Chase
· Chase Privacy Notice
California's CCPA and CPRA give residents meaningful control over their personal data held by financial institutions, including rights not available to consumers in most other U.S. states.
The clause operationalizes California Consumer Privacy Act (CCPA) statutory obligations by designating specific submission channels and confirming Starbucks' requirement to honor data subject requests within statutory timelines and to refrain from retaliatory pricing or service denial.
This provision operationalizes CCPA/CPRA statutory rights for California residents and establishes the non-discrimination obligation. The scope and effectiveness of these rights in practice depends on the adequacy of the request submission mechanisms, verification procedures, and response timelines implemented by Walgreens.
These are enforceable statutory rights under California law, meaning ClickUp must comply with valid requests and cannot retaliate by degrading service for users who exercise them.
This provision discloses CPRA rights applicable to California residents, including the right to limit use of sensitive personal information such as precise geolocation and browsing data, and the right to opt out of sharing for cross-context behavioral advertising, which are operationally significant given the breadth of data Verizon collects.
This provision implements California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) statutory requirements by establishing the procedural framework and enumerated rights that California residents may exercise. The specification of submission methods establishes operational requirements for DoorDash to receive and process consumer requests.
AT&T
· AT&T Terms of Service
This clause establishes procedural mechanisms through which California residents can exercise statutory rights under California privacy law. The provision conditions these rights on exceptions defined within AT&T's terms, which affects the scope of disclosable information and deletable data categories.
Plaid
· Plaid End User Privacy Policy
This provision operationalizes Plaid's legal obligations under California privacy law by defining the request processes, verification procedures, and response timelines for consumer privacy rights exercises. It establishes the institutional procedures Plaid must follow to process and fulfill consumer requests under CCPA mandates.
This provision operationalizes California Consumer Privacy Act (CCPA) requirements within Disney+'s service terms, establishing specific mechanisms by which California residents can request data access, deletion, correction, and opt-out actions. The non-discrimination clause ensures that exercise of these statutory rights does not result in differential service pricing or availability.
This provision establishes Coinbase's obligations under California privacy law to provide California residents with specific data access, deletion, and control mechanisms. The clause operationalizes statutory rights by explicitly recognizing them within the privacy policy framework.
California's comprehensive privacy laws give residents more control over their personal data than federal law currently provides, including the right to stop Delta from sharing data with promotional partners.
These rights are enforceable under CCPA as amended by CPRA and give California residents meaningful control over a significant portion of the personal data Robinhood collects, though GLBA-covered financial data is excluded from these rights as stated elsewhere in the policy.
These are legally enforceable rights under California law, not just policy commitments, and include the right to opt out of data sharing for behavioral advertising, which is relevant given Cloudflare's use of third-party advertising cookies.
Consent-by-use provisions are common in privacy policies, but under CPRA and other state privacy frameworks, certain rights (such as opting out of sale or sharing and requesting deletion) cannot be waived by general consent to terms of service.
The provision operationalizes Sony's legal obligations under California privacy law by defining the consent mechanisms for minor data sales (affirmative opt-in for ages 13-16, parental consent for under 13) and establishing the procedural framework for consumer requests. This establishes Sony's operational requirements for processing privacy requests and maintaining audit trails demonstrating compliance with state-mandated consumer rights.
Okta
· Okta Privacy Policy
Even though Okta states it does not 'sell' data in the traditional sense, California law's definition of 'sharing' for advertising purposes is broad enough to capture certain analytics and advertising activities, and California residents have an enforceable right to stop this.
OpenAI
· OpenAI Privacy Policy
The clause operationalizes California's statutory privacy framework by specifying the mechanism for exercising CCPA rights and clarifying OpenAI's position on data sales practices. This establishes the procedural framework through which residents can assert their legal entitlements under state law.
The provision acknowledges Smartsheet's operational obligations to honor California residents' statutory privacy rights by establishing the scope of consumer requests the company must process and the non-discrimination requirement that governs how Smartsheet treats users who exercise these rights.
Webull
· Webull Privacy Policy
The provision establishes Webull's acknowledgment of California-specific privacy obligations that operate as statutory requirements independent of the agreement. These rights are established by California law and the provision confirms the company's recognition of them.
Plaid
· Plaid Terms of Use
This provision establishes the specific statutory privacy rights available to California residents under CCPA/CPRA in the context of Plaid's financial data collection and use activities, including the designated mechanisms for exercising those rights.
This provision implements the disclosure and access requirements of the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), establishing TransUnion's operational obligation to respond to consumer privacy requests within statutory timeframes and to maintain systems for processing such requests.
Brex
· Brex Privacy Policy
This clause establishes Brex's acknowledgment of California statutory privacy rights and describes the specific consumer control mechanisms available under state law. The provision operationalizes Brex's obligations to honor requests from California residents exercising these legally-mandated rights.
These rights give California consumers meaningful control over a wide range of data GM holds about them, including vehicle location, driving behavior, and biometric data — but these rights must be actively exercised by submitting a request.
Zoom
· Zoom Privacy Statement
This provision operationalizes California's statutory consumer privacy framework (CCPA/CPRA) within Zoom's service terms, establishing the procedural mechanisms through which California residents may exercise legally mandated data subject rights and establishing Zoom's obligation to honor such requests without penalizing the requester.
GOAT
· GOAT Privacy Policy
The CCPA/CPRA creates operational obligations for GOAT regarding data transparency, consumer access requests, deletion requests, and opt-out mechanisms for data sales or sharing. Compliance with these statutory requirements shapes how the entity documents and implements its data handling procedures.
This clause acknowledges Robinhood's obligation to comply with California privacy statutes by recognizing resident rights to control personal information collection, use, disclosure, and deletion. The provision establishes the legal framework under which California residents may exercise data subject access and control mechanisms.
Loom
· Loom Privacy Policy
This provision establishes Loom's acknowledgment of statutory consumer rights under California privacy law and specifies the company's data practices regarding sale restrictions and behavioral advertising sharing. The clause operationalizes California residents' access to statutory disclosure, deletion, and opt-out mechanisms.
The CCPA and CPRA give California residents enforceable rights to control their personal data held by companies like Binance.US, including the right to know what data is collected, to request deletion, to correct inaccurate data, and to opt out of certain sharing. These rights are only available to California residents under this policy.
Fly.io
· Fly.io Privacy Policy
This clause establishes the operational framework for Fly.io's compliance with California privacy law by explicitly recognizing the four primary consumer rights that the CCPA/CPRA mandates. The provision clarifies that these rights attach automatically to California residents without requiring separate agreement or enrollment.
This provision operationalizes statutory rights under California's CCPA/CPRA by establishing the mechanism through which consumers can request access, deletion, correction, and opt-out actions regarding their personal information. It defines TurboTax's obligation to receive and process these consumer requests through a designated portal.