Lenovo are particularly egregious. They collect data from Conduit via their toolbar add on (Conduit is one of the worst malware makers out there - they are owned by Perion/CodeFuel). Lenovo refuse to disclose they do this, in fact I have support emails denying they do.
Further info here: https://news.ycombinator.com/item?id=9653111
Then there is Superfish...
Who knows what else they are going?