This Privacy Notice explains how Databricks, Inc. and its affiliates ( “Databricks”, “we”, “our”, and “us”) collects, uses, shares and otherwise processes your personal information (also known as personal data) in connection with the use of Databricks websites and applications that link to this Privacy Notice (the “Sites”), our data processing platform products and services (the “Platform Services”) and in the usual course of business, such as in connection with our events, sales, and marketing activities (collectively, “Databricks Services”). It also contains information about your choices and privacy rights.
We provide the Platform Services to our customers and users (collectively, “Customers”) under an agreement with them and solely for their benefit and the benefit of personnel authorized to use the Platform Services (“Authorized Users”). Our processing of such data is governed by our agreement with the relevant Customer. This Privacy Notice does not apply to (i) the data that our Customers upload, submit or otherwise make available to the Platform Services and other data that we process on their behalf, as defined in our agreement with the Customer; (ii) any products, services, websites, or content that are offered by third parties or that have their own privacy notice; or (iii) personal information that we collect and process in connection with our recruitment activities, which is covered under our Applicant Privacy Notice.
We recommend that you read this Privacy Notice in full to ensure that you are informed. However, if you only want to access a particular section of this Privacy Notice, you can click on the link below to go to that section.
Information that we collect from or about you includes information you provide, information we collect automatically, and information we receive from other sources.
When using our Databricks Services, we may collect certain information, such as your name, email address, phone number, postal address, job title, and company name. We may also collect other information that you provide through your interactions with us, for example if you request information about our Platform Services, interact with our sales team or contact customer support, complete a survey, provide feedback or post comments, register for an event, or take part in marketing activities. We may keep a record of your communications with us and other information you share during the course of the communications.
When you create an account, for example, through our Sites or register to use our Platform Services, we may collect your personal information, such as your name and contact information. We may also collect credit card information if chosen by you as a payment method, which may be shared with our third party service providers, including for payment and billing purposes.
We use standard automated data collection tools, such as cookies, web beacons, tracking pixels, tags, and similar tools, to collect information about how people use our Sites and interact with our emails.
For example, when you visit our Sites we (or an authorized third party) may collect certain information from you or your device. This may include information about your computer or device (such as operating system, device identifier, browser language, and Internet Protocol (IP) address), and information about your activities on our Sites (such as how you came to our Sites, access times, the links you click on, and other statistical information). For example, your IP address may be used to derive general location information. We use this information to help us understand how you are using our Sites and how to better provide the Sites to you. We may also use web beacons and pixels in our emails. For example, we may place a pixel in our emails that notifies us when you click on a link in the email. We use these technologies to improve our communications.
When you use our Platform Services, we automatically collect information about how you are using the Platform Services (“Usage Data”). While most Usage Data is not personal information, it may include information about your account (such as User ID, email address, or Internet Protocol (IP) address) and information about your computer or device (such as browser type and operating system). It may also include information about your activities within the Platform Services, such as the pages or features you access or use, the time spent on those pages or features, search terms entered, commands executed, information about the types and size of files analyzed via the Platform Services, and other statistical information relating to your use of the Platform Services. We collect Usage Data to provide, support and operate the Platform Services, for network and information security, and to better understand how our Authorized Users and Customers are using the Platform Services to improve our products and services.
We may also use the information we collect automatically (for example, IP address, and unique device identifiers) to identify the same unique person across Databricks Services to provide a more seamless and personalized experience to you.
We may obtain information about you from third party sources, including resellers, distributors, business partners, event sponsors, security and fraud detection services, social media platforms, and publicly available sources. Examples of information that we receive from third parties include marketing and sales information (such as name, email address, phone number and similar contact information), and purchase, support and other information about your interactions with our Sites and Platform Services. We may combine such information with the information we receive and collect from you.
We use your personal information to provide, maintain, improve and update our Databricks Services. Our purposes for collecting your personal information include:
We may share your personal information with third parties as follows:
Databricks may transfer your personal information to countries other than your country of residence. In particular, we may transfer your personal information to the United States and other countries where our affiliates, business partners and services providers are located. These countries may not have equivalent data protection laws to the country where you reside.
Wherever we process your personal information, we take appropriate steps to ensure it is protected in accordance with this Privacy Notice and applicable data protection laws. These safeguards include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information from the EEA or Switzerland between us and our business partners and service providers, and equivalent measures for transfers of personal information from the United Kingdom. Databricks also offers our Customers the ability to enter into a data processing addendum (DPA) that contains the Standard Contractual Clauses, for transfers between us and our Customers. We also make use of supplementary measures to ensure your information is adequately protected.
Privacy Shield Notice
Databricks adheres to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, although Databricks no longer relies on the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks as a legal basis for transfers of personal information in light of the judgment of the Court of Justice of the European Union in Case C-311/18. To learn more, visit our Privacy Shield Notice.
We offer you choices regarding the collection, use and sharing of your personal information and we will respect the choices you make in accordance with applicable law. Please note that if you decide not to provide us with certain personal information, you may not be able to access certain features of the Sites or use the Platform Services.
If you want to correct, update or delete your account information, please log on to your Databricks account and update your profile.
Opt out of marketing
We may periodically send you marketing communications that promote our products and services consistent with your choices. You may opt out from receiving such communications, either by following the unsubscribe instructions in the communication you receive or by clicking here. Please note that we may still send you important service-related communications regarding our products or services, such as communications about your subscription or account, service announcements or security information.
Your privacy rights
Depending upon your place of residence, you may have rights in relation to your personal information. Please review the jurisdiction specific sections below, including the disclosures for California residents. Depending on applicable data protection laws, those rights may include asking us to provide certain information about our collection and processing of your personal information, or requesting access, correction or deletion of your personal information. You also have the right to withdraw your consent, to the extent we rely on consent to process your personal information.
If you wish to exercise any of your rights under applicable data protection laws, submit a request online by completing the request form here or emailing us at [email protected]. We will respond to requests that we receive in accordance with applicable laws. Databricks may take certain steps to verify your request using information available to us, such as your email address or other information associated with your Databricks account, and if needed we may ask you to provide additional information for the purposes of verifying your request. Any information you provide to us for verification purposes will only be used to process and maintain a record of your request.
As described above, we may also process personal information that has been submitted by a Customer to our Platform Services. If your personal information has been submitted to the Platform Services by or on behalf of a Databricks Customer and you wish to exercise your privacy rights, please direct your request to the relevant Customer. For other inquiries, please contact us at [email protected].
This section provides additional information about our privacy practices for certain jurisdictions.
If you are a California resident, the California Consumer Privacy Act (“CCPA”) requires us to provide you with additional information regarding your rights with respect to your “personal information. This information is described in our Supplemental Privacy Notice to California Residents.
Other US States
Depending on applicable laws in your state of residence, you may request to: (1) confirm whether or not we process your personal information; (2) access, correct, or delete personal information we maintain about you; (3) receive a portable copy of such personal information; and/or (4) restrict or opt out of certain processing of your personal information, such as targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects. If we refuse to take action on a request, we will provide instructions on how you may appeal the decision. We will respond to requests consistent with applicable law.
European Economic Area, UK and Switzerland
If you are located in the European Economic Area, United Kingdom or Switzerland, the controller of your personal information is Databricks, Inc., 160 Spear Street, Suite 1300, San Francisco, CA 94105, United States.
We only collect your personal information if we have a legal basis for doing so. The legal basis that we rely on depends on the personal information concerned and the specific context in which we collect it. Generally, we collect and process your personal information where:
If you have consented to our use of your personal information for a specific purpose, you have the right to change your mind at any time but this will not affect our processing of your information that has already taken place. You also have the following rights with respect to your personal information:
If you wish to exercise any of your rights under data protection laws, please contact us as described under “Your Choices and Rights”.
Notice to Authorized Users
Our Platform Services are intended to be used by organizations. Where the Platform Services are made available to you through an organization (e.g., your employer), that organization is the administrator of the Platform Services and responsible for the accounts and/or services over which it has control. For example, administrators can access and change information in your account or restrict and terminate your access to the Platform Services. We are not responsible for the privacy or security practices of an administrator's organization, which may be different from this Privacy Notice. Please contact your organization or refer to your organization's policies for more information.
Databricks retains the personal information described in this Privacy Notice for as long as you use our Databricks Services, as may be required by law (for example, to comply with applicable legal tax or accounting requirements), as necessary for other legitimate business or commercial purposes described in this Privacy Notice (for example, to resolve disputes or enforce our agreements), or as otherwise communicated to you.
We are committed to protecting your information. We use a variety of technical, physical, and organizational security measures designed to protect against unauthorized access, alteration, disclosure, or destruction of information. However, no security measures are perfect or impenetrable. As such, we cannot guarantee the security of your information.
Third Party Services
The Sites and Platform Services are not directed to children under 18 years of age and Databricks does not knowingly collect personal information from children under 18. If we learn that we have collected any personal information from children under 18, we will promptly take steps to delete such information. If you are aware that a child has submitted us such information, please contact us using the details provided below.
Databricks may change this Privacy Notice from time to time. We will post any changes on this page and, if we make material changes, provide a more prominent notice (for example, by adding a statement to the website landing page, providing notice through the Platform Services login screen, or by emailing you). You can see the date on which the latest version of this Privacy Notice was posted below. If you disagree with any changes to this Privacy Notice, you should stop using the Databricks Services and deactivate your Databricks account.
Please contact us at [email protected] if you have any questions about our privacy practices or this Privacy Notice. You can also write to us at Databricks Inc., 160 Spear Street, Suite 1300, San Francisco, CA 94105 Attn: Privacy.
If you interact with Databricks through or on behalf of your organization, then your personal information may also be subject to your organization’s privacy practices and you should direct any questions to that organization.
Last updated: January 3, 2023