Amplitude · Amplitude Privacy Notice · View original document ↗

Data Sharing with Business Customers

Medium severity Medium confidence Explicitdocumentlanguage Unique · 0 of 343 platforms
Share 𝕏 Share in Share 🔒 PDF
Monitor governance changes for Amplitude Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

If you interact with a business's product that uses Amplitude, Amplitude may share data about your specific interactions with that business customer.

This analysis describes what Amplitude's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

Your behavioral data collected through third-party apps powered by Amplitude can be shared back with those app operators, meaning multiple parties may hold records of your in-app activity.

Interpretive note: The scope of data shared with business customers in each context is described illustratively rather than exhaustively, creating some uncertainty about the full range of data flows.

Change history

removed Jun 2, 2026

Removal of explicit provision on customer data sharing may indicate consolidation into processor/controller framework or relocation to separate customer-specific terms.

View full change record →

Consumer impact (what this means for users)

Detailed records of how you interact with third-party products powered by Amplitude, including survey responses and feature usage, may be shared with the business that operates that product, expanding the number of parties holding your behavioral data.

How other platforms handle this

MetaMask Medium

We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.

Ledger Medium

At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.

Target Medium

Loyalty and partner program companies. We share information with our loyalty and partner program companies, like Ulta Beauty and Marriott.

See all platforms with this clause type →

Monitoring

Amplitude has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
Amplitude may share personal information with our customers in connection with the services we provide to them. For example, if you participate in a survey, provide feedback, or interact with a feature of a customer's product that is powered by Amplitude, we may share information about your interactions with that customer.

— Excerpt from Amplitude's Amplitude Privacy Notice

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

(1) REGULATORY LANDSCAPE: This provision engages GDPR transparency requirements for disclosing recipients of personal data and CCPA/CPRA requirements to disclose categories of third parties with whom personal information is shared. The distinction between Amplitude as processor sharing data with its controller-customer versus Amplitude sharing independently as a controller is material and affects the applicable legal obligations. (2) GOVERNANCE EXPOSURE: Medium. The provision is operationally standard for analytics platforms but requires that business customers' own privacy notices disclose Amplitude as a data recipient and describe the categories of data received. Gaps in downstream disclosure create regulatory exposure for business customers. (3) JURISDICTION FLAGS: EU and UK residents have rights to know the specific recipients of their personal data under GDPR Article 15, which may require more granular disclosure than this provision provides. California residents have the right to know the categories of third parties with whom data is shared under CCPA. (4) CONTRACT AND VENDOR IMPLICATIONS: Business customers should ensure their privacy notices and user agreements accurately reflect the data they receive from Amplitude about their own users' interactions. DPA terms should specify the categories of data Amplitude shares back with customers and any restrictions on downstream use. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should map all data flows from Amplitude back to their own organization, ensure their privacy notices reflect these flows, and assess whether user consent for such sharing is required in applicable jurisdictions.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC has authority over deceptive or inadequate disclosures about data sharing practices between analytics platforms and their business customers.
    File a complaint →

Applicable regulations

CCPA/CPRA
California, USA
Connecticut Data Privacy Act Amendments
US-CT
CAN-SPAM
United States Federal
DMA
European Union
FTC Act Section 5
United States Federal
GDPR
European Union
Indiana Consumer Data Protection Act
US-IN
Kentucky Consumer Data Protection Act
US-KY
Universal Opt-Out Mechanism Expansion 2026
US
VPPA
United States Federal

Provision details

Document information
Document
Amplitude Privacy Notice
Entity
Amplitude
Document last updated
May 5, 2026
Tracking information
First tracked
May 8, 2026
Last verified
May 11, 2026
Record ID
CA-P-010292
Document ID
CA-D-00702
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
6d5b4ccf519965585d20703446d8ef745708964ae5cb005295829dcfe75e2ac7
Analysis generated
May 8, 2026 14:29 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Amplitude
Document: Amplitude Privacy Notice
Record ID: CA-P-010292
Captured: 2026-05-08 14:29:58 UTC
SHA-256: 6d5b4ccf51996558…
URL: https://conductatlas.com/platform/amplitude/amplitude-privacy-notice/data-sharing-with-business-customers/
Accessed: July 4, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Medium
Categories

Other risks in this policy

Related Analysis

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Amplitude's Data Sharing with Business Customers clause do?

Your behavioral data collected through third-party apps powered by Amplitude can be shared back with those app operators, meaning multiple parties may hold records of your in-app activity.

How does this clause affect you?

Detailed records of how you interact with third-party products powered by Amplitude, including survey responses and feature usage, may be shared with the business that operates that product, expanding the number of parties holding your behavioral data.

Is ConductAtlas affiliated with Amplitude?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Amplitude.