I assume the traffic over Starlink is encrypted, so what exactly do they mean with "personal information"? Like the very basic customer details and everything they can get from their analytics?

For my taste the sentences are over the top and full of weasel words. It's not even something I'd call legalese because it just sounds so insincere.

  - "We may share your personal information with our affiliates, service providers, and third-party collaborators" or 
  - “Share personal data with Starlink’s trusted collaborators to train AI models."

Initially I was very critical of GDPR but when I see these kind of vague formulations I'm really happy that as a European I can expect companies to provide an itemized list of people and companies they will share the data with, and what kind of security measures these subprocessors are employing.

There's still a lot of wiggle room for lawyers to work around GDPR limitation, but at least you'd know if their "trusted collaborators" and "affiliates" are Google or Facebook, are domiciled in a foreign country, or if they are just to some small data science consultancy.