Notion
· Notion Privacy Policy
The policy authorizes use of cookies and tracking pixels by both Notion and unnamed third-party partners; the HTML source of the privacy policy page itself loads tracking scripts from Facebook, Google Ads, LinkedIn, Twitter, and Marketo, indicating these third parties receive data about visitors to Notion's web properties.
Microsoft
· Microsoft Privacy Statement (Legacy)
The provision establishes Microsoft's operational framework for automated data collection mechanisms. By characterizing these tracking technologies as serving defined purposes (authentication, fraud prevention, performance analytics, advertising delivery), the clause establishes the institutional basis for persistent identifier deployment across Microsoft's service ecosystem.
Tracking technologies allow Dropbox and its advertising partners to build a behavioral profile based on your usage, which is shared with third parties for marketing purposes and may persist across browsing sessions.
This provision establishes the operational framework for Pinterest's data collection and ad targeting infrastructure. It defines the technical mechanisms and third-party partnerships through which user activity data is collected, processed, and shared across Pinterest's network and external sites, enabling personalized service delivery and advertising measurement.
Fiverr
· Fiverr Privacy Policy
Persistent tracking cookies and pixels from third-party advertising partners extend Fiverr's ability to monitor your behavior beyond just the Fiverr website, potentially across many other sites you visit.
The policy states that cookies and tracking technologies are used for preference retention, usage analytics, and advertising targeting, which involves persistent device-level data collection that may extend across sessions and third-party sites.
The deployment of third-party tracking technologies for advertising purposes may require prior consent under the EU ePrivacy Directive and GDPR for EU users, and may engage CPRA opt-out rights for California users regarding cross-context behavioral advertising.
Cookie and tracking data can build a detailed profile of your behavior on Vercel's platform, and this data may be shared with advertising and analytics partners as described elsewhere in the policy.
This provision authorizes cross-site tracking through third-party partners, which engages GDPR and ePrivacy Directive consent requirements for cookie placement in EU contexts and triggers CCPA/CPRA disclosure and opt-out obligations for sale or sharing of information derived from tracking.
This provision establishes HubSpot's use of persistent and session-based tracking mechanisms across its services, which engages consent requirements under GDPR and ePrivacy rules for EU users and disclosure obligations under CCPA for California users.
Canva
· Canva Privacy Policy
The policy distinguishes between essential and optional cookies, and the availability of a cookie settings tool is relevant to GDPR and ePrivacy consent obligations for EU users. The practical adequacy of consent obtained through the cookie banner cannot be assessed from policy text alone.
This provision establishes the operational basis for SimpliSafe's data collection infrastructure and the authorization for third-party advertising partner access to tracking data. The clause defines the technical mechanisms and stated purposes that govern how user interaction data flows through SimpliSafe's analytics and advertising systems.
The clause establishes the operational parameters for cookie and tracking technology deployment, specifies user control mechanisms available through browser settings, and clarifies that certain browser-based privacy preferences will not be honored by the service.
This provision establishes the operational framework for Progressive's use of persistent and passive tracking mechanisms to generate behavioral and technical data sets. The authorization permits both first-party analytics collection and activity monitoring that supports targeted advertising functions.
The policy discloses that pixels and SDKs, in addition to cookies, are used to collect data. Pixels and SDKs can transmit data to advertising and analytics partners and may operate independently of browser cookie controls.
Netflix
· Netflix Privacy Statement
The provision establishes Netflix's technical infrastructure for data collection across user interactions with the service and affiliated platforms. By cataloging these specific identifier types, the clause operationalizes Netflix's ability to track user activity, maintain session state, and link user behavior across devices and services for service functionality and analytics purposes.
Cookie requirements are a standard operational mechanism for session management, authentication, and service delivery. This provision clarifies that cookie functionality is a prerequisite to service access rather than optional, establishing the technical conditions under which the platform operates.
Tracking technologies create a behavioral profile of your online activity that is shared with advertising and social media platforms, potentially linking your credit bureau profile with your browsing behavior across the web.
This provision establishes the operational basis for continuous data collection across Equifax properties and authorizes the use of that data for behavioral targeting in advertising contexts. The authorization extends to third-party advertising partners, making this data collection a foundational operational practice for the service.
The provision establishes the operational scope of data collection mechanisms across first-party and third-party sources, enabling behavioral tracking and advertising personalization across owned and external digital properties. This determines what data flows inform the company's advertising targeting infrastructure.
Stripe
· Stripe Privacy Policy
The definition establishes the scope of information the organization processes and governs under its data handling obligations, clarifying that Personal Data includes passive collection mechanisms (device identifiers, IP logs) alongside voluntary user submissions.
This provision establishes the technical and operational scope of data collection activities Mercury implements across its service platform. The authorization extends to multiple tracking mechanisms and encompasses both Mercury's direct collection and third-party partner participation in data gathering.
This provision establishes the operational scope of Coinbase's tracking practices across its platform. It defines the categories of information collection (interaction data, movement patterns, demographic data) and the permissible uses of that data (analytics, service management, advertising), which form the basis for Coinbase's data operations.
Third-party tracking technologies embedded in Disney's services can follow your behavior across the internet, enabling advertising that persists beyond the Disney platform you visited.
This provision establishes a categorical prohibition on a specific technical method of affiliate attribution manipulation. Associates using third-party link management tools, browser extensions, or automated scripts that interact with cookie placement should verify those tools do not trigger this prohibition, as violation is stated as grounds for commission withholding and termination.
This provision establishes Scale AI's operational compliance framework under the Children's Online Privacy Protection Act (COPPA). It defines the age threshold for data collection restrictions and specifies the deletion protocol upon discovery of underage user data.
Steam
· Steam Subscriber Agreement
The provision operationalizes Valve's compliance with the Children's Online Privacy Protection Act (COPPA) and similar age-based data protection regulations. It establishes the contractual mechanism by which Valve enforces the statutory minimum age threshold for service access.
This provision implements compliance with the Children's Online Privacy Protection Act (COPPA) and establishes the minimum age and consent requirements under which Peacock operates the service. It defines the age-gated access framework and parental authorization mechanism that governs eligibility.
This provision establishes COPPA compliance obligations and provides a reporting mechanism for parents who believe their child's data has been collected without authorization.
GitHub
· GitHub Privacy Statement
This provision operationalizes GitHub's compliance with the Children's Online Privacy Protection Act (COPPA), which establishes specific restrictions on the collection and use of personal information from children under 13. The clause establishes a procedural mechanism for deletion upon discovery and provides a reporting channel for suspected violations.