This Security Addendum is incorporated into and made a part of the written agreement between Databricks, Inc. (“Databricks”) and Customer that references this Security Addendum (“Agreement”).

Databricks maintains a comprehensive documented security program that is based on industry standard security frameworks including NIST 800-53 and ISO 27001 (the “Security Program”). Pursuant to the Security Program, Databricks implements and maintains administrative, physical, and technical security measures to protect the Platform Services and Support Services and the security and confidentiality of Customer Content (including any Personal Data that may be contained therein) (each as defined in the Agreement) under Databricks’ control that is processed by Databricks in its provisioning of the Platform Services or Support Services (the “Security Measures”). Databricks’ compliance with this Addendum shall be deemed to satisfy any more general measures included within any Agreement, including the Service Specific Terms.

Databricks regularly tests and evaluates its Security Program, and may review and update this Security Addendum at any time without notice, provided that such updates are equivalent (or enhance) security and do not materially diminish the level of protection afforded to Customer Content by these Security Measures.

1. Deployment Model
   1. Architecture. Databricks is a hybrid platform-as-a-service offering. The components responsible for managing and controlling the Platform Services are referred to as the ‘Databricks Control Plane’. The compute resources that perform data processing operations are referred to as the “Data Plane”. For certain Cloud Service Providers, the Data Plane may either be deployed in Customer’s Cloud Service Provider account (known as the ‘Customer Data Plane’) or, for Databricks Serverless Compute, in a Databricks-controlled Cloud Service Provider account (known as the ‘Databricks Data Plane’). Data Plane shall refer to both Customer Data Plane and Databricks Data Plane unless otherwise specified.
   2. Shared Responsibility. Databricks operates in a shared responsibility model, where both Databricks and Customer maintain security responsibilities. This is covered in more detail in our Documentation.
   3. Data Storage
      1. Customer Data Storage Location
         1. Customer Control. Most Customer Content is stored within Customer’s own Cloud Service Provider account at rest (e.g., within Customer’s AWS S3 bucket) or within other Systems under Customer’s control. Please see the Documentation for more details.
         2. Databricks Control. Small amounts of Customer Content may be stored within the Databricks Control Plane, including metadata about Customer Content. Databricks offers Customers options regarding the storage of certain Customer Content within the Platform Services such as query results. Please see the Documentation for more details.
2. Deployment Region. Customer may specify the region(s) where their Platform Services Workspaces are deployed. Customer can choose to deploy the Data Plane into any supported Databricks region. The Databricks Control Plane is deployed into the same region. Databricks will not, without Customer permission, move a Customer Workspace into a different region. See the Documentation for details specific to Customer’s Cloud Service Provider.
3. Databricks’ Audits & Certifications. Databricks uses independent third-party auditors to assess the Databricks Security Program at least annually, as described in the following audits, regulatory standards, and certifications:
   • SOC 1 Type II
   • SOC 2 Type II
   • ISO 27001
   • ISO 27017
   • ISO 27018
   • HIPAA
   • PCI DSS (AWS)

   To the extent that Databricks chooses not to continue adherence with one or more of the standards noted above, Databricks will adopt or maintain an equivalent, industry-standard framework.

4. Administrative Controls
   1. Governance. Databricks’ Chief Security Officer leads the Databricks’ Information Security Program and develops, reviews, and approves (together with other relevant internal stakeholders) Databricks’ Security Policies and Procedures.
   2. Change Management. Databricks maintains a documented change management policy, reviewed at least annually.
   3. ISMS; Policies and Procedures. Databricks has implemented a formal Information Security Management System (“ISMS”) in order to protect the confidentiality, integrity, authenticity, and availability of Databricks' data and information systems, and to ensure the effectiveness of security controls over data and information systems that support operations.
   4. Monitoring & Logging. Databricks employs monitoring and logging technology to help detect and prevent unauthorized access attempts to its network and equipment.
   5. Access Review. Active users with privileged access to the Platform Services are reviewed at least quarterly and are promptly removed upon termination of employment. As part of the personnel offboarding process, all accesses are revoked and data assets are securely wiped.
   6. Third Party Risk Management. Databricks maintains a comprehensive Third Party Risk Management program that assesses the security compliance of applicable third parties, including vendors and subprocessors, in order to appropriately measure and manage risk.
   7. Personnel Training. Personnel receive comprehensive training on the Security Policies upon hire and refresher training annually. Personnel are required to certify and agree to the Security Policies and personnel who violate the Security Policies are subject to disciplinary action, including warnings, suspension and up to (and including) termination.
   8. Personnel Screening and Evaluation. All personnel undergo background checks prior to onboarding (as permitted by local law), which may include, but are not limited to, criminal record checks, employment history verification, education verification, and global sanctions and enforcement checks. Databricks uses a third-party provider to conduct screenings, which vary by jurisdiction and comply with applicable local law. Personnel are required to sign confidentiality agreements.
5. Physical and Environmental Controls
   1. Databricks Corporate Offices. Databricks has implemented administrative, physical, and technical safeguards for its corporate offices. These include, but are not limited to, the below:
      • Visitors are required to sign in, acknowledge and accept an NDA, wear an identification badge, and be escorted by Databricks personnel while on premises
      • Databricks personnel badge into the offices
      • Badges are not shared or loaned to others without authorization
      • Physical entry points to office premises are recorded by CCTV and have an access card verification system at every door, allowing only authorized employees to enter the office premises
      • Equipment and other Databricks-issued assets are inventoried and tracked
      • Office Wi-Fi networks are protected with encryption, wireless rogue detection, and Network Access Control
   2. Cloud Service Provider Data Centers. Databricks regularly reviews Cloud Service Provider audits conducted in compliance with ISO 27001, SOC 1, SOC 2, and PCI-DSS. Security controls include, but are not limited to the list below:
      • Biometric facility access controls
      • Visitor facility access policies and procedures
      • 24-hour armed physical security
      • CCTV at ingress and egress
      • Intrusion detection
      • Business continuity and disaster recovery plans
      • Smoke detection sensors and fire suppression equipment
      • Mechanisms to control temperature, humidity and water leaks
      • Power redundancy with backup power supply
6. Systems & Network Security
   1. Platform Controls.
      1. Isolation. Databricks leverages multiple layers of network security controls, including network-level isolation, for separation between the Databricks’ development and production environments.
      2. Firewalls & Security Groups. Firewalls are implemented as network access control lists or security groups within Databricks’ production environment.
      3. Hardening.
         1. Databricks employs industry standards to harden images and operating systems under its control that are deployed within the Platform Services, including deploying baseline images with hardened security configuration such as disabled remote root login, isolation of user code, and images are regularly updated and refreshed.
         2. For Systems under Databricks control supporting the production data processing environment, Databricks tracks security configurations against industry standard baselines such as CIS and STIG.
      4. Encryption
         1. Encryption of data-in-transit. Customer Content is encrypted using cryptographically secure protocols (TLS v.1.2 or higher) in transit between (1) Customer and the Databricks Control Plane and (2) the Databricks Control Plane and the Data Plane. Additionally, depending on functionality provided by the Cloud Service Provider, Customer may optionally encrypt communications between clusters within the Data Plane (e.g., by utilizing appropriate AWS Nitro instances).
         2. Encryption of data-at-rest. Customer Content is encrypted using cryptographically secure protocols (AES-256 bit, or the equivalent or better) while at rest within the Databricks Control Plane.
         3. Review. Cryptographic standards are periodically reviewed and selected technologies and ciphers are updated in accordance with assessed risk and market acceptance of new standards.
         4. Customer Options; Responsibilities. Customer(s) may choose to leverage additional encryption options for data in transit within the Customer Data Plane or Databricks Data Plane as described in the Documentation (e.g., Customer may utilize AWS Nitro EC2 instances within the Customer Data Plane to provide additional encryption in transit). Customer shall, based on the sensitivity of the Customer Content, configure the Platform Services and Customer Systems to encrypt Customer Content where appropriate (e.g., by enabling encryption at rest for data stored within AWS S3).
      5. Monitoring & Logging
         1. Intrusion Detection Systems. Databricks leverages security capabilities provided natively by Cloud Service Providers for security detection.
         2. Audit Logs.
            1. Generation. Databricks generates audit logs from Customer’s use of the Platform Services. The logs are designed to store information about material events within the Platform Services.
            2. Delivery. Customer may, depending on the entitlement tier of the Platform Services, enable delivery of audit logs.  It is Customer’s responsibility to configure this option.
            3. Integrity.  Databricks stores audit logs in a manner designed to protect the audit logs from tampering.
            4. Retention. Databricks stores audit logs for at least one year.
      6. Penetration Testing. Databricks conducts third-party penetration tests at least annually, in addition to maintaining in-house offensive security personnel and a public bug bounty program.
      7. Vulnerability Management & Remediation. Databricks regularly runs authenticated scans against representative hosts in the SDLC pipeline to identify vulnerabilities and emerging security threats that may impact the Platform Services. Databricks will use commercially reasonable efforts to address critical vulnerabilities within 14 days, high severity within 30 days, and medium severity within 60 days measured from, with respect to publicly declared third party vulnerabilities, the date of availability of a compatible, vendor-supplied patch, or for internal vulnerabilities, from the date such vulnerability is confirmed. Databricks leverages the National Vulnerability Database’s Common Vulnerability Scoring System (CVSS), or where applicable, the U.S.-Cert rating, combined with an internal analysis of contextual risk to determine criticality.
      8. Patching.
         1. Control Plane. Databricks deploys new code to the Databricks Control Plane on an ongoing basis.
         2. Data Plane. New Data Plane virtual machines use the latest applicable source code and system images upon launch. Customer is encouraged to restart always-on clusters on a periodic basis to take advantage of security patches.
   2. Corporate Controls.
      1. Access Controls
         1. Authentication. Databricks personnel are authenticated through single sign-on (SSO), 802.1x (or similar) where applicable, and use a unique user ID and password combination and multi-factor authentication. Privileges are consistent with least privilege principles. Security Policies prohibits personnel from sharing or reusing credentials, passwords, IDs, or other authentication information. If your identity provider supports the SAML 2.0 protocol, you can use Databricks’ SSO to integrate with your identity provider.
         2. Role-Based Access Controls (RBACs). Databricks enforces RBACs (based on security groups and access control lists). Only authorized roles, which are defined based on the principle of least privilege and segregation of duties, are allowed to access production systems.
      2. Workstation Controls: Databricks enforces certain security controls on its workstations used by personnel, including:
         • Full-disk encryption
         • Anti-malware software
         • Automatic screen lock after 15 minutes of inactivity
         • Secure VPN
7. Breach Detection & Response
   1. Detection & Investigation. Databricks’ dedicated Detection engineering team deploys and develops intrusion detection monitoring across its computing resources, with alert notifications sent to the Security Incident Response Team (SIRT) for triage and response. The SIRT employs an incident response framework to manage and minimize the effects of unplanned security events.
   2. Security Breaches. “Security Breach” means a breach of security leading to any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Content under Databricks control. A Security Breach shall not include an unsuccessful attempt or activity that does not compromise the security of Customer Content, including (without limitation) pings and other broadcast attacks of firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, packet sniffing (or other unauthorized access to traffic data that does not result in access beyond headers) or similar incidents. Databricks maintains a record of Security Breaches that includes description, dates and times of relevant activities, and disposition. Suspected and confirmed security incidents are investigated by security, operations, or support personnel; and appropriate resolution steps are identified and documented. For any confirmed Security Breaches, Databricks will take appropriate, reasonable steps to minimize product and Customer damage or unauthorized disclosure.
   3. Communications & Cooperation. In accordance with applicable data protection laws, Databricks will notify Customer of a Security Breach for which that Customer is impacted without undue delay after becoming aware of the Security Breach, and take appropriate measures to address the Security Breach, including measures to mitigate any adverse effects resulting from the Security Breach.
8. Customer Audit Rights
   1. Upon written request and at no additional cost to Customer, Databricks shall provide Customer, and/or its appropriately qualified third-party representative , access to reasonably requested documentation evidencing Databricks’ compliance with its obligations under this Addendum in the form of the relevant audits or certifications listed in Section 3 (Databricks’ Audits and Certifications) above. Such audits are performed (a) at least once annually; and (b) by independent third-party security professionals selected by Databricks. Such audits result in the generation of a confidential audit report collectively, “Audit Reports”).
   2. Only to the extent Customer cannot reasonably satisfy Databricks compliance with this Addendum through the Audit Reports , Customer may send a written request to conduct an audit of Databricks applicable controls during the term of the Agreement on an annual basis. Following receipt by Databricks of such a request, Databricks and Customer shall mutually agree in advance on the details of the audit, including the reasonable start date, scope and duration of, and security and confidentiality controls applicable to, any such audit. The Audit Report, audit, and any information arising therefrom shall be considered Databricks Confidential Information and may only be shared with a third party (including a third party controller) with Databricks’ prior written agreement.
   3. Notwithstanding any other audit provisions in the Agreement, Customer requests for audits are limited to once per year.
9. Backups, Business Continuity, and Disaster Recovery
   1. Business Continuity and Disaster Recovery. Databricks Business Continuity (BC) and Disaster Recovery (DR) plans are reviewed and drills are conducted annually.
   2. Data Resiliency. Databricks performs backups for the Databricks Control Plane , generally managed by the Cloud Service Provider capabilities, for data resiliency purposes in the case of a critical systems failure. While Databricks backs up certain service elements that persist in the Databricks Control Plane as part of its systems resiliency, those backups are maintained only for emergency recovery purposes and are not available for Customer.
   3. No Data Restoration. Due to the hybrid nature of the Databricks Platform, Databricks does not back up Customer Content. To assist Customers in performing their own backups, Databricks provides certain self-service features within the Platform Services (like the ability to synchronize notebooks with a customer’s Github or Bitbucket account).
10. Data Deletion
    1. During Use. The Platform Services provide Customer with functionality that permit Customer to delete Customer Content under Databricks’ control.
    2. Upon Workspace Cancellation. Customer Content contained within a Customer Workspace is permanently deleted within thirty (30) days following cancellation of the Workspace.
11. MosaicML Security Standards. Notwithstanding anything to the contrary in the Agreement including its schedules or annexes, the security standards and measures set forth in the Agreement (“Security Measures”) do not apply to products and services related to MosaicML (“MosaicML Services”). Instead, the following section comprises the Security Measures for the purpose of MosaicML Services. For clarity, the Security Measures described below do not apply to any other Databricks Services.
    
    Data Security: Databricks implements and maintains commercially reasonable technical, physical, administrative, and organizational safeguards, and other applicable aspects of system and content management, designed to protect the security, confidentiality, integrity, and availability of all Customer Content. Provider shall use commercially reasonable efforts to promptly notify Customer in the event of any breach of security impacting Customer Content (“Security Breach”) within three (3) business days from the date the Security Breach is confirmed.

Last Revised August 15, 2023.