This new commitment directly responds to the FTC's 2024 amended COPPA rule, which introduced data retention limits for children's data, and creates a concrete operational obligation for Epic to implement automated deletion processes for inactive children's accounts.
Cursor
· Cursor Security Practices
The document states account deletion is available at any time without restriction; this is relevant to users exercising data deletion rights under GDPR, CCPA, or similar frameworks, though the document does not specify what data is deleted or the timeline for deletion completion.
Acorns
· Acorns Terms of Service
Age and eligibility requirements determine who can legally access Acorns' financial services and are tied to regulatory compliance for brokerage and banking products.
This provision establishes a minimum age threshold for account creation that applies globally, with a jurisdiction-specific alternative referencing local age of majority, which affects eligibility and creates an age verification obligation at account signup.
DeepL
· DeepL Privacy Policy
Payment information is sensitive financial data, and understanding how it is collected and stored (including whether it is passed to third-party payment processors) is important for financial security.
Apple operates its own advertising network primarily within the App Store and Apple News, meaning behavioral data collected across Apple services may influence which ads you see, though Apple's stated carve-out for health and financial data is a meaningful limitation compared to broader industry practice.
This provision establishes the eligibility conditions for account access, and use of the service constitutes a warranty by the user that they meet both the age and residency requirements.
This provision establishes age-based eligibility conditions for service access. The minimum age of 13 engages COPPA obligations for users under 13, while the requirement for parental consent for users aged 13-17 creates a representation-based gate rather than a verified consent mechanism. The document does not describe verification procedures for age or parental consent.
Purchases by minors may be considered legally invalid, and Ledger does not appear to employ active age verification at checkout beyond this self-declaration.
The agreement asserts that users must be at least 18 years old, which means use of the Services by minors is prohibited; this also affects the enforceability of the agreement against underage users.
Lyft
· Lyft Terms of Service
The age restriction protects minors from being bound by these terms and from using the service; however, the agreement relies on user self-representation rather than verified age checks, which may create practical enforcement gaps.
The stated minimum age of 18 places Skillshare outside the direct scope of COPPA, which applies to children under 13, but creates a contractual representation that users must be legal adults. This provision affects account eligibility and the enforceability of the Terms of Service for minor users.
The policy sets the minimum age at 18, which is higher than the COPPA threshold of 13 in the United States, and commits to deletion of data from users found to be under 18. The policy does not describe a verification mechanism for age.
This provision establishes Coursera's COPPA compliance posture by prohibiting under-13 user registration and committing to data removal upon discovery. The policy does not describe specific age-verification mechanisms, which is an operational consideration for COPPA compliance assessments.
Minors are expressly prohibited from using the service, and Wealthfront places the responsibility for age verification on the user through a self-certification mechanism.
eBay
· eBay User Agreement
This provision establishes a minimum age requirement of 18 with a parental consent exception, and the agreement's terms apply to any minor who uses the platform with parental consent. The broad service refusal authority at eBay's sole discretion is restated in this eligibility provision.
GitHub
· GitHub Terms of Service
The under-13 prohibition reflects COPPA compliance obligations. Account termination without prior notice applies to underage accounts, which means any content, repositories, or project history associated with the account would become inaccessible immediately.
The explicit exclusion of users under 13 engages COPPA compliance obligations, and the age-of-majority requirement may vary by state or province, creating variable access thresholds across jurisdictions.
Udemy
· Udemy Terms of Use
This provision establishes Udemy's stated age restriction and shifts responsibility to users and parents to ensure minors do not access the platform, but the terms do not describe active age verification mechanisms.
Whoop
· Whoop Terms of Use
This provision establishes a minimum age requirement of 18 for service access, which is operationally significant given that the service collects continuous physiological data; the restriction also determines COPPA applicability, as the 18-year threshold exceeds COPPA's 13-year threshold.
The 18-and-over restriction means Eventbrite's terms do not contemplate or protect minors as users, and parents or guardians should be aware their children should not be creating accounts or purchasing tickets independently.
This provision establishes Skillshare's stated COPPA-aligned posture for users under 18; as an online learning platform, Skillshare may attract users near the age threshold, and the operational reliability of age verification mechanisms is a material compliance consideration for FTC enforcement under COPPA and related state laws.
Parents should be aware that minors are not permitted to use Poshmark, and any account opened by a minor violates the terms and may be terminated.
The policy sets the minimum age at 18 rather than 13, which is the threshold under COPPA for many US online services; this higher threshold affects the scope of the company's obligations and represents the stated age baseline for service eligibility.
This provision establishes a tiered age requirement: 16 as the minimum with parental consent, and 18 for the Google Pay app. The clause acknowledges that the minimum legal age may be higher in certain countries, introducing jurisdiction-specific variability.
OpenAI
· OpenAI Privacy Policy
The policy authorizes unrestricted use and sharing of data described as de-identified or aggregated; the practical scope of this permission depends on whether the de-identification process meets technical and legal standards that prevent re-identification, which the document does not describe in detail.
While de-identification reduces privacy risk, the practical robustness of de-identification methods varies, and regulators in some jurisdictions apply scrutiny to whether data is truly irreversible.
The clause operationalizes compliance with federal privacy disclosure obligations, establishing the bank's legal duty to provide transparent accounting of data practices and to communicate statutory limitations on consumer opt-out rights regarding information sharing.
Financial transaction data is highly sensitive and its collection by Apple through Apple Pay raises questions about retention, security, and potential use, though Apple's stated policy of not linking Apple Pay data to user identities and excluding it from advertising is a meaningful consumer protection.
This clause satisfies the GDPR Article 28(3)(h) requirement that processor agreements include an audit right. The practical scope and logistics of exercising this right against a large cloud and advertising infrastructure provider may be operationally complex, and advertisers typically rely on third-party audit certifications such as ISO 27001 or SOC 2 reports as a practical substitute.