CA-C-001883
Figma — Figma Privacy Policy
Entity
Date detected
March 19, 2026
Effective date
March 19, 2026
Severity
Low
Direction
Neutral
Affected users
all users EU users UK users
Taxonomy
Vendor disclosure shift
Changes
+2 sentences added · 4 sentences modified
Share 𝕏 Share in Share 🔒 PDF
Watch Figma Get alerts when this policy changes.
Watch — Free

Event Summary

Figma updated contact information for privacy inquiries on March 19, 2026. The privacy contact email changed from privacy@figma.com to support@figma.com, and the Data Protection Officer email for UK and EEA residents changed from privacy@figma.com to FigmaDPO@Fieldfisher.com. Additionally, Figma added links to new privacy resources including a Candidate Privacy Notice, Figma Subprocessors list, and Data Processing Addendum.

LOW

Consumer Impact

Figma updated the contact channels for privacy inquiries and data protection requests. Users submitting privacy questions or exercising data rights should now use support@figma.com instead of privacy@figma.com. UK and EEA residents requesting Data Protection Officer assistance will contact FigmaDPO@Fieldfisher.com instead of privacy@figma.com. The policy also now explicitly links to a Candidate Privacy Notice, Figma Subprocessors list, and Data Processing Addendum, making these resources more discoverable.

Governance Analysis

The contact routing changes ensure that privacy inquiries and data subject requests reach the appropriate functional area (support for general questions, external DPO for rights requests). The explicit linking of subprocessor and DPA documentation improves discoverability of data processing terms that organizations relying on Figma need to evaluate for compliance. Operationally, UK and EEA users now have a dedicated Data Protection Officer contact, reinforcing GDPR-required DPO accessibility.

Available Actions

If you have pending privacy inquiries or data subject requests, update your records to use the new contact information: support@figma.com for general privacy questions, FigmaDPO@Fieldfisher.com for UK/EEA data protection requests

If No Action Is Taken

Privacy inquiries sent to the previous privacy@figma.com address may experience delays or misrouting under the updated structure

Key Clauses Affected

Privacy contact email reassignment

General privacy inquiries and rights requests route to support@figma.com instead of privacy@figma.com

Data Protection Officer contact update

UK and EEA residents now contact FigmaDPO@Fieldfisher.com for DPO assistance, signaling use of third-party DPO service

Added resource links

Privacy policy now explicitly links to Candidate Privacy Notice, Figma Subprocessors list, and Data Processing Addendum

Full clause-by-clause analysis available with Compliance.
These clauses may change again. Get alerted when they do. Watch Figma — Free

This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology

Evidence Verification

✓ Verified
Previous Version
058c63680da2853d71c00961c452a8f133cdf997252f2de34a83e6b46de510ab
April 19, 2026 06:16 UTC
✓ Verified
Current Version
72a0872fc8c58d8f2a0829a225fc40eccfac9e7fc8bf11fe35830803976c23b9
March 19, 2026 14:56 UTC
✓ Verified
Change Detected
March 19, 2026 14:56 UTC
Analysis Methodology
✓ Verified
Source Document
https://www.figma.com/legal/privacy/
Citation Record
Entity: Figma
Document: Figma Privacy Policy
Record ID: CA-C-001883
Captured: 2026-03-19 14:56:14 UTC
URL: https://conductatlas.com/change/2026-03-19-figma-figma-privacy-policy-1883/
Accessed: July 1, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
For legal and compliance teams

Institutional Analysis

Assessment

Figma reassigned privacy request routing: general inquiries to support@figma.com and UK/EEA data subject requests to an externally hosted DPO function (FigmaDPO@Fieldfisher.com, which appears to be a third-party DPO service provided by Fieldfisher). Organizations using Figma should update vendor contact directories and ensure their own privacy incident response procedures reference the new contact points. The addition of explicit links to subprocessor lists and Data Processing Addendum does not create new obligations but improves discoverability of documents already referenced or required under GDPR. No new regulatory obligations are created; this is a procedural update to contact and resource routing.

Regulatory Exposure

GDPR (Article 55 accountability; Articles 13-14 required disclosures; Article 38 DPO requirements); UK Data Protection Act 2018 (parallel DPO requirements). The routing of UK/EEA data subject requests to a named DPO function reinforces compliance with mandatory DPO contact availability under GDPR Article 38(4).

Full compliance analysis

Obligation analysis, escalation trigger, board language, and recommended action.

Monitor $19/mo Compliance $249/mo

Monitor: regulatory citations + obligations. Compliance: full compliance memo.

ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-001883.

Full Changes

See the full side-by-side comparison of every sentence added, removed, and modified.

🔒 Full diff — Monitor

Document Context

Version history → Policy drift analysis → Document page →
Document
Figma Privacy Policy
Entity
Figma
Captured
March 19, 2026
Source URL
https://www.figma.com/legal/privacy/
Other changes to Figma Privacy Policy
Next change Mar 31, 2026
Figma updated its Privacy Policy on March 31, 2026 with administrative and contact information changes. The company removed a link …
Low Neutral
View full version history →
More from Figma
Jun 13, 2026 Unknown
Figma Privacy Policy
Jun 13, 2026 Unknown
Figma Terms of Service
Jun 13, 2026 Unknown
Figma Privacy Policy
Related Analysis
Platform Analysis · June 12, 2026
OpenAI Changed Its Privacy Policy 4 Times in One Week. Here Is What Actually Changed.

Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.

Track Figma policy changes

Get alerted when this policy changes again — including what changed and why it matters.

Prefer a weekly summary instead?

Get the biggest policy changes across 320+ platforms every Sunday.