data processing the service may perform.
Target
· Target Privacy Policy
The provision establishes Target's operational authority to deploy multiple geolocation collection mechanisms across both digital and physical environments. This enables the company to correlate location patterns with user behavior and serve location-targeted advertising and promotions.
The provision establishes Google's operational practice of continuous location data collection across its services and specifies the technical mechanisms employed. It defines the scope of user control available through the Location History setting, distinguishing between prospective collection cessation and retention of historical data.
The clause establishes Google's operational authority to gather security-related device data and take protective actions (warnings, removals, blocks) without prior user consent for each instance. It defines the scope of data collection that persists even when users disable certain protections, creating a baseline security monitoring framework.
The provision establishes cookies as a mandatory operational requirement for the Services rather than an optional feature. This reflects the institutional dependency on cookie-based mechanisms for authentication, session management, security monitoring, and analytics that underpin the platform's technical infrastructure.