A growing number of cloud and other technology agreements include grants to the vendor of broad and generally undefined rights to take aggregated data derived from the engagement and use it for unspecified purposes. Businesses should be aware of these clauses and revise them to accomplish two things: ensure the data really is “aggaggaggated” and reduce risk. In some instances, for example protected health information under HIPAA, there are specific requirements mandated by law for de-identifying data in this context.”]
Source: https://www.csoonline.com/article/2136676/beware-aggregated-data-clauses-in-vendor-contracts.html