For users in the EU, UK, and California, these rights are legally backed by GDPR, UK GDPR, and CCPA/CPRA respectively; however, the policy's conditional framing means users outside these jurisdictions may have fewer enforceable rights against Consensys.
This provision operationalizes data subject rights typically required under privacy regulations like GDPR and CCPA. It establishes the procedural mechanisms by which Microsoft will respond to individual requests for data access, deletion, correction, and transfer.
Asana
· Asana Privacy Statement
This clause operationalizes regulatory data subject rights obligations, establishing Asana's procedural framework for responding to user requests and enabling compliance with jurisdiction-specific privacy regulations. The provision clarifies that rights availability is conditional on location and applicable law, creating a framework for processing user requests within legal parameters.
This clause operationalizes regulatory obligations under data protection frameworks that require organizations to provide individuals with mechanisms to exercise statutory rights over their personal data. The provision establishes the procedural channels through which Skillshare processes such requests.
The clause conditions the availability of data subject rights on applicable law and jurisdiction, creating a location-dependent framework for how HubSpot processes individual requests for control over personal information. The provision establishes the procedural mechanism through which requesters initiate exercise of these rights.
This provision operationalizes regulatory data subject rights under privacy regimes such as GDPR and CCPA by establishing a mechanism through which users can assert control over their personal data and the organization's processing activities.
The provision establishes procedural mechanisms for users to exercise statutory data rights that vary by jurisdiction. It creates an operational framework for DocuSign to receive and process such requests through designated channels, establishing the company's institutional obligation to respond to valid requests according to applicable law.
Miro
· Miro Privacy Policy
The provision operationalizes compliance with jurisdiction-specific data protection regulations by establishing a defined channel for rights requests. This structure creates procedural obligations for Miro to respond to documented requests while limiting the scope to legally recognized rights in the user's applicable jurisdiction.
Figma
· Figma Privacy Policy
The provision operationalizes statutory data subject rights by documenting Figma's recognition and processes for fulfilling access, deletion, portability, and objection requests across multiple regulatory jurisdictions. This establishes the procedural mechanisms through which users exercise rights and Figma responds to formal requests, with the provision noting that legal retention obligations may limit deletion requests in certain circumstances.
Unity
· Unity Privacy Policy
The provision operationalizes data subject rights that vary by jurisdiction, creating a procedural mechanism for users to exercise legally-mandated privacy controls. It establishes Unity's obligation to process such requests within statutory timeframes, subject to identity verification requirements.
Stripe
· Stripe Privacy Policy
The clause establishes the framework through which data subjects can exercise statutory rights under privacy regulations. It outlines Stripe's obligation to respond to requests for access, deletion, portability, and objection, and identifies privacy inquiry as the designated mechanism for exercising these rights.
Intuit
· Intuit Privacy Statement
The provision operationalizes jurisdictional data protection requirements by establishing a defined mechanism for rights requests. It designates a specific portal as the administrative pathway through which users submit and Intuit processes data subject right requests.
Uber
· Uber Privacy Notice
This provision establishes the operational mechanisms through which users may exercise data subject rights under applicable privacy regulations. The jurisdiction-specific application of these rights reflects Uber's compliance structure with varying legal frameworks across its service regions.
Knowing your data rights and how to exercise them is essential for controlling how OnlyFans uses your personal information, particularly for users in the EU, UK, and California where these rights are legally enforceable.
Microsoft
· Microsoft Privacy Statement (Legacy)
The provision creates operational mechanisms through which data subjects may exercise statutory rights under data protection regulations. It designates account.microsoft.com/privacy as a primary control interface and establishes a contact procedure for rights requests not available through automated tools.
Workday
· Workday Privacy Statement
Knowing how to exercise your data rights with Workday, and whether your request should go to Workday directly or to your employer, is essential for anyone whose personal information is held within the Workday ecosystem.
ADP
· ADP Privacy Statement
This provision establishes that the procedural mechanism for exercising GDPR, CCPA, and other data subject rights is distributed across jurisdiction-specific supplements rather than centralized, which requires individuals to identify and access the correct regional notice before initiating a rights request.
Knowing how to exercise your data rights is practically important, especially if you have uploaded personal likeness or voice data, since deletion of avatar data may require a specific request.
The availability and enforceability of these rights varies significantly by jurisdiction, meaning not all users have the same level of protection or ability to control their data.
The provision creates operational pathways for data subject rights requests and preference management, establishing the procedures through which individuals can exercise control over their information processing and data collection mechanisms within the Epic Games ecosystem and connected third-party platforms.
Uber
· Uber Privacy Notice
This clause operationalizes statutory data protection obligations by establishing a procedural mechanism for rights exercise. The provision's scope and applicability depend on the user's location and the applicable legal framework governing personal data protection.
Okta
· Okta Privacy Policy
This clause creates a procedural framework for privacy request submission and establishes Okta's obligation to honor rights that vary by jurisdiction. The provision operationalizes compliance with data protection regulations by specifying available rights and the designated submission mechanism.
This clause establishes the mechanism by which advertisers can obtain Google's technical assistance when processing data subject rights requests such as access, erasure, restriction, or portability. The scope of assistance is qualified by what is technically possible given the processing involved, which may limit the practical assistance available for certain request types.
OpenAI
· OpenAI Data Processing Addendum
This provision establishes that the operator, not OpenAI, is the primary party responsible for responding to data subject rights requests, and that OpenAI's assistance is conditional on what is technically and organizationally feasible. Operators must have their own workflows to handle requests that involve personal data processed through the API.
This clause addresses the GDPR Article 28(3)(e) requirement that processors assist controllers with data subject rights obligations; the 'insofar as this is possible' qualification may limit the scope of assistance available for AI-processed data where individual-level data retrieval or deletion is technically constrained.
Roblox
· Roblox Privacy and Cookie Policy
This provision consolidates the data rights available to users under GDPR, CCPA, and other applicable laws into a single framework and provides the mechanism for exercising them.
Glean
· Glean Privacy Policy
This shapes whether individual employees can effectively exercise GDPR, UK GDPR, or CCPA rights in practice, since Glean inserts an intermediary that controls the response process.
These rights are legally enforceable under GDPR and CCPA, meaning AWS is required to respond to valid requests within defined timeframes, giving you meaningful control over your personal information if you choose to exercise these rights.
Fiverr
· Fiverr Privacy Policy
These rights give users in the EU, UK, and California meaningful control over their personal data held by Fiverr, including the ability to request deletion or opt out of data sharing for advertising.
The provision operationalizes Riot Games' obligation to recognize and facilitate statutory data subject rights across multiple regulatory regimes, establishing the framework through which users may exercise jurisdiction-specific protections regarding their personal data.