Privacy Policy

Last Updated:May, 2018

Terms

Privacy

Privacy Policy


In this Privacy Policy, we, Databricks, Inc., describe what types of personal data we collect while you browse our publicly available websites and use our services, how we use it, and what you can expect from us while we hold it.

What does it cover?

This Privacy Policy covers all Databricks-branded publicly available websites, including sites located on databricks.com (other than *.cloud.databricks.com and help.databricks.com), as well as spark-summit.org, and spark-packages.org and any other pages that link to this Privacy Policy (collectively, the “Sites”). With the exception of Account Information and Usage Data (each defined below), this Privacy Policy expressly does not cover data submitted through or otherwise collected during the use of the Databricks Platform Services (known as Databricks and Databricks Community Edition, each located at *.cloud.databricks.com, or the related website at help.databricks.com and platform support services, together the “Platform Services”), which are subject to the Databricks Terms of Service (or with respect to the Community Edition, the Community Edition Terms of Service) or other written agreement in place between Databricks and our subscribers (“Subscribers”), or any other data collection and processing, including, without limitation, data that we collect offline.

Subscribers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements or other obligations, relating to the such Subscribers’ use of personal data or collection of personal data in connection with the use of our Platform Services by individuals with whom our Subscribers interact. If you are an individual who interacts with a Subscriber using our Platform Services or you otherwise believe that a Subscriber uses our Platform Services to process your personal data, and you contact us regarding this data, then you will be directed to contact our Subscriber for assistance with any requests or questions relating to your personal data, including without limitation any requests to access, amend or erase your personal data.

What information do we collect?

We collect information and data from you in two ways. First, we collect information you manually provide to us, including registration info like your name and email address. Second, we collect information automatically from your use of our Sites and Platform Services, including how and when our Sites and Platform Services are used.

Information you submit or make available.

If you create an account for our Platform Services or otherwise create an account through our Sites to utilize the forums or register for one of our events or training, we may ask, and in some cases require, you to enter certain personal data such as your name, email address, phone number, physical address, gender, job title, job role, company name, company size and other information relating to your proposed use of our products and services or our events and training. You will know which data categories you provide to us, because you will affirmatively enter and submit the data. Any such information you provide us in connection with the registration for our Platform Services is deemed “Account Information.”  Databricks may receive information from third parties regarding the companies and users who use our Sites and Platform Services and may combine such information with the information we receive or collect from you.

Information we collect about your use of our Sites.

When you use our Sites, your device automatically generates and provides data to us. We collect and use such data to help us to understand how you are using our Sites, and how to better provide those Sites to you.

When you use the Sites, we use standard automated data collection tools such as Cookies, Web Beacons, Tracking Pixels and the like (“Web Data”). You can learn more about these terms and what types of data are collected, how it is used and why, as well as how to opt out of certain collection, by visiting our Cookies Policy. While the vast majority of Web Data is not Personal Data, some Web Data may include certain information which may be considered personal data depending on where you live, like a User’s Internet Protocol (IP) address. To the extent Web Data contains personal data, it will be treated as personal data under this Privacy Policy.

Information we collect about your use of our Platform Services.

When you use our Platform Services, a lot of information and data gets automatically generated and collected that can help us to understand how you are using our Platform Services, and how to better provide the Platform Services to you.

When you use the Platform Services, we automatically record information about how our users (both account holders and other users on a user account) (“Users”) use the Platform Services (known as “Usage Data”). Most Usage Data is not personal data, and includes information like browser type, operating system, the pages or features of our Platform Services accessed or used by User and the time spent on those pages or features, search terms entered into our Platform Services to browse the docs, commands executed when using our Platform Services, information about the types and size of files analyzed via the Platform Services, and other statistical information. Some Usage Data may include certain information which may be considered personal data depending on where you live, like a User’s Internet Protocol (IP) address. To the extent Usage Data contains personal data, it will be treated as personal data under this Privacy Policy.

How do we use the information collect from you?

We use personal data for the following purposes:

  • To provide the Sites, the Platform Services, our services or information requested;
  • To develop new products and services;
  • To identify your account and bill you for the use of our products and services;
  • To prevent fraud or other illegal use of our products and services;
  • To keep in contact with you regarding the products and services you use;
  • To tailor and send you newsletters, emails and other content to promote our products and services (you can always unsubscribe from marketing emails by clicking here);
  • To generate and analyze statistical information about how our Sites and Platform Services are used in the aggregate;
  • Where Databricks otherwise has a legitimate interest, including for purposes of direct marketing, fraud prevention, disclosure to affiliated organizations, network and information security, and processing for research purposes (including marketing research);
  • Where you have otherwise consented.

Do we share your information?

We do not share personal data except as follows:

  • with affiliated and unaffiliated service providers that help us conduct our business, subject to confidentiality obligations;
  • with respect to onward transfers to third parties under Privacy Shield, Privacy Shield requires that Databricks remain liable should its agents process personal data in a manner inconsistent with the Privacy Shield Principles;
  • when necessary to identify you with respect to public contributions (e.g., the posting of a package on spark-packages.org);
  • when necessary to deliver the products and services you require such as with a payment card provider who we use to process your credit card transaction;
  • when authorized by law or necessary to comply with a valid legal process;
  • when required to protect and defend the rights or property of Databricks, Subscribers, vendors or other users of our Sites, including the security of our Sites, products and services;
  • when necessary to protect the personal safety, property or other rights of the public, Databricks or its customers or employees; or
  • in connection with a sale or reorganization of all or part of our business.

What rights do you have over your information?

We offer you choices regarding the collection, use and sharing of your personal data and we will respect the choices you make.  Where you have consented to Databricks’ processing of your personal data, you may withdraw that consent at any time by contacting privacy@databricks.com with the subject “Withdraw Consent”. Please note that if you decide not to provide us with the personal data that we request, you may not be able to access all of the features of the Sites.

Opt Out of Certain Communications.

We may periodically send you free newsletters and e-mails that directly promote our products and services. When you receive such promotional communications from us, you will have the opportunity to “opt-out” (either by following the unsubscribe instructions provided in the e-mail you receive or by clicking here). We may need to send you certain communications regarding products or services you are using and you may not be able to opt out of those communications – e.g., communications regarding updates to the terms governing your access to or use of our Sites or this Privacy Policy or information about billing.

Rights of Access, Modification, Deletion and Restriction of Your Information.

Individuals located in certain countries, including the European Economic Area, have certain statutory rights (including under Privacy Shield) in relation to their personal data. If you are located in such a country and want us to provide access to, export, modify, delete, or restrict processing of your personal data:

  • and you are an individual user of our Community Edition services, please contact us at ce-dsr@databricks.com with your request with the subject “Community Edition Data Subject Request”;
  • and you are an individual user through a Subscriber account, please route your request through the appropriate Subscriber and ask that the administrator of the account send us an email at dsr@databricks.com  with the subject “Data Subject Request”. Please note that we cannot process your request directly, as your information is controlled by that Subscriber, and we do not directly have a relationship with you; or
  • and you believe we have your personal data for some other reason, including if you registered for one of our events, etc., please contact us at privacy@databricks.com with your request with the subject “Other Personal Data Request” and please provide as much information as you can regarding you request so we can properly resolve it.

We will endeavor to promptly respond to your request.  Although Databricks makes good faith efforts to provide users of our Sites and Platform Services with access to their personal data, there may circumstances in which Databricks is unable to provide access including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing would be disproportionate to the risks to of the User’s privacy in the case in question, where the request is manifestly unfounded or excessive or where it is commercially proprietary. If you request deletion of your personal data, please note that we may continue to retain certain of your personal data in archived/backup copies for our records or as otherwise required or allowed by law.

How long do we store your information?

Databricks may retain the personal data we collect from you as described in this Privacy Policy for as long as you use our services or as necessary to fulfill the purpose(s) for which it was collected, provide our services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

What steps do we take to secure your Information?

Databricks considers protecting the security of your data to be its number one responsibility.  Databricks has received a certification to the internationally recognized industry standard information security management system, ISO27001, and aligns its security practices to the internationally recognized industry standard code of practice for protecting personal data in the cloud, ISO27018.  Databricks encrypts communications you make with our Sites and the Platform Services, e.g., entering your username and password or information into forms, using TLS (transport layer security) or other industry standard technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure or safe. Accordingly, we cannot guarantee the absolute security of any information.

What about international data transfer?

Databricks may transfer your personal data to countries other than the one in which you live. Specifically, if you are located outside the United States and provide your personal data to us, we may transfer your personal data to the United States and process it there.

To comply with European Union and Swiss data protection laws, Databricks is in the process of self-certifying to the EU–U.S. Privacy Shield Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Economic Area and Switzerland to the United States.  We will update this section once our certification is finalized, at which point the below shall be effective.

If you are a resident of the European Economic Area or Switzerland and feel that Databricks is not abiding by the terms of the Privacy Policy, or is not in compliance with the Privacy Shield Principles, please contact privacy@databricks.com with the subject “Privacy Shield”. Databricks will respond to any such requests within 45 days. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our US-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. If neither Databricks nor our dispute resolution provider resolves your complaint, you may have the possibility, under certain conditions, to invoke binding arbitration through the Privacy Shield Panel.

Databricks’ commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.  To learn more about the Privacy Shield program and to view our certification, please visit the U.S. Department of Commerce’s Privacy Shield website here.

Additionally, if you represent a Subscriber that you have determined is subject to the GDPR and you do not yet have in place an updated data processing addendum (DPA) with us, please review and complete the instructions on our DPA. Our DPA, as is the industry standard, contains the European Economic Area Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Subscribers with users located in the European Economic Area or are otherwise using Databricks to process any data originating from the European Economic Area.

What about third party services?

We may make available certain features and functionality that allow you to sign into our Sites using third party login credentials (such as LinkedIn, Facebook, Twitter and Google+ and others (each such third party services, a “Third Party Service”)). Any data you submit to any Third Party Services will be subject to the privacy policy of such Third Party Service.

We may also link to co-branded websites or products that are maintained by Databricks and one or more of our business partners. Please note that these co-branded websites and products may have their own privacy policy, which we encourage you to read and understand.

Do we collect children’s data?

Databricks products and services are not directed to children under 18 years of age and Databricks does not knowingly collect personal data from children under 18 years of age. If we learn that we have collected any personal data from children under 18 years old, we will promptly take steps to delete such information.  If you are aware that a child has submitted us such information, please contact us at privacy@databricks.com with the subject “Child Data”.

How can we make changes to this Privacy Policy?

Databricks may change this Privacy Policy from time to time by updating this site. If there are material changes to Privacy Policy that may impact your rights, Databricks will attempt to notify you by email or as otherwise required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you visit our Sites or use any of our products or services after such changes have been made.

How can you contact us?

Please contact us at privacy@databricks.com if you have any questions about our Privacy Policy.

Effective Date: We last updated this Privacy Policy on May 25, 2018.

Learn More

GDPR

GDPR FAQs


Learn More

Security