What does it cover?
Subscribers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements or other obligations, relating to the such Subscribers’ use of personal data or collection of personal data in connection with the use of our Platform Services by individuals with whom our Subscribers interact. If you are an individual who interacts with a Subscriber using our Platform Services or you otherwise believe that a Subscriber uses our Platform Services to process your personal data, and you contact us regarding this data, then you will be directed to contact our Subscriber for assistance with any requests or questions relating to your personal data, including without limitation any requests to access, amend or erase your personal data.
What information do we collect?
We collect information and data from you in two ways. First, we collect information you manually provide to us, including registration info like your name and email address. Second, we collect information automatically from your use of our Sites and Platform Services, including how and when our Sites and Platform Services are used.
Information you submit or make available.
If you create an account for our Platform Services or otherwise create an account through our Sites to utilize the forums or register for one of our events or training, we may ask, and in some cases require, you to enter certain personal data such as your name, email address, phone number, physical address, gender, job title, job role, company name, company size and other information relating to your proposed use of our products and services or our events and training. You will know which data categories you provide to us, because you will affirmatively enter and submit the data. Any such information you provide us in connection with the registration for our Platform Services is deemed “Account Information.” Databricks may receive information from third parties regarding the companies and users who use our Sites and Platform Services and may combine such information with the information we receive or collect from you.
Information we collect about your use of our Sites.
When you use our Sites, your device automatically generates and provides data to us. We collect and use such data to help us to understand how you are using our Sites, and how to better provide those Sites to you.
Information we collect about your use of our Platform Services.
When you use our Platform Services, a lot of information and data gets automatically generated and collected that can help us to understand how you are using our Platform Services, and how to better provide the Platform Services to you.
How do we use the information collect from you?
We use personal data for the following purposes:
Do we share your information?
We do not share personal data except as follows:
What rights do you have over your information?
We offer you choices regarding the collection, use and sharing of your personal data and we will respect the choices you make. Where you have consented to Databricks’ processing of your personal data, you may withdraw that consent at any time by contacting email@example.com with the subject “Withdraw Consent”. Please note that if you decide not to provide us with the personal data that we request, you may not be able to access all of the features of the Sites.
Opt Out of Certain Communications.
Rights of Access, Modification, Deletion and Restriction of Your Information.
Individuals located in certain countries, including the European Economic Area, have certain statutory rights (including under Privacy Shield) in relation to their personal data. If you are located in such a country and want us to provide access to, export, modify, delete, or restrict processing of your personal data:
We will endeavor to promptly respond to your request. Although Databricks makes good faith efforts to provide users of our Sites and Platform Services with access to their personal data, there may circumstances in which Databricks is unable to provide access including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing would be disproportionate to the risks to of the User’s privacy in the case in question, where the request is manifestly unfounded or excessive or where it is commercially proprietary. If you request deletion of your personal data, please note that we may continue to retain certain of your personal data in archived/backup copies for our records or as otherwise required or allowed by law.
How long do we store your information?
What steps do we take to secure your Information?
Databricks considers protecting the security of your data to be its number one responsibility. Databricks has received a certification to the internationally recognized industry standard information security management system, ISO27001, and aligns its security practices to the internationally recognized industry standard code of practice for protecting personal data in the cloud, ISO27018. Databricks encrypts communications you make with our Sites and the Platform Services, e.g., entering your username and password or information into forms, using TLS (transport layer security) or other industry standard technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure or safe. Accordingly, we cannot guarantee the absolute security of any information.
What about international data transfer?
Databricks may transfer your personal data to countries other than the one in which you live. Specifically, if you are located outside the United States and provide your personal data to us, we may transfer your personal data to the United States and process it there.
To comply with European Union and Swiss data protection laws, Databricks is in the process of self-certifying to the EU–U.S. Privacy Shield Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Economic Area and Switzerland to the United States. We will update this section once our certification is finalized, at which point the below shall be effective.
Databricks’ commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission. To learn more about the Privacy Shield program and to view our certification, please visit the U.S. Department of Commerce’s Privacy Shield website here.
Additionally, if you represent a Subscriber that you have determined is subject to the GDPR and you do not yet have in place an updated data processing addendum (DPA) with us, please review and complete the instructions on our DPA. Our DPA, as is the industry standard, contains the European Economic Area Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Subscribers with users located in the European Economic Area or are otherwise using Databricks to process any data originating from the European Economic Area.
What about third party services?
Do we collect children’s data?
Databricks products and services are not directed to children under 18 years of age and Databricks does not knowingly collect personal data from children under 18 years of age. If we learn that we have collected any personal data from children under 18 years old, we will promptly take steps to delete such information. If you are aware that a child has submitted us such information, please contact us at firstname.lastname@example.org with the subject “Child Data”.
How can you contact us?