Bumble
· Bumble Privacy Policy
Vague retention periods mean your data could be held for extended periods even after you stop using the app, and you may not know how …
Even after you stop using Dropbox, your data may be retained for an extended and potentially indefinite period, which limits your ability to fully remove …
Indefinite or long-term data retention increases the risk that your personal information could be exposed in a data breach or used in ways you did …
The absence of specific retention periods for sensitive mental health and therapy data means Headspace may retain your most private information indefinitely unless you actively …
Microsoft
· Microsoft Privacy Statement (Legacy)
Vague retention periods mean your data may be held by Microsoft for years beyond your active use of a product, and without clear timeframes, it …
Waze
· Waze Privacy Policy
Vague retention periods mean your location history and personal data could be stored indefinitely unless you actively request deletion.
Your data may be retained for extended periods even after you stop using DocuSign, and the retention period is not precisely defined, giving DocuSign broad …
Fiverr
· Fiverr Privacy Policy
Closing your Fiverr account does not result in immediate deletion of your personal data — Fiverr retains information indefinitely under broad legitimate business purpose justifications, …
Grindr
· Grindr Privacy Policy
Indefinite or lengthy data retention means that sensitive information — including location history and health data — may remain on Grindr's systems and those of …
The open-ended retention standard — 'as long as necessary' — gives Shopify broad discretion to retain data, and the alternative of anonymization rather than deletion …
Open-ended data retention means your personal information could be held indefinitely without clear limits, increasing the risk of exposure in a data breach or misuse …
Vague data retention language means your data could be held indefinitely under broad interpretations of 'legal obligations' or 'business purposes', limiting your ability to have …
Open-ended retention periods mean your data may be held indefinitely while your account is active and for unspecified periods after, which limits your practical control …
Gemini
· Gemini Privacy Policy
Your data may be kept for many years after you close your account due to regulatory and legal requirements, meaning deletion requests may not result …
Xbox
· Xbox Privacy Statement
The absence of specific retention periods means your Xbox gameplay history, voice data, and account information could be kept indefinitely without a clear timeline for …
Meta
· Meta Privacy Policy
The absence of specific retention periods and the explicit carve-out for data shared about you by others means account deletion does not result in comprehensive …
Your data may be kept long after you close your account, potentially for years, due to financial regulatory requirements — limiting your ability to fully …
Stash
· Stash Privacy Policy
Closing your Stash account does not immediately result in deletion of your personal data — Stash can retain your sensitive financial information for extended periods …
Chegg
· Chegg Privacy Policy
The absence of defined retention periods means Chegg could retain your academic and behavioral data indefinitely, and 'anonymization' is not always irreversible or complete.
Webull
· Webull Privacy Policy
For a broker-dealer, legal retention requirements under SEC and FINRA rules can require keeping financial records for 3-7 years or more, meaning your personal and …
Netflix
· Netflix Privacy Statement
Vague retention terms like 'legitimate business purposes' give Netflix broad discretion to keep your data for extended periods without clearly communicating exactly how long each …
Closing your Coinbase account does not result in deletion of your data; your personal and financial records remain in Coinbase's systems for years and continue …
Deleting your account does not immediately erase all data WhatsApp holds about you, which may be kept for an unspecified period for compliance or safety …
Indefinite or open-ended data retention means your historical location records, call logs, financial data, and behavioral profiles could be stored for years or decades, increasing …
Visa
· Visa Privacy Notice
Open-ended retention periods tied to broad 'business purposes' and legal obligations can mean your data is held indefinitely, limiting the practical effect of deletion rights.
Even if you close your Coinbase account and request data deletion, your identity and transaction records will be retained for years due to AML and …
Many users assume closing an account means their data is deleted; Coinbase's regulatory obligations under AML/KYC laws mean your most sensitive financial and identity data …
Netflix
· Netflix Privacy Statement
Vague retention language without specific periods makes it difficult for users to know when their data will be deleted and creates compliance risk under GDPR's …
Google
· Google Privacy Policy
Vague retention language means users cannot know how long their sensitive data (search history, location data, email metadata) is stored, making it difficult to exercise …
Chase
· Chase Privacy Notice
Vague retention language means Chase may hold your personal financial data for extended and undefined periods, which increases the risk of exposure in the event …