The privacy policy for Hulu, a video-streaming service with about nine million subscribers, opens with a declaration that the company “respects your privacy.”

That respect could lapse, however, if the company is ever sold or goes bankrupt. At that point, according to a clause several screens deep in the policy, the host of details that Hulu can gather about subscribers — names, birth dates, email addresses, videos watched, device locations and more — could be transferred to “one or more third parties as part of the transaction.” The policy does not promise to contact users if their data changes hands.

Provisions like that act as a sort of data fire sale clause. They are becoming standard among the most popular sites, according to a recent analysis by The New York Times of the top 100 websites in the United States as ranked by Alexa, an Internet analytics firm.

Of the 99 sites with English-language terms of service or privacy policies, 85 said they might transfer users’ information if a merger, acquisition, bankruptcy, asset sale or other transaction occurred, The Times’s analysis found. The sites with these provisions include prominent consumer technology companies like Amazon, Apple, Facebook, Google and LinkedIn, in addition to Hulu.