Databricks · Databricks Privacy Notice

Cross-Border Data Transfers

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

Your data may be transferred to and processed in the US or other countries with weaker privacy laws than your home country. Databricks uses standard contractual clauses to try to protect EU/UK data during these transfers.

Consumer impact (what this means for users)

If you are in the EU, UK, or Switzerland, your personal data may be transferred to the United States where data protection standards differ — Databricks relies on Standard Contractual Clauses (SCCs) as the transfer mechanism, but the adequacy of these protections depends on proper implementation.

Cross-platform context

See how other platforms handle Cross-Border Data Transfers and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

International data transfers carry legal risk and regulatory scrutiny — if the transfer mechanisms are not properly implemented, your data protections under EU or UK law may not travel with your data.

View original clause language
Databricks is a global company, and your personal information may be stored and processed in any country where we operate or where our service providers are located, including the United States and other countries that may have different data protection laws than your country of residence. When we transfer personal information from the European Economic Area, the United Kingdom, or Switzerland to other countries, we use appropriate safeguards, such as standard contractual clauses approved by the European Commission.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: Cross-border transfers are governed by GDPR Chapter V, specifically Art. 44 (general principle for transfers), Art. 46(2)(c) (Standard Contractual Clauses as appropriate safeguard), Art. 49 (derogations for specific situations), and the EU-US Data Privacy Framework (DPF) adequacy decision (July 2023). UK transfers are governed by UK GDPR Art. 46 and the UK International Data Transfer Agreement (IDTA) or UK addendum to EU SCCs. Swiss Federal Act on Data Protection (revFADP, effective September 2023) applies for Swiss data. Enforced by EU DPAs (lead: Irish DPC for Databricks' EU operations), UK ICO, and Swiss FDPIC.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    FTC enforces the EU-US Data Privacy Framework and can pursue actions against companies that misrepresent their compliance with international transfer frameworks
    File a complaint →

Provision details

Document information
Document
Databricks Privacy Notice
Entity
Databricks
Document last updated
April 29, 2026
Tracking information
First tracked
April 30, 2026
Last verified
April 30, 2026
Record ID
CA-P-004413
Document ID
CA-D-00458
Evidence Provenance
Source URL
https://www.databricks.com/legal/privacynotice
Wayback Machine
View archived versions →
SHA-256
c2601098042d922e6c540b44624976b336394366f0003fd04e5ca853cfbadda2
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Databricks | Document: Databricks Privacy Notice | Record: CA-P-004413
Captured: 2026-04-30 10:03:00 UTC | SHA-256: c2601098042d922e…
URL: https://conductatlas.com/platform/databricks/databricks-privacy-notice/cross-border-data-transfers/
Accessed: May 2, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document