Databricks · Databricks Privacy Notice · View original document ↗

Third-Party Service Provider Sharing

Low severity High confidence Explicitdocumentlanguage Rare · 2 of 343 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity Databricks recorded 2 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for Databricks Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

Databricks shares your personal data with a range of vendors and service providers who help run its business, covering a broad list of operational functions from hosting to payment processing to email delivery.

This analysis describes what Databricks's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

The breadth of service provider categories means your data may flow to numerous third parties, and the protections applied to your data depend on Databricks' contracts with each of those vendors.

Change history

added Jun 10, 2026

Provides transparency about routine sharing with service providers performing standard business functions, distinguishing this from advertising/analytics partner sharing.

View full change record →

Consumer impact (what this means for users)

Your personal information collected by Databricks may be shared with multiple third-party vendors operating in various service categories, and the security and handling of your data by these vendors depends on Databricks' vendor management practices rather than being directly visible to you.

How other platforms handle this

Bumble Medium

We may also share your personal information with third parties that assist us in providing our services, or where we are under an obligation to report to. But rest assured: we will only ever share your personal information in the limited circumstances described in this Policy.

Betterment Medium

We may share your personal information with third parties in the following circumstances: With service providers who perform services on our behalf, such as data analytics, marketing, customer service, and technology services. With financial partners, including banks, brokerage firms, and payment pr...

Nintendo Medium

We may share your information with third parties that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. We may also share your information with business partners who offer products or services that...

See all platforms with this clause type →

Monitoring

Databricks has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
We may share your personal information with third-party service providers that perform services on our behalf, such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.

— Excerpt from Databricks's Databricks Privacy Notice

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

REGULATORY LANDSCAPE: Under GDPR Article 28, sharing with service providers who process personal data on Databricks' behalf requires written data processing agreements with each processor. Under CPRA, service providers must be bound by written contracts limiting downstream data use. The FTC has authority over inadequate vendor data protection practices. Relevant enforcement authorities include EU supervisory authorities, the California Privacy Protection Agency, and the FTC. GOVERNANCE EXPOSURE: Low to Medium. Service provider sharing for operational purposes is standard practice and expected in enterprise software contexts. The risk is in the adequacy of downstream contracts and the scope of permitted secondary uses by vendors. JURISDICTION FLAGS: EU/EEA and California create the highest compliance requirements for documented processor agreements with service providers. Healthcare and financial services contexts may impose additional restrictions on vendor sharing under HIPAA and GLBA respectively. CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers whose data flows to Databricks should request the list of sub-processors as typically required under GDPR-compliant DPAs, and should assess whether any sub-processor categories create elevated risk for their specific data types. COMPLIANCE CONSIDERATIONS: Compliance teams should verify that Databricks' vendor agreements with listed service providers include appropriate data processing restrictions, confidentiality obligations, and security requirements, and that Databricks maintains an up-to-date sub-processor list consistent with DPA commitments.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC has jurisdiction over inadequate third-party data handling practices that may constitute unfair or deceptive acts affecting consumers
    File a complaint →

Applicable regulations

CCPA/CPRA
California, USA
Connecticut Data Privacy Act Amendments
US-CT
FTC Act Section 5
United States Federal
GDPR
European Union
Indiana Consumer Data Protection Act
US-IN
Kentucky Consumer Data Protection Act
US-KY
Universal Opt-Out Mechanism Expansion 2026
US

Provision details

Document information
Document
Databricks Privacy Notice
Entity
Databricks
Document last updated
May 5, 2026
Tracking information
First tracked
May 10, 2026
Last verified
May 10, 2026
Record ID
CA-P-009274
Document ID
CA-D-00458
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
8ad61e5a97ddff750d7e35a7ef5319c80767171ee7a2438e8fab48db3b504829
Analysis generated
May 10, 2026 16:34 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Databricks
Document: Databricks Privacy Notice
Record ID: CA-P-009274
Captured: 2026-05-10 16:34:42 UTC
SHA-256: 8ad61e5a97ddff75…
URL: https://conductatlas.com/platform/databricks/databricks-privacy-notice/third-party-service-provider-sharing/
Accessed: July 4, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Low
Categories

Other risks in this policy

Related Analysis

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Databricks's Third-Party Service Provider Sharing clause do?

The breadth of service provider categories means your data may flow to numerous third parties, and the protections applied to your data depend on Databricks' contracts with each of those vendors.

How does this clause affect you?

Your personal information collected by Databricks may be shared with multiple third-party vendors operating in various service categories, and the security and handling of your data by these vendors depends on Databricks' vendor management practices rather than being directly visible to you.

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 2 platforms. See the full comparison.

Is ConductAtlas affiliated with Databricks?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Databricks.