Arlo
· Arlo Privacy Policy
A persistent 366-day tracking cookie means your browsing behavior on Arlo's site can be linked across visits for over a year, enabling longitudinal profiling of your product interests, purchase patterns, and site engagement.
Although blockchain wallet addresses are pseudonymous, combining them with your IP address and device information creates a data set that could identify you personally, undermining the privacy expectation many crypto users hold.
Wallet addresses can be linked to real-world identities and reveal complete financial and transaction histories, making their treatment as personal data a significant privacy consideration for NFT users.
Tracking technologies allow Progressive and its advertising partners to build a profile of your online behavior, which may be used for targeted advertising and analytics purposes beyond your direct insurance relationship.
Glean
· Glean Privacy Policy
Website visitors who are not Glean customers still have their browsing data collected and shared with third parties for marketing purposes, which engages cookie consent requirements in the EU and UK.
Health and fitness data is increasingly treated as sensitive personal information under state and federal frameworks, and combining it with NBCUniversal's existing behavioral and demographic data creates a detailed personal profile that extends well beyond entertainment preferences.
Notion
· Notion Privacy Policy
This provision authorizes workspace administrators, which may include employers or institutional operators, to access and act on member content and personal data without requiring member consent for each action.
Gemini
· Gemini Privacy Policy
Your ability to control your personal data depends on which rights Gemini acknowledges for your jurisdiction, and the GLBA exemption claim limits which US state law rights are available to most US users.
The ZDR option provides Pro users with a meaningful data minimization mechanism, but the agreement identifies specific features and model types that override ZDR protections, meaning the protection is not absolute across all service functions.
This provision establishes that third-party LLM providers do not retain Customer Content, which is a material data protection commitment for enterprise users whose proprietary code is transmitted to those providers.
If your personal data is processed by ZipRecruiter on behalf of an employer, your rights requests go to the employer, not ZipRecruiter, which may create delays or barriers to exercising your data rights.
This new commitment directly responds to the FTC's 2024 amended COPPA rule, which introduced data retention limits for children's data, and creates a concrete operational obligation for Epic to implement automated deletion processes for inactive children's accounts.
Cursor
· Cursor Security Practices
The document states account deletion is available at any time without restriction; this is relevant to users exercising data deletion rights under GDPR, CCPA, or similar frameworks, though the document does not specify what data is deleted or the timeline for deletion completion.
This provision establishes a minimum age threshold for account creation that applies globally, with a jurisdiction-specific alternative referencing local age of majority, which affects eligibility and creates an age verification obligation at account signup.
Acorns
· Acorns Terms of Service
Age and eligibility requirements determine who can legally access Acorns' financial services and are tied to regulatory compliance for brokerage and banking products.
DeepL
· DeepL Privacy Policy
Payment information is sensitive financial data, and understanding how it is collected and stored (including whether it is passed to third-party payment processors) is important for financial security.
Apple operates its own advertising network primarily within the App Store and Apple News, meaning behavioral data collected across Apple services may influence which ads you see, though Apple's stated carve-out for health and financial data is a meaningful limitation compared to broader industry practice.
This provision establishes the eligibility conditions for account access, and use of the service constitutes a warranty by the user that they meet both the age and residency requirements.
This provision establishes age-based eligibility conditions for service access. The minimum age of 13 engages COPPA obligations for users under 13, while the requirement for parental consent for users aged 13-17 creates a representation-based gate rather than a verified consent mechanism. The document does not describe verification procedures for age or parental consent.
Purchases by minors may be considered legally invalid, and Ledger does not appear to employ active age verification at checkout beyond this self-declaration.
The agreement asserts that users must be at least 18 years old, which means use of the Services by minors is prohibited; this also affects the enforceability of the agreement against underage users.
Lyft
· Lyft Terms of Service
The age restriction protects minors from being bound by these terms and from using the service; however, the agreement relies on user self-representation rather than verified age checks, which may create practical enforcement gaps.
The stated minimum age of 18 places Skillshare outside the direct scope of COPPA, which applies to children under 13, but creates a contractual representation that users must be legal adults. This provision affects account eligibility and the enforceability of the Terms of Service for minor users.
The policy sets the minimum age at 18, which is higher than the COPPA threshold of 13 in the United States, and commits to deletion of data from users found to be under 18. The policy does not describe a verification mechanism for age.
This provision establishes Coursera's COPPA compliance posture by prohibiting under-13 user registration and committing to data removal upon discovery. The policy does not describe specific age-verification mechanisms, which is an operational consideration for COPPA compliance assessments.
Minors are expressly prohibited from using the service, and Wealthfront places the responsibility for age verification on the user through a self-certification mechanism.
GitHub
· GitHub Terms of Service
The under-13 prohibition reflects COPPA compliance obligations. Account termination without prior notice applies to underage accounts, which means any content, repositories, or project history associated with the account would become inaccessible immediately.
eBay
· eBay User Agreement
This provision establishes a minimum age requirement of 18 with a parental consent exception, and the agreement's terms apply to any minor who uses the platform with parental consent. The broad service refusal authority at eBay's sole discretion is restated in this eligibility provision.
The explicit exclusion of users under 13 engages COPPA compliance obligations, and the age-of-majority requirement may vary by state or province, creating variable access thresholds across jurisdictions.
The 18-and-over restriction means Eventbrite's terms do not contemplate or protect minors as users, and parents or guardians should be aware their children should not be creating accounts or purchasing tickets independently.