This Privacy Notice explains how Databricks, Inc. and its affiliates (“Databricks”, “we”, “our”, and “us”) collects, uses, shares and otherwise processes your personal information (also known as personal data) in connection with the use of Databricks websites and applications that link to this Privacy Notice (the “Sites”), our data processing platform products and services (the “Platform Services”) and in the usual course of business, such as in connection with our events, sales, and marketing activities (collectively, “Databricks Services”). It also contains information about your choices and privacy rights.

Our Services

We provide the Platform Services to our customers and users (collectively, “Customers”) under an agreement with them and solely for their benefit and the benefit of personnel authorized to use the Platform Services (“Authorized Users”). Our processing of such data is governed by our agreement with the relevant Customer. This Privacy Notice does not apply to (i) the data that our Customers upload, submit or otherwise make available to the Platform Services and other data that we process on their behalf, as defined in our agreement with the Customer; (ii) any products, services, websites, or content that are offered by third parties or that have their own privacy notice; or (iii) personal information that we collect and process in connection with our recruitment activities, which is covered under our Applicant Privacy Notice.

We recommend that you read this Privacy Notice in full to ensure that you are informed. However, if you only want to access a particular section of this Privacy Notice, you can click on the link below to go to that section.

• Information We Collect About You
• How We Use Your Information
• How We Share Your Information
• International Transfers
• Your Choices and Rights
• Additional Information for Certain Jurisdictions
• Other Important Information
• Changes to this Notice
• How to Contact Us

Information We Collect About You

Information that we collect from or about you includes information you provide, information we collect automatically, and information we receive from other sources.

Information you provide

When using our Databricks Services, we may collect certain information, such as your name, email address, phone number, postal address, job title, and company name. We may also collect other information that you provide through your interactions with us, for example if you request information about our Platform Services, interact with our sales team or contact customer support, complete a survey, provide feedback or post comments, register for an event, or take part in marketing activities. We may keep a record of your communications with us and other information you share during the course of the communications.

When you create an account, for example, through our Sites or register to use our Platform Services, we may collect your personal information, such as your name and contact information. We may also collect credit card information if chosen by you as a payment method, which may be shared with our third party service providers, including for payment and billing purposes. 

Information we collect automatically 

We use standard automated data collection tools, such as cookies, web beacons, tracking pixels, tags, and similar tools, to collect information about how people use our Sites and interact with our emails.

For example, when you visit our Sites we (or an authorized third party) may collect certain information from you or your device. This may include information about your computer or device (such as operating system, device identifier, browser language, and Internet Protocol (IP) address), and information about your activities on our Sites (such as how you came to our Sites, access times, the links you click on, and other statistical information). For example, your IP address may be used to derive general location information. We use this information to help us understand how you are using our Sites and how to better provide the Sites to you. We may also use web beacons and pixels in our emails. For example, we may place a pixel in our emails that notifies us when you click on a link in the email. We use these technologies to improve our communications. 

The types of data collection tools we use may change over time as technology evolves. You can learn more about our use of cookies and similar tools, as well as how to opt out of certain data collection, by visiting our Cookie Notice. 

When you use our Platform Services, we automatically collect information about how you are using the Platform Services (“Usage Data”). While most Usage Data is not personal information, it may include information about your account (such as User ID, email address, or Internet Protocol (IP) address) and information about your computer or device (such as browser type and operating system). It may also include information about your activities within the Platform Services, such as the pages or features you access or use, the time spent on those pages or features, search terms entered, commands executed, information about the types and size of files analyzed via the Platform Services, and other statistical information relating to your use of the Platform Services. We collect Usage Data to provide, support and operate the Platform Services, for network and information security, and to better understand how our Authorized Users and Customers are using the Platform Services to improve our products and services. 

We may also use the information we collect automatically (for example, IP address, and unique device identifiers) to identify the same unique person across Databricks Services to provide a more seamless and personalized experience to you. 

Information we receive from other sources

We may obtain information about you from third party sources, including resellers, distributors, business partners, event sponsors, security and fraud detection services, social media platforms, and publicly available sources. Examples of information that we receive from third parties include marketing and sales information (such as name, email address, phone number and similar contact information), and purchase, support and other information about your interactions with our Sites and Platform Services. We may combine such information with the information we receive and collect from you.

How We Use Your Information

We use your personal information to provide, maintain, improve and update our Databricks Services. Our purposes for collecting your personal information include:

• to provide, maintain, deliver and update the Databricks Services;
• to create and maintain your Databricks account;
• to measure your use and improve Databricks Services, and to develop new products and services;
• for billing, payment, or account management; for example, to identify your account and correctly identify your usage of our products and services;
• to provide you with customer service and support;
• to register and provide you with training and certification programs;
• to investigate security issues, prevent fraud, or combat the illegal or controlled uses of our products and services;
• for sales phone calls for training and coaching purposes, quality assurance and administration (in accordance with applicable laws), including to analyze sales calls using analytics tools to gain better insights into our interactions with customers; 
• to send you notifications about the Databricks Services, including technical notices, updates, security alerts, administrative messages and invoices;
• to respond to your questions, comments, and requests, including to keep in contact with you regarding the products and services you use;
• to tailor and send you newsletters, emails and other content to promote our products and services (you can always unsubscribe from our marketing emails by clicking here) and to allow third party partners (like our event sponsors) to send you marketing communications about their services, in accordance with your preferences;
• to personalize your experience when using our Sites and Platform Services;
• for advertising purposes; for example, to display and measure advertising on third party websites;
• to contact you to conduct surveys and for market research purposes;
• to generate and analyze statistical information about how our Sites and Platform Services are used in the aggregate;
• for other legitimate interests or lawful business purposes; for example, customer surveys, collecting feedback, and conducting audits;
• to comply with our obligations under applicable law, legal process, or government regulation; and
• for other purposes, where you have given consent.

How We Share Your Information

We may share your personal information with third parties as follows:

• with our affiliates and subsidiaries for the purposes described in this Privacy Notice;
• with our service providers who assist us in providing the Databricks Services, such as billing, payment card processing, customer support, sales and marketing, and data analysis, subject to confidentiality obligations and the requirement that those service providers do not sell your personal information;
• with our service providers who assist us with detecting and preventing fraud, security threats or other illegal or malicious behavior, for example Sift who provides fraud detection services where your personal information is processed by Sift in accordance with its Privacy Notice available at https://sift.com/service-privacy;
• with third party business partners, such as resellers, distributors, and/or referral partners, who are involved in providing content, products or services to our prospects or Customers. We may also engage with third party partners who are working with us to organize or sponsor an event to which you have registered to enable them to contact you about the event or their services (but only where we have a lawful basis to do so, such as your consent where required by applicable law);
• with marketing partners, such as advertising providers that tailor online ads to your interests based on information they collect about your online activity (known as interest-based advertising);
• with the organization that is sponsoring your training or certification program, for example to notify them of your registration and completion of the course;
• when authorized by law or we deem necessary to comply with a legal process;
• when required to protect and defend the rights or property of Databricks or our Customers, including the security of our Sites, products and services (including the Platform Services);
• when necessary to protect the personal safety, property or other rights of the public, Databricks or our Customers;
• where it has been de-identified, including through aggregation or anonymization;
• when you instruct us to do so;
• where you have consented to the sharing of your information with third parties; or
• in connection with a merger, sale, financing or reorganization of all or part of our business.

International Transfers

Databricks may transfer your personal information to countries other than your country of residence. In particular, we may transfer your personal information to the United States and other countries where our affiliates, business partners and services providers are located. These countries may not have equivalent data protection laws to the country where you reside. 

Wherever we process your personal information, we take appropriate steps to ensure it is protected in accordance with this Privacy Notice and applicable data protection laws. These safeguards include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information from the EEA or Switzerland between us and our business partners and service providers, and equivalent measures for transfers of personal information from the United Kingdom. Databricks also offers our Customers the ability to enter into a data processing addendum (DPA) that contains the Standard Contractual Clauses, for transfers between us and our Customers. We also make use of supplementary measures to ensure your information is adequately protected. 

Data Privacy Framework Notice

Databricks complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Databricks has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Databricks has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. To learn more, visit our Data Privacy Framework Notice here.

Your Choices and Rights

We offer you choices regarding the collection, use and sharing of your personal information and we will respect the choices you make in accordance with applicable law. Please note that if you decide not to provide us with certain personal information, you may not be able to access certain features of the Sites or use the Platform Services.

Account information

If you want to correct, update or delete your account information, please log on to your Databricks account and update your profile.

Opt out of marketing

We may periodically send you marketing communications that promote our products and services consistent with your choices. You may opt out from receiving such communications, either by following the unsubscribe instructions in the communication you receive or by clicking here. Please note that we may still send you important service-related communications regarding our products or services, such as communications about your subscription or account, service announcements or security information.

Your privacy rights

Depending upon your place of residence, you may have rights in relation to your personal information. Please review the jurisdiction specific sections below, including the disclosures for California residents. Depending on applicable data protection laws, those rights may include asking us to provide certain information about our collection and processing of your personal information, or requesting access, correction or deletion of your personal information. You also have the right to withdraw your consent, to the extent we rely on consent to process your personal information. 

If you wish to exercise any of your rights under applicable data protection laws, submit a request online by completing the request form here or emailing us at [email protected]. We will respond to requests that we receive in accordance with applicable laws. Databricks may take certain steps to verify your request using information available to us, such as your email address or other information associated with your Databricks account, and if needed we may ask you to provide additional information for the purposes of verifying your request. Any information you provide to us for verification purposes will only be used to process and maintain a record of your request.

As described above, we may also process personal information that has been submitted by a Customer to our Platform Services. If your personal information has been submitted to the Platform Services by or on behalf of a Databricks Customer and you wish to exercise your privacy rights, please direct your request to the relevant Customer. For other inquiries, please contact us at [email protected].

Additional Information for Certain Jurisdictions

This section provides additional information about our privacy practices for certain jurisdictions.

California

If you are a California resident, the California Consumer Privacy Act (“CCPA”) requires us to provide you with additional information regarding your rights with respect to your “personal information. This information is described in our Supplemental Privacy Notice to California Residents.  

Other US States

Depending on applicable laws in your state of residence, you may request to: (1) confirm whether or not we process your personal information; (2) access, correct, or delete personal information we maintain about you; (3) receive a portable copy of such personal information; and/or (4) restrict or opt out of certain processing of your personal information, such as targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects. If we refuse to take action on a request, we will provide instructions on how you may appeal the decision. We will respond to requests consistent with applicable law.

European Economic Area, UK and Switzerland

If you are located in the European Economic Area, United Kingdom or Switzerland, the controller of your personal information is Databricks, Inc., 160 Spear Street, Suite 1300, San Francisco, CA 94105, United States. 

We only collect your personal information if we have a legal basis for doing so. The legal basis that we rely on depends on the personal information concerned and the specific context in which we collect it. Generally, we collect and process your personal information where:

• We need it to enter into or perform a contract with you, such as to provide you with the Platform Services, respond to your request, or provide you with customer support;
• We need to process your personal information to comply with a legal obligation (such as to comply with applicable legal, tax and accounting requirements) or to protect the vital interests of you or other individuals;
• You give us your consent, such as to receive certain marketing communications; or
• Where we have a legitimate interest, such as to respond to your requests and inquiries, to ensure the security of the Sites and Platform Services, to detect and prevent fraud, to maintain, customize and improve the Sites and Platform Services, to promote Databricks and our Platform Services, and to defend our interests and rights.

If you have consented to our use of your personal information for a specific purpose, you have the right to change your mind at any time but this will not affect our processing of your information that has already taken place. You also have the following rights with respect to your personal information:

• The right to access, correct, update, or request deletion of your personal information;
• The right to object to the processing of your personal information or ask that we restrict the processing of your personal information;
• The right to request portability of your personal information;
• The right to withdraw your personal information at any time, if we collected and processed your personal information with your consent; and
• The right to lodge a complaint with your national data protection authority or equivalent regulatory body.

If you wish to exercise any of your rights under data protection laws, please contact us as described under “Your Choices and Rights”.

Other Important Information

Notice to Authorized Users

Our Platform Services are intended to be used by organizations. Where the Platform Services are made available to you through an organization (e.g., your employer), that organization is the administrator of the Platform Services and responsible for the accounts and/or services over which it has control. For example, administrators can access and change information in your account or restrict and terminate your access to the Platform Services. We are not responsible for the privacy or security practices of an administrator's organization, which may be different from this Privacy Notice. Please contact your organization or refer to your organization's policies for more information.

Data Retention

Databricks retains the personal information described in this Privacy Notice for as long as you use our Databricks Services, as may be required by law (for example, to comply with applicable legal tax or accounting requirements), as necessary for other legitimate business or commercial purposes described in this Privacy Notice (for example, to resolve disputes or enforce our agreements), or as otherwise communicated to you.

Security

We are committed to protecting your information. We use a variety of technical, physical, and organizational security measures designed to protect against unauthorized access, alteration, disclosure, or destruction of information. However, no security measures are perfect or impenetrable. As such, we cannot guarantee the security of your information.

Third Party Services

Our Databricks Services may contain links to third party websites, applications, services, or social networks (including co-branded websites or products that are maintained by one of our business partners). We may also make available certain features that allow you to sign into our Sites using third party login credentials (such as LinkedIn, Facebook, Twitter and Google+) or access third party services from our Platform Services (such as Github). Any information that you choose to submit to third party services is not covered by this Privacy Notice. We encourage you to read the terms of use and privacy notices of use of such third party services before sharing your information with them to understand how your information may be collected and used.

Children's Data

The Sites and Platform Services are not directed to children under 18 years of age and Databricks does not knowingly collect personal information from children under 18. If we learn that we have collected any personal information from children under 18, we will promptly take steps to delete such information. If you are aware that a child has submitted us such information, please contact us using the details provided below.

Changes to this Notice

Databricks may change this Privacy Notice from time to time. We will post any changes on this page and, if we make material changes, provide a more prominent notice (for example, by adding a statement to the website landing page, providing notice through the Platform Services login screen, or by emailing you). You can see the date on which the latest version of this Privacy Notice was posted below. If you disagree with any changes to this Privacy Notice, you should stop using the Databricks Services and deactivate your Databricks account. 

How to Contact Us

Please contact us at [email protected] if you have any questions about our privacy practices or this Privacy Notice. You can also write to us at Databricks Inc., 160 Spear Street, Suite 1300, San Francisco, CA 94105 Attn: Privacy.

If you interact with Databricks through or on behalf of your organization, then your personal information may also be subject to your organization’s privacy practices and you should direct any questions to that organization.

Last updated: August 15th, 2023