This provision establishes the procedural mechanism for exercising data subject rights, requiring email contact rather than an in-platform self-service tool, which is the primary avenue for users to exercise GDPR, CCPA, and Australian Privacy Act entitlements.
Bumble
· Bumble Privacy Policy
This provision operationalizes Bumble's obligation to provide users procedural mechanisms for exercising statutory data protection rights. The enumeration of these eight specific rights establishes the framework by which users can request data-related actions from the company, which affects how the company must handle data access, modification, and deletion requests.
Canva
· Canva Privacy Policy
This provision describes the mechanism through which users can exercise data rights under GDPR, CCPA, and equivalent frameworks. The conditional framing ('depending on where you live') means that the availability of specific rights varies by jurisdiction, and users outside covered jurisdictions may have fewer or no enforceable rights under this policy.
Roblox
· Roblox Privacy and Cookie Policy
The provision operationalizes jurisdictional privacy rights by establishing a formal mechanism for users to request data-related actions and specifying the channels through which Roblox will receive and process such requests. This creates procedural obligations for the entity to respond to and act on valid requests within applicable regulatory timeframes.
Users may not realize that their Poshmark activity, including photos they post and comments they make, is fully public and searchable online by default, which has implications for personal privacy beyond the Poshmark platform.
This clause confirms Groq collects information from website visitors and places a contractual obligation on users to ensure any submitted information is accurate, while directing detailed privacy disclosures to a separate Privacy Policy document.
The policy states that Inputs containing personal data are collected by OpenRouter, which means content submitted through the service interface, such as names, contact details, or other identifiable information embedded in messages, is subject to OpenRouter's data collection and sharing practices.
Strava
· Strava Privacy Policy
This provision establishes the baseline visibility configuration for user-generated content, requiring users to affirmatively adjust privacy settings to restrict visibility beyond the default public setting. The clause clarifies that default visibility extends to search engine indexing and non-registered viewers, not only authenticated Strava users.
This provision establishes the user-facing rights framework Meta asserts is available under applicable privacy law, while disclosing that those rights may be limited by competing legal obligations, Meta's own rights, or third-party interests.
These provisions establish procedural pathways for users to exercise statutory data subject rights under privacy regulations such as GDPR and CCPA. The specification of submission mechanisms (Privacy Rights Dashboard and Support Portal) creates defined operational processes for Coinbase to receive, process, and respond to such requests.
Netflix
· Netflix Privacy Statement
This provision establishes Netflix's obligations to provide data subject access upon request, maintain mechanisms for data correction and deletion requests, and enable data portability. These obligations establish operational procedures Netflix must follow when users exercise these statutory rights.
These rights allow users to actively manage their data held by Eventbrite, but the scope of rights available depends on the user's location and applicable law, so not all rights apply to all users equally.
This clause creates procedural mechanisms through which users can exercise control over their personal information within regulatory frameworks that vary by jurisdiction. The provision establishes Headspace's operational obligation to respond to such requests where applicable under applicable law.
The provision establishes the framework through which users can exercise data subject rights under applicable privacy regulations. The availability and scope of these rights are conditioned on the user's location, which determines which regulatory regimes apply to the data processing relationship.
Gemini
· Gemini Privacy Policy
The provision creates a defined mechanism for privacy rights requests and acknowledges jurisdiction-specific privacy obligations, establishing the procedural framework through which users can assert applicable rights. This approach permits Gemini to apply location-appropriate privacy standards while centralizing request processing.
The policy acknowledges regional data rights but exercises them through a contact-us mechanism rather than a self-service portal, meaning the process for exercising rights depends on company response to individual requests.
This provision establishes a procedural mechanism for parental access and account deletion rights, defining how parents can exercise data subject rights regarding children's accounts and setting forth the operational consequence (deletion of personal information and collection cessation) that follows account deletion.
Gemini
· Gemini Privacy Policy
The clause operationalizes regulatory requirements for user control over personal information and establishes the administrative processes through which users may exercise statutory data rights, creating procedural obligations for the service provider to respond to documented requests.
These rights are particularly meaningful on a mental health platform because they allow users to review what sensitive data Headspace holds about them, request corrections to health information, or ask for complete deletion of their mental health records from the platform.
Netflix
· Netflix Privacy Statement
The policy acknowledges user privacy rights under applicable law, with the specific rights available depending on the user's jurisdiction; EU/EEA users have rights under GDPR, California residents have rights under CCPA/CPRA, and other regional rights may apply based on the user's location.
Netflix
· Netflix Privacy Statement
This provision operationalizes Netflix's compliance with regional privacy regulations by establishing a framework through which users can exercise legally recognized data rights. The provision conditions the availability of these rights on jurisdiction, reflecting Netflix's obligation to align its privacy practices with applicable regulatory requirements in different markets.
The provision operationalizes privacy rights that vary by jurisdiction and establishes the procedural mechanism—a dedicated portal and contact email—through which users can submit requests to exercise those rights. This establishes Coinbase's obligation to provide accessible channels for privacy rights requests.
The provision establishes that Windsurf's data handling practices are subject to varying regional regulatory frameworks, including GDPR and state privacy statutes. This creates operational requirements for Windsurf to maintain different data rights mechanisms depending on user location.
Twitch
· Twitch Privacy Notice
The breadth of data categories listed, spanning biometric-adjacent data like voice and image to financial data like credit card numbers, means that your Twitch account contains sensitive personal information that warrants careful privacy management.
Meta
· Meta Terms of Service
The real name requirement is a contractual obligation enforced through Meta's Authentic Identity Policies, and Meta reserves the right to request identity verification at any time, which may affect pseudonymous users or those who use platform names that differ from legal names.
The policy grants data rights on a jurisdiction-dependent basis, meaning the availability and scope of rights (such as GDPR erasure rights or CCPA deletion rights) depend on where the user lives; users outside covered jurisdictions may have fewer or no enforceable rights under this policy.
The clause establishes user-controlled data management capabilities within the service platform, allowing individuals to maintain accuracy of personal information and obtain portable copies of their data as retained by the entity.
Fiverr
· Fiverr Privacy Policy
This provision establishes the operational framework through which Fiverr acknowledges and processes user data subject access requests, deletion requests, and data portability requests. The provision's significance derives from its specification of user-initiated data governance mechanisms and the conditions under which the service provider fulfills such requests.
The provision establishes operational mechanisms that enable users to exercise data management and account control functions, establishing Snapchat's procedural compliance with user data access and deletion requests within its platform infrastructure.
These access, deletion, and portability mechanisms establish operational procedures for Meta to fulfill data subject rights under privacy regulations including GDPR and similar frameworks. The provision defines the administrative process through which users may exercise control over their stored personal information.