Figma · Figma Privacy Policy

International Data Transfers (SCCs)

Medium severity
Share 𝕏 Share in Share

What it is

If you are located in the EU, UK, or EEA, Figma transfers your personal data to the United States using Standard Contractual Clauses (SCCs) as the legal mechanism to protect that transfer.

Why it matters

Your data leaves the EU/UK and is subject to US law, which provides different privacy protections than European law — this is a significant consideration for enterprise users with compliance obligations.

Institutional analysis (Compliance & legal intelligence)

Reliance on SCCs for US transfers requires a valid Transfer Impact Assessment (TIA) under Schrems II (CJEU C-311/18) and the EDPB guidance. Procurement and legal teams should request documentation of these assessments and verify supplementary measures are in place.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Consumer impact

Figma collects a broad range of personal data including usage patterns, device information, and payment details, and may use this data for AI/ML model improvement and targeted advertising. Your design content and collaboration activity may be processed and shared with third-party service providers and advertising partners. You can submit a privacy rights request (access, deletion, opt-out of data sale/sharing) through Figma's privacy request form at https://www.figma.com/privacy-request/.

Applicable agencies

  • FTC
    The FTC enforces US privacy commitments including cross-border data transfer frameworks relevant to international data flows.
    File a complaint →

Provision details

Document information
Document
Figma Privacy Policy
Entity
Figma
Document last updated
March 24, 2026
Tracking information
First tracked
March 20, 2026
Last verified
March 20, 2026
Record ID
CA-P-00206002
Document ID
CA-D-00206
Evidence Provenance
Source URL
https://www.figma.com/legal/privacy/
Wayback Machine
View archived versions →
SHA-256
253b198f1fbf60b34a986a2e93d09220cb0fa33fe4d49a8da4f60a06511ca255
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Figma | Document: Figma Privacy Policy | Record: CA-P-00206002
Captured: 2026-03-20 05:46:58 UTC | SHA-256: 253b198f1fbf60b3…
URL: https://conductatlas.com/platform/figma/figma-privacy-policy/international-data-transfers-sccs/
Accessed: April 4, 2026
Classification
Severity
Medium
Categories
Privacy Governing law Data sharing

Other provisions in this document