I don't think it's about trust. The easy availability of short-form privacy policies and data export requests are the result of legal requirements, ideally you should be able to rely on those disclosures even if you don't know enough about the company to trust or distrust it. In this case, the disclosures correctly showed that this kind of click data was being collected.