Samsung vs 1Password

Samsung's data appetite is unusually broad for a hardware maker: voice recordings stored on servers with potential third-party retention, keyboard input logging via Predictive Text synced across devices, and persistent hardware identifiers that survive ad-ID resets. The company explicitly acknowledges that sharing with business partners may constitute a data sale under US law (CCPA). Full GDPR-grade rights are reserved for EEA/UK/Swiss residents; everyone else gets basic access and deletion with no response-time commitments. Retention timelines are vague and there are no named security certifications or breach notification windows.

1Password can never read your saved passwords — they're end-to-end encrypted and even 1Password holds no keys — but outside the vault, the company collects substantial usage and diagnostic data, shares information with advertising partners in ways that may legally count as a data sale, and applies vague retention language to everything that isn't your vault content.