AIgree

Recent changes

A chronological feed of substantive shifts in the legal documents we track. 53 changes so far.

All (113) terms (60) privacy (53)
Hinge Privacy Policy shift -1 2026-05-01

Hinge mostly clarified wording and contact details, and shortened one data-retention period for customer care exchanges from six years to five.

clarified: renamed a data category to Social Media Data clarified: fixed appeal and contact wording changed: customer care exchange retention from six years to five changed: Brazil DPO email to obfuscated format
Roblox Privacy Policy shift +1 2026-05-01

Roblox now limits personalized ads to users 18+ and clarifies ad-account data collection and disclosure to authorities.

added: personalized ads only for users 18+ added: non-personalized ads for minors expanded: ad account collects financial and tax information clarified: legal disclosure for authorities and safety removed: separate off-Roblox ads section
Messenger Privacy Policy shift +1 2026-05-01

Meta added a detailed legal-basis section, clarified rights, and expanded ad and account-centre processing disclosures.

added: legal bases for processing under GDPR added: rights like object, erase, complaint, and withdraw consent clarified: optional Accounts Centre linking and cross-account use expanded: ad personalization and measurement disclosures updated: some processing references to Meta Platforms Ireland Limited
Threads Privacy Policy shift +1 2026-04-30

Added a GDPR-style legal-basis section and expanded rights, while also broadening account-centre data combination, partner processing, and ad personalization disclosures.

added: legal bases for processing and GDPR rights added: account centre merging of information across accounts added: joint controller processing for some partner data clarified: ad personalization uses accounts centre data and cookies expanded: user data collection for age and gender
Prime Video Privacy Policy shift +1 2026-04-30

Amazon’s privacy notice was localized for Australia, shifting to Australian entities, spelling, and contacts while adding cross-border sharing details and replacing US-specific references.

changed: controller is now Amazon.com.au/Amazon Commercial Services Pty Limited added: third parties and service providers may be located in other countries removed: US-specific framework and Washington law references expanded: Australian-style access/correction and communications preferences
Amazon Privacy Notice shift +1 2026-04-30

Amazon's Australia privacy notice replaces the U.S. version, adds Australian-specific wording and cross-border disclosures, and narrows some access/children provisions.

changed: controller and jurisdiction-specific notice for Amazon.com.au added: disclosures that third parties and service providers may be located in other countries modified: access rights now mention correction instead of deletion removed: EU/UK/Swiss data framework section and some U.S.-specific references
Roblox Privacy Policy shift +1 2026-04-29

Roblox says its updated policy clarifies who can see personalized and non-personalized ads and adds details about sharing information with authorities.

added: clarification on visibility of personalized and non-personalized ads added: details on sharing information with authorities updated: policy effective April 30, 2026
Prime Video Privacy Policy shift +1 2026-04-29

Amazon broadened its privacy notice with U.S. state disclosures, added more account and advertising controls, and expanded data collection/use details, including store surveillance and new access rights.

added: U.S. state privacy and consumer health disclosures added: store cameras, sensors, and computer vision collection added: new rights and controls for ads, recommendations, and data deletion added: EU/UK/Swiss data framework notice and Washington-law dispute terms expanded: examples of information collected, shared, and accessible
Amazon Privacy Notice shift +1 2026-04-29

Amazon’s privacy notice was updated to a U.S. version, adding state privacy disclosures, broader store data collection, new ad/privacy choices, and Washington-law dispute terms.

added: U.S. state privacy and consumer health data disclosures expanded: in-store collection via cameras, sensors, and computer vision added: EU/UK/Swiss data framework notice and Washington-law dispute clause added: rights to access/delete data through Data Privacy Queries updated: ad controls to “Your Ads Privacy Choices” and personalized advertising wording
GitHub Privacy Policy shift +1 2026-04-28

GitHub updated its privacy policy to allow use of user content and affiliate sharing for AI/ML product development and training, and tied private repository access to the Terms of Service.

added: AI outputs included in collected user content added: product development/improvement, including AI/ML training, as a use and sharing purpose removed: detailed private-repository access rule from the privacy policy clarified: legitimate interests now include developing AI/ML technologies broadened: public-source collection wording
GitHub Copilot Privacy Policy shift +1 2026-04-28

GitHub added AI/ML training and improvement uses for personal data, including AI outputs and affiliate sharing, and tied private repository access to the Terms of Service.

added: AI outputs treated as user content added: product improvement/training for AI and machine learning expanded: affiliate sharing for AI/ML development removed: detailed private repository access rules from privacy policy clarified: private repo access now governed by Terms of Service
Prime Video Privacy Policy shift +1 2026-04-27

Amazon’s privacy notice is localized for Australia, shifting to Australian entities and laws, adding cross-border disclosures, and changing some access, choices, and children’s privacy details.

changed: controller and jurisdiction from Amazon.com/US to Amazon.com.au/Australia added: explicit cross-border sharing and service-provider location disclosures modified: user rights from deletion to correction/access where required by law removed: U.S.-specific framework and Washington-law dispute language clarified: advertising, account access, and children’s privacy references
Roblox Privacy Policy shift +1 2026-04-23

Roblox added disclosures on children’s persistent identifiers, service-provider processing, and retention periods, including age-assurance selfies and up to two years of security-related retention after account deletion.

added: collection and use of children’s persistent identifiers for internal operations added: service providers may process under-13 persistent identifiers under contractual safeguards added: retention rules, including account-related storage and up to two years after deletion for security added: age-assurance may use selfies, which are deleted after the process added: parent email for account linking is deleted within 24 hours if linking is not completed
PayPal Privacy Policy shift +2 2026-04-23

PayPal greatly expands its privacy policy to allow broader data collection, AI/automated decision-making, personalized shopping disclosures, and sharing with partners, merchants, affiliates, and service providers.

added: AI model training and automated decision-making for fraud, risk, and creditworthiness added: personalized shopping data sharing with partners and merchants, with opt-out in some cases expanded: categories of personal data collected, including biometrics, precise geolocation, inferred data, and contacts expanded: disclosures to affiliates, service providers, advertising platforms, payment networks, and merchants added: retention details, including up to 10 years after relationship ends and biometric retention limits
Walmart Privacy Policy shift +1 2026-04-23

Walmart greatly expanded its privacy notice, adding broad new data collection, advertising/sharing disclosures, VIZIO account linking, biometric/geolocation details, and regional rights information.

added: detailed categories of collected data, including biometrics, geolocation, communications, and inferences added: VIZIO data-linking terms and optional combination of VIZIO OS data with Walmart accounts clarified: personal information may be used for targeted advertising, AI training, analytics, and personalization added: appendix describing which data categories are sold/shared or used for targeted advertising expanded: regional privacy rights and opt-out mechanisms, including GPC, Canada, and Mexico disclosures
GitLab Privacy Policy shift +1 2026-04-23

GitLab expanded data collection and sharing, added DPF transfer terms, and narrowed deletion/privacy-request handling for paid or enterprise accounts.

added: version checks, error-tracking, and GitLab Pages visitor log collection added: combining learning-platform and website visit data with account data for personalization added: EU/UK/Swiss Data Privacy Framework terms, dispute process, and arbitration details restricted: account deletion and privacy requests for paid or enterprise-managed accounts
Medium Privacy Policy shift +1 2026-04-21

Medium replaced an error page with a detailed privacy policy describing broad data collection, sharing, international transfers, and user rights under California and European laws.

added: categories of personal data collected, including activity, device, transaction, and inferred data added: sharing with vendors, affiliates, advisors, legal authorities, and in corporate transactions added: international data transfers and third-party embeds may send data to external hosts added: user rights and choices for account data, cookies, communications, CCPA, and European privacy laws
Robinhood Privacy Policy shift +2 2026-04-21

Robinhood replaced a minimal notice with a detailed policy allowing AI training on user interactions, targeted advertising, affiliate sharing, and broad data use for its new Social product.

added: AI may use chatbot inputs and conversations for training and improvement added: targeted advertising and tracking across sites/devices with advertising partners added: extensive data collection, sharing, retention, and state privacy-rights limitations added: Robinhood Social collects profile, content, usage, and inferred preference data clarified: some financial and affiliate data may be used to verify eligibility and display Social statistics
Binance Privacy Policy shift +2 2026-04-21

Binance replaced a narrow KYC/automated-decision explanation with a comprehensive privacy notice that greatly expands disclosed data collection, sharing, profiling, AI use, and children’s account terms.

added: extensive categories of personal, biometric, financial, device, marketing, and blockchain data collected added: broader sharing with affiliates, vendors, compliance agencies, counterparties, and advertising platforms added: profiling, automated decision-making, AI/OCR use, and marketing personalization disclosures added: Binance Junior accounts for minors with parent/guardian sub-accounts clarified: regional data controllers, legal bases, rights, and cookie/marketing consent rules
Wise Privacy Policy shift +1 2026-04-21

Wise replaced a sparse notice with a detailed privacy policy expanding disclosed data collection, sharing, automated decision-making, marketing, international transfers, and country-specific rights and disclosures.

added: detailed categories of personal, financial, device, location, biometric, and behavioral data collected added: broader sharing with affiliates, advertisers, analytics providers, partners, authorities, and fraud agencies added: automated decision-making, fraud-risk profiling, and possible account rejection/closure with review rights clarified: retention periods, international transfer safeguards, and user privacy rights added: country-specific disclosures for US, California, Belgium, India, Japan, and UK fraud checks
Bolt Privacy Policy shift +2 2026-04-21

Bolt replaced a basic cookie notice with a full passenger privacy policy detailing extensive data collection, sharing, retention, profiling, identity checks, ratings-based suspensions, and marketing uses.

added: comprehensive categories of personal data collected, including geolocation, device, payment, ID, biometric, and communications data added: sharing of user data with drivers, business customers, marketing partners, vendors, insurers, and authorities added: identity verification with selfies, ID documents, facial recognition, and possible account suspension added: rider ratings, automated warnings, and temporary ride suspensions based on low ratings added: retention periods, international transfers, user rights, and direct marketing/personalized advertising rules
Midjourney Privacy Policy shift +1 2026-04-21

Privacy policy now explicitly allows broader collection from third-party/public sources and for AI training, plus analytics/advertising cookie use and detailed EU/California privacy rights.

added: personal data may come from public databases, commercial sources, and the public internet added: policy covers data collected during training of Midjourney machine learning algorithms added: analytics and advertising cookies/partners, with consent for non-essential cookies added: detailed EU and California access, deletion, portability, and opt-out rights
Messenger Privacy Policy shift +2 2026-04-21

Messenger now points to Meta’s broader Privacy Policy, expanding disclosed collection, sharing, AI training, cross-company use, off-platform tracking, and longer retention/deletion timelines.

added: collection from partners, public sources, device signals, contacts, and non-users added: AI interactions and some content may be used to develop and improve Meta AI expanded: sharing across Meta companies, integrated partners, law enforcement, and third parties clarified: off-Meta activity, cookies, and audience network data may personalize ads clarified: deletion can take up to 90 days plus 90 more for backups; retention may continue longer
Threads Privacy Policy shift +1 2026-04-21

Threads replaced a placeholder page with Meta’s full privacy policy, broadly expanding disclosed data collection, cross-company sharing, AI use, advertising, retention and law-enforcement sharing.

added: full Meta privacy policy terms added: collection from partners, devices, contacts and non-users added: AI interactions and training-related disclosures added: broader cross-Meta sharing, ads and analytics uses clarified: longer retention and legal/law-enforcement access scenarios
Max Privacy Policy shift +2 2026-04-21

Privacy policy now broadly expands data collection, session recording, affiliate/third-party sharing, cross-service advertising uses, and covers all WBD services beyond HBO Max.

added: collection of sensitive, biometric, precise location, and detailed viewing/interaction data added: session replay and recording of clicks, keystrokes, scrolling, chats, and voice/text communications added: sharing with affiliates, business partners, advertisers, and third parties for their own marketing/advertising purposes expanded: policy scope from HBO Max to all Warner Bros. Discovery services and offline interactions