The AUP makes users contractually responsible for ensuring that third parties they permit to access or use the Databricks Services also comply with all AUP prohibitions.
This analysis describes what Databricks's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision extends the customer's compliance obligation beyond their own direct use to encompass any third party granted access through the customer's account or integrated systems, creating a downstream liability exposure for enterprise customers who embed Databricks into products or services.
Under this clause, the agreement holds users responsible for third-party conduct on the Databricks platform, meaning enterprise customers who provide Databricks-based services to their own customers or employees bear contractual responsibility for those parties' compliance.
How other platforms handle this
You agree not to post, upload, publish, submit or transmit any content that: (i) infringes, misappropriates or violates a third party's patent, copyright, trademark, trade secret, moral rights or other intellectual property rights, or rights of publicity or privacy; (ii) violates, or encourages any ...
You may not use our Services for any illegal purpose or in violation of any laws or regulations. You may not use the Services to send money to sanctioned countries or individuals on government watchlists. You may not use the Services for gambling, illegal drugs, weapons, or any other prohibited acti...
Customer agrees to comply with HubSpot's Acceptable Use Policy, which is incorporated into this Agreement by reference. HubSpot may update the Acceptable Use Policy from time to time, and any changes will be effective upon posting to HubSpot's website. Customer's continued use of the Services follow...
Monitoring
Databricks has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"You shall not, nor permit third parties to, use the Databricks Services or access Databricks Services of others to:— Excerpt from Databricks's Databricks AI Acceptable Use Policy
1. REGULATORY LANDSCAPE: This provision does not directly implicate a specific regulation, but creates contractual liability exposure that interacts with data protection frameworks such as GDPR and CCPA where third-party access involves processing personal data. The FTC's authority over unfair or deceptive practices may be relevant if third-party misuse results in consumer harm. 2. GOVERNANCE EXPOSURE: Medium. Enterprise customers who use Databricks as a platform layer within their own products or services must implement governance controls to prevent third-party violations, or risk contractual breach. The provision does not define what constitutes adequate oversight of third-party use. 3. JURISDICTION FLAGS: EU customers operating as data controllers who grant third-party processors or sub-processors access to Databricks should assess whether this AUP obligation interacts with their GDPR processor agreement obligations. California-based customers should consider CCPA service provider requirements in the context of third-party access. 4. CONTRACT AND VENDOR IMPLICATIONS: Procurement and legal teams should assess whether B2B contracts with customers or partners who access Databricks Services through the customer's account include adequate AUP flow-down provisions. The absence of such flow-down could leave the contracting customer exposed for third-party violations. 5. COMPLIANCE CONSIDERATIONS: Compliance teams should inventory all third parties with access to Databricks Services through the organization's account, assess whether contractual and technical controls are sufficient to prevent AUP violations, and consider adding AUP compliance obligations to relevant vendor and customer agreements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision extends the customer's compliance obligation beyond their own direct use to encompass any third party granted access through the customer's account or integrated systems, creating a downstream liability exposure for enterprise customers who embed Databricks into products or services.
Under this clause, the agreement holds users responsible for third-party conduct on the Databricks platform, meaning enterprise customers who provide Databricks-based services to their own customers or employees bear contractual responsibility for those parties' compliance.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Databricks.