AWS shares your personal information with outside companies that help run its services, and also with business partners for co-branded products and joint marketing, meaning your data can reach organizations beyond Amazon itself.
This analysis describes what AWS's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Sharing with third-party service providers and business partners expands the pool of organizations that hold your personal information, each with their own privacy and security practices, and creates downstream data handling risks.
Interpretive note: The precise verbatim text was not available in the truncated document; the scope of business partner sharing and whether it constitutes a CCPA sale or sharing depends on implementation details not fully disclosed in the public policy.
Your personal information including contact details and usage data may be disclosed to third-party vendors for operational purposes and to business partners for marketing activities, which means organizations outside AWS may access your data.
How other platforms handle this
We may share your information with third-party advertising partners to provide you with targeted advertising. We also work with third-party analytics providers who help us understand how users interact with our Services. These third parties may use cookies, web beacons, and similar tracking technolo...
We process personal data you provide to Oura to enable third party integrations, services, features, and offerings. For example, with your permission, our Services may integrate with third-party services like Google Health Connect and Apple HealthKit, or those of our partners. Oura takes measures to...
We may share your personal data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We may also share your personal data with advertising partners to display relevant advertising to y...
Monitoring
AWS has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may share personal information with third-party service providers that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. We may also share your information with business partners with whom we offer co-branded services or engage in joint marketing activities.— Excerpt from AWS's AWS Privacy Notice
REGULATORY LANDSCAPE: Under GDPR, disclosure to third parties requires a lawful basis and, where those parties act as independent controllers, appropriate contractual or legal frameworks. CCPA distinguishes between service providers (data shared for operational purposes) and third parties (data shared for other purposes, potentially constituting a sale or sharing for cross-context behavioral advertising). The FTC Act requires that data sharing practices be consistent with disclosed privacy commitments. GOVERNANCE EXPOSURE: Medium. The distinction between service providers and business partners is significant under CCPA; sharing with business partners for joint marketing may constitute sharing personal information for cross-context behavioral advertising, triggering opt-out rights. Compliance teams should assess whether AWS's characterization of partner sharing aligns with CCPA's definitions. JURISDICTION FLAGS: California residents may have opt-out rights regarding sharing of personal information with business partners for cross-context behavioral advertising under CCPA. EU residents are entitled to know the identity of third-party recipients or categories of recipients under GDPR Article 13 or 14. The policy's use of categories rather than named entities may be insufficient for full GDPR transparency in some interpretations. CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers should verify that their AWS Data Processing Addendum restricts AWS's use of customer data to service delivery purposes and does not authorize sharing with business partners for marketing purposes where the customer's data is involved. Subprocessor lists should be reviewed for currency. COMPLIANCE CONSIDERATIONS: Legal teams should map all categories of third parties receiving AWS-collected personal data, assess whether CCPA opt-out mechanisms are implemented for business partner sharing, and confirm GDPR data processing agreements are in place with all subprocessors identified by AWS.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Sharing with third-party service providers and business partners expands the pool of organizations that hold your personal information, each with their own privacy and security practices, and creates downstream data handling risks.
Your personal information including contact details and usage data may be disclosed to third-party vendors for operational purposes and to business partners for marketing activities, which means organizations outside AWS may access your data.
ConductAtlas has identified this type of provision across 24 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by AWS.