These rights are enforceable under California law and give California residents meaningful control over their personal data held by Calendly, including the ability to stop data sharing with advertising partners.
California residents can exercise rights under CCPA including data access, deletion, and opt-out of sale, and the policy provides a direct contact mechanism at privacy@langchain.dev for submitting these requests.
These rights are legally enforceable under California law and provide California residents with more control over their data than users in most other US states, including the right to stop Dropbox from sharing their data for advertising purposes.
Yelp
· Yelp Privacy Policy
These are legally enforceable rights under California law that give California residents meaningful control over their personal data held by Yelp, including the ability to stop their data from being shared with advertising partners.
The clause operationalizes statutory CCPA obligations by designating a contact mechanism and specifying the four core rights California residents may exercise under state law, establishing the procedural pathway for rights assertion.
Calm
· Calm Privacy Policy
Under California privacy law, entities offering financial incentives must disclose the collection practices, provide opt-in and opt-out mechanisms, and establish that the value exchange is reasonably related to the personal information collected. This provision satisfies CCPA disclosure requirements by detailing the personal information categories collected and establishing that incentive values are proportionate to data collection.
This provision preserves Supabase's operational flexibility to adapt privacy practices in response to regulatory changes, business operations, or service modifications. It establishes that privacy policy modifications do not require affirmative user agreement before taking effect.
Microsoft
· Microsoft Privacy Statement (Legacy)
The statement commits to notifying users of material changes before they take effect, either by posting a prominent notice or sending a direct notification, which is relevant to users who want to track when and how Microsoft's data practices change.
Non-material changes to the privacy policy can take effect with only a date change and no direct notification, meaning users who do not regularly review the policy may miss changes that affect their data practices.
COPPA requires verifiable parental consent before collecting personal information from children under 13. However, given that Equifax holds credit and financial data about minors in certain contexts (such as authorized user accounts or identity theft protection services for families), the interaction between this disclaimer and actual data practices warrants attention.
The policy establishes an age-based restriction on data collection consistent with COPPA in the US; the restriction applies to services not directed at children, but does not address the full range of minors' privacy protections under GDPR Article 8 or state laws that apply to users under 16 or 18.
The policy sets a minimum age of 16 rather than the COPPA threshold of 13, which means it applies a stricter age threshold for consent purposes; this is operationally relevant for GDPR compliance, which sets the digital consent age at 16 (with member state variation down to 13).
The 16-year age threshold is consistent with CPRA requirements and several state privacy laws, though the US federal COPPA standard applies to children under 13 for certain online services.
Ledger
· Ledger Privacy Policy
Children's data provisions are operationally significant because they establish compliance frameworks with children's privacy regulations (such as COPPA in the United States) and define the procedural requirements for lawful data processing when minors are involved. This provision determines Ledger's consent and notification obligations to parents or guardians.
The policy sets 13 as the minimum age and commits to deleting data from younger users, but does not describe verification mechanisms, which is relevant for platforms that may be accessed by minors.
The 16-year age threshold is stricter than COPPA's 13-year requirement in the US, but parents or guardians whose children may have accessed Smartsheet should know the service is not intended for minors.
This provision establishes Zendesk's age threshold at 16 for data collection purposes, engaging COPPA requirements in the US for children under 13 and GDPR Article 8 requirements for children under 16 in EU member states that have not lowered the threshold, which varies by country.
While standard for most platforms, developers using Vercel to build consumer applications that may reach children should be aware that Vercel's own child data protections apply only to platform accounts, not to end users of their deployed applications.
If a child under 13 creates a ClickUp account, the company commits to deleting that data, but enforcement depends on ClickUp detecting the underage user, which may not always occur in practice.
This provision reflects DocuSign's stated policy to restrict service access to adults, which establishes an age-based eligibility requirement and defines the company's position on minor data collection practices under applicable child privacy regulations.
This establishes Copy.ai's COPPA compliance posture for the US, though the notice does not describe age verification mechanisms used to prevent under-13 access, which is relevant for regulators assessing actual compliance.
Federal law under COPPA prohibits collecting data from children under 13 without verifiable parental consent; if a minor accesses the platform, the policy's reliance on a 'knowingly' standard means accidental collection of children's data may not be caught proactively.
Upwork
· Upwork Privacy Policy
This provision establishes that Upwork relies on user self-certification of age rather than active age verification, which may leave a compliance gap under COPPA for younger teenagers if minors access the platform.
This provision establishes an age-based eligibility restriction for the service and creates a data collection boundary that aligns Wealthfront's practices with regulations governing the collection of children's personal information. The restriction defines the scope of the user base for which Wealthfront designs its data practices and service delivery.
The age restriction is set at 18 globally, which is higher than the COPPA threshold of 13 in the US, but the policy relies on a reactive rather than proactive age verification approach.
This provision establishes the age threshold Jasper applies for child data restrictions at 16 rather than the COPPA threshold of 13, which creates a broader stated restriction aligned with GDPR's Article 8 requirements for children's consent in several EU member states.
This provision establishes a COPPA-aligned age restriction and deletion commitment for under-13 user data, which is a standard compliance baseline; however, the policy does not describe age verification mechanisms, which may be relevant to enforcement context.
The 16-year age threshold exceeds COPPA's 13-year minimum, aligning with GDPR's default age of digital consent provisions in several EU member states, but the policy relies on a 'knowingly' standard that may be difficult to operationalize without age verification mechanisms.
Buy-now-pay-later services require users to be of legal age to enter financial agreements, and this section addresses what protections apply and what happens if a minor's data is inadvertently collected.
Gemini
· Gemini Privacy Policy
This provision establishes an age minimum and signals that Gemini does not intend to collect data from minors, which is consistent with COPPA requirements for online services directed at children or with actual knowledge of children's data.