The provision operationalizes Spotify's age verification procedures by defining the categories of biometric and identity data that may be processed, establishing the retention protocol (immediate deletion post-verification), and allocating consent and notice obligations between Spotify and third-party providers. This framework enables age-restricted access controls while establishing data minimization practices.
The provision establishes the operational scope and retention parameters for biometric and identity document data processed through Spotify's age verification mechanism. By restricting retention to the duration of the verification process and requiring prior consent and third-party notice, the clause defines the conditions under which sensitive personal data may be collected and processed.
Roblox
· Roblox Privacy Policy
The provision establishes the operational procedure and data handling framework for age verification, including the collection mechanism (facial imaging), the purpose (age assurance), and the data retention policy (deletion post-verification). This addresses regulatory compliance with age assurance requirements in digital services.
The clause establishes the operational scope and stated purpose for facial image collection within a specific feature. By restricting the stated use to mesh generation and explicitly disclaiming identification purposes, the provision delineates what Epic Games represents about the processing of this biometric data.
The provision clarifies Meta's institutional practices regarding biometric data collection and use within its advertising platform. It defines the scope of biometric processing activities and establishes the framework under which facial recognition technology operates within Meta's service infrastructure.
Gusto
· Gusto Privacy Policy
The provision establishes the data collection scope required for account verification and onboarding. This financial information collection is foundational to the employer's ability to access and use the payroll platform services.
The collection scope directly enables Coinbase to perform identity verification, tax reporting obligations under cross-border financial regulations, and anti-money laundering (AML) and know-your-customer (KYC) compliance procedures required by financial services regulators. This data collection is foundational to the entity's operational and regulatory obligations as a licensed cryptocurrency exchange.
The clause defines the scope of financial data collection necessary for the platform to process transactions, verify user identity, and maintain transaction records. This data collection is foundational to the operational functionality of cryptocurrency exchange services.
The inclusion of these specific financial identifiers in the privacy policy's data collection categories establishes the operational scope of financial data that the platform processes. This categorization determines which data types are governed by the privacy policy's stated collection, use, retention, and disclosure practices.
Plaid
· Plaid End User Privacy Policy
Financial data aggregation is central to Plaid's service model, enabling the platform to connect user financial accounts and provide account linking functionality to third-party applications. The scope of data collection and aggregation directly determines what financial information Plaid processes and what uses are permitted under the service agreement.
Square
· Square Privacy Notice
The clause defines the scope of financial data collection Square performs as a core operational function of its payment processing and financial services offerings. This collection is necessary for Square to process transactions, verify accounts, and maintain financial records across its service portfolio.
eBay
· eBay Privacy Notice
The provision delineates financial data as a distinct category within eBay's data collection scope, which determines how such information is handled under the privacy notice's security, retention, and sharing provisions. This classification affects the regulatory obligations and procedural requirements that apply to processing of payment and account information.
Redfin
· Redfin Privacy Policy
The provision establishes a data collection framework necessary for real estate transaction processing. Loan pre-approval documentation collection enables Redfin's operational capacity to match buyers with properties within demonstrated financing parameters and expedite offer submission workflows.
Redfin
· Redfin Privacy Policy
The clause establishes the scope of financial data collection necessary for Redfin to process real estate transactions, including sensitive financial documentation required for loan underwriting and property transfers. This collection is presented as customary to real estate transaction workflows.
The provision establishes the scope of financial data OnlyFans processes as a payment intermediary and facilitator of creator payouts. This data collection is operationally necessary for funds transfer, tax compliance, and regulatory reporting across multiple jurisdictions, and defines what financial information the platform retains in creator accounts.
Brex
· Brex Privacy Policy
The clause defines the collection scope for information subject to the Gramm-Leach-Bliley Act (GLBA), which establishes the baseline set of financial data the entity is authorized to gather and process through user interactions with the platform.
Strava
· Strava Privacy Policy
This provision establishes the operational framework for peer-to-peer location sharing functionality. It clarifies that Strava processes and transmits live location data only when users affirmatively enable sharing features, distinguishing this data practice from other location data uses.
Stripe
· Stripe Privacy Policy
This clause establishes the legal basis for Stripe's automated processing of user data for security purposes, enabling the deployment of machine learning systems to identify and prevent fraudulent and harmful activities across the platform.
This provision authorizes Robinhood to lend securities you own to third parties, which removes SIPC insurance protection on those securities while they are on loan and introduces counterparty risk associated with the borrower.
23andMe
· 23andMe Privacy Statement
The scope definition determines which digital properties and service interactions fall under the privacy framework described in the statement. This establishes the jurisdictional boundaries for how 23andMe applies its privacy procedures across its portfolio of platforms and services.
TikTok
· TikTok Community Guidelines
The authorization of geolocation and device status data collection enables the platform to associate user content and activity with specific locations and device operational states. This data collection supports analytics, personalization, and service optimization functions.
The clause establishes the operational basis for Paramount+ to gather location and device-level tracking data across its service ecosystem. This collection supports both service functionality and the commercial monetization of user behavioral data through targeted advertising partnerships.
TikTok
· TikTok Community Guidelines
The operational significance of this clause is that it establishes systematic geolocation data collection as part of platform functionality. The sampling and stack rate parameters set to maximum (1) indicate continuous rather than periodic collection, which affects the volume and granularity of location data the platform retains.
TikTok
· TikTok Community Guidelines
Geolocation data collection enables TikTok to deliver location-based features, content personalization, and advertising targeting. This data stream also supports operational functions including compliance verification, fraud detection, and service analytics.
PayPal
· PayPal Privacy Statement
This provision establishes the operational scope of geolocation data collection across multiple technical methods (GPS, IP-based tracking, and mobile settings). The authorization permits continuous collection of precise location information during active account sessions, which supports PayPal's transaction processing, fraud detection, and service delivery functions.
The provision establishes the operational basis for location-based service delivery and personalization. Location data collection enables the service to target content and advertising based on user geography.
Geolocation data collection enables location-based service features and analytics. The provision establishes that collection requires affirmative user authorization rather than occurring by default.
The provision establishes a data collection framework that enables location-based functionality while also permitting use of geolocation data for advertising optimization and service analytics. This dual-purpose authorization means geolocation data collection operates as both a service-enabling mechanism and a data input for commercial purposes.
The clause establishes Peloton's collection authority across multiple location data categories and specifies that collection parameters depend on device configuration and user settings. The provision creates an opt-out mechanism for precise location data specifically, while other location categories (IP address, city, region) remain subject to collection under standard use.
The clause establishes the operational basis for location data processing as a functional component of the service delivery model. Geolocation data collection enables McDonald's to operate location-aware features and to segment its advertising delivery based on geographic parameters.