Figma removed links to two privacy-related resources from its Terms of Service footer on March 31, 2026: the 'Candidate Privacy Notice' link and the 'Figma Subprocessors' list. At the same time, Figma added links to trademark and intellectual property policies. This means users can no longer quickly access Figma's subprocessor list directly from the Terms of Service, though these resources may remain available elsewhere on Figma's website.
The removal of the Subprocessors list link makes it less convenient for users, particularly enterprise and EU-based customers who rely on this information for data protection compliance, to verify which third parties Figma engages to process their data. While the subprocessor information may still exist on Figma's website, removing the direct link from the Terms of Service reduces accessibility and transparency. Enterprise customers and those subject to GDPR may need to contact Figma directly to access current subprocessor information.
The Subprocessors list is a key transparency mechanism under GDPR Article 28 and equivalent data protection frameworks that allows data controllers to verify which third parties process their data. Removing the direct link from the Terms of Service reduces the accessibility of this information and may complicate compliance audits and vendor due diligence workflows, even if Figma's underlying obligation to disclose subprocessors remains unchanged.
→ Verify that your current Figma Data Processing Addendum or vendor agreement includes clear mechanisms for accessing and reviewing the Subprocessor list.
→ Contact Figma support or your account manager to confirm where subprocessor information is now published or made available.
→ Enterprise users conducting compliance audits may experience increased friction when attempting to verify Figma's processor relationships for GDPR compliance.
→ Organizations may lose a quick-reference transparency mechanism if they rely on the Terms of Service footer as a primary navigation point for critical compliance documents.
Removed direct hyperlink to Subprocessor list from Terms of Service footer, reducing accessibility for compliance verification.
Removed reference to Candidate Privacy Notice, potentially affecting job applicants' ability to quickly access hiring-related privacy disclosures.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
Figma removed hyperlinks to its Subprocessors list and Candidate Privacy Notice from the Terms of Service footer on March 31, 2026. This is a transparency and accessibility change rather than a substantive policy modification. Organizations relying on this document as part of their vendor governance must now locate subprocessor information through alternative means, potentially requiring updated vendor assessment workflows. Under GDPR Article 28 and equivalent data protection frameworks, controllers remain entitled to access subprocessor lists; this change affects discoverability, not the right itself. Compliance teams should verify that subprocessor information remains publicly available or accessible upon request.
GDPR Article 28 (processor obligations and subprocessor transparency), CCPA Section 1798.100 (right to know vendor relationships), UK GDPR Article 28, potential requirements under SOC 2 or ISO 27001 certification frameworks if Figma holds those certifications
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-000204.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — WatcherFigma updated its privacy policy contact information and reorganized its footer navigation on April 19, 2026. The main change: the …
Figma updated its Privacy Policy on March 31, 2026 with administrative and contact information changes. The company removed a link …
Figma updated contact information for privacy inquiries on March 19, 2026. The privacy contact email changed from privacy@figma.com to support@figma.com, …
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.