Cohere
· Cohere Privacy Policy
The clause operationalizes legal rights granted under GDPR, UK GDPR, and CCPA by establishing a procedural mechanism for data subjects to request exercise of those rights. The designation of a specific contact point creates an administrative structure for processing rights requests.
The clause operationalizes compliance with data subject rights under data protection regulations by creating a defined submission channel (privacy@synthesia.io) and establishing response timelines that align with standard regulatory requirements for handling such requests.
The clause operationalizes data subject rights required under data protection regulations by specifying the submission mechanism (privacy@checkout.com), response timeline, and conditions for fulfillment. It establishes procedural obligations for handling rights requests and permits identity verification as a verification control.
This provision establishes the mechanism and scope of data subject rights available under CCPA, CPRA, GDPR, and UK GDPR, and the operational availability of these rights depends on Whatnot's implementation of request intake, verification, and response workflows.
This provision establishes the mechanism and contact point for exercising data subject rights for the two largest regulated user populations. The notice's acknowledgment of these rights is a compliance disclosure; the practical effectiveness of these rights depends on AWS's operational response processes, which are not described in detail in the notice.
This provision establishes the data subject rights framework applicable to EU, UK, and California users, determining the procedural mechanisms and timelines through which users may exercise rights under GDPR, UK GDPR, and CCPA, and the obligations Smartsheet bears in responding to those requests.
This provision establishes the mechanism through which data subjects exercise statutory rights under GDPR, UK GDPR, and CCPA/CPRA; the policy routes all such requests through a single email contact, and compliance teams should verify that response processes meet applicable statutory timeframes.
The provision operationalizes Cash App's obligation to comply with state privacy laws that grant residents rights such as access, deletion, and opt-out capabilities. This section signals the existence of differentiated obligations based on jurisdictional residence rather than a uniform global privacy standard.
These rights are meaningful but are qualified by the phrase 'subject to local data protection laws,' meaning the rights you actually have depend on your jurisdiction. EU and California residents have the broadest statutory rights.
The clause operationalizes GDPR and equivalent regional regulatory requirements by explicitly recognizing data subject rights that create enforceable obligations on Zendesk to respond to individual requests and provide mechanisms for exercising these rights within regulatory timeframes.
This clause establishes Cloudflare's recognition of statutory data subject rights under GDPR and UK data protection frameworks. The provision operationalizes Cloudflare's obligation to facilitate exercise of these rights as required under European data protection regulations.
This provision operationalizes HubSpot's compliance obligations under GDPR by explicitly acknowledging enforceable individual rights and establishing a mechanism (contact process) through which data subjects may exercise those rights. The clause creates a procedural framework for handling data access, rectification, and deletion requests.
These rights give you meaningful control over your personal data held by AI21, including the ability to request deletion or restrict use of your data for advertising purposes, but exercising them requires you to proactively contact AI21.
Auth0
· Auth0 Privacy Policy
The clause operationalizes Auth0's compliance obligations under privacy regulations (GDPR, CCPA) by establishing a formal mechanism for data subject requests. The provision conditions the availability of these rights on user location, meaning the substantive rights triggered depend on applicable jurisdictional law rather than Auth0's discretionary grant.
The policy acknowledges data subject rights under GDPR and CCPA, providing a contact mechanism for users to exercise access, correction, deletion, and restriction rights, which is a material protection for users in those jurisdictions.
Cohere
· Cohere Privacy Policy
This provision establishes the mechanism for users to exercise their privacy rights and names the contact point for submitting data requests, which is the primary action channel for consumers wanting to manage their personal data held by Cohere.
Airbnb
· Airbnb Privacy Policy
This provision operationalizes Airbnb's obligations as a data controller under EU and California privacy regulations by designating a mechanism for rights requests and requiring identity verification before processing such requests. The clause establishes the scope of available rights on a jurisdiction-dependent basis, which determines what remedies users may invoke regarding their personal data.
Notion
· Notion Privacy Policy
The policy explicitly grants access, correction, deletion, portability, restriction, and objection rights to users in applicable jurisdictions, and directs users to contact privacy@makenotion.com to exercise these rights, providing a concrete mechanism for data control.
This provision operationalizes statutory data subject rights under GDPR and state privacy laws by specifying the mechanism (email contact), response timeline (45 days plus possible extension), and categories of rights available. The clause establishes Copy.ai's procedural obligations for processing and responding to data rights requests.
The clause establishes Monday.com's recognition of statutory data protection rights under GDPR and UK data protection frameworks, creating operational obligations for the entity to enable these rights upon user request and maintain mechanisms for their exercise.
The clause operationalizes data subject rights mandated by privacy regulations like GDPR, establishing Coursera's obligation to provide mechanisms through which users can exercise control over their personal data holdings and processing activities.
These rights are a core privacy protection, but they apply only to data for which HubSpot is the controller. If your data is in a business customer's HubSpot account, you must contact that business instead.
The clause operationalizes regulatory data subject rights by creating a defined submission mechanism, establishing Thomson Reuters' obligation to receive and process such requests according to applicable jurisdictional requirements.
ADP
· ADP Privacy Statement
The clause operationalizes data subject rights by designating a submission mechanism, establishing response timelines tied to legal requirements, and specifying conditions under which ADP may verify identity or decline requests. This structures how individuals interact with ADP to exercise statutory privacy rights and delineates the procedural boundaries of those requests.
Fastly
· Fastly Privacy Policy
This provision operationalizes Fastly's compliance obligations under data protection regulations by establishing a documented mechanism for processing user requests related to personal data rights. The clause defines the procedural pathway through which requests are submitted and establishes Fastly's acknowledgment of rights that vary based on jurisdictional requirements.
The provision operationalizes GDPR and similar privacy law obligations by designating a specific administrative channel for rights requests, standardizing the submission process and establishing a documented record of user-initiated data governance actions.
A corporate transaction could result in your detailed financial profile, including account history, investment data, and Social Security number, being transferred to a new entity whose privacy practices you have not reviewed or agreed to.
Stripe
· Stripe Terms of Service
The clause establishes the scope of Stripe's data collection and use rights across its service offerings. It establishes conditions for merchants handling customer personal data, requiring execution of a separate Data Processing Agreement to formalize responsibilities under data protection frameworks.
The policy states that personal data including gameplay activity and account identifiers may be used for advertising and analytics purposes, which may affect users who do not expect their gaming activity to be used for targeted advertising.
Writer
· Writer Privacy Policy
This provision authorizes use of user data for AI model training, which is operationally significant for enterprise customers concerned about proprietary content submitted to the platform potentially informing model improvements accessible to other users or the platform generally.