This analysis describes what Figma's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Because credentials are non-transferable, any sharing—even within a team—constitutes a violation of the Terms, exposing the Customer to enforcement action.
The removal of the Subprocessors list link makes it less convenient for users, particularly enterprise and EU-based customers who rely on this information for data protection compliance, to verify which third parties Figma engages to process their data. While the subprocessor information may still exist on Figma's website, removing the direct link from the Terms of Service reduces accessibility and transparency. Enterprise customers and those subject to GDPR may need to contact Figma directly to access current subprocessor information.
View change record →Each user must have their own account; sharing login credentials with colleagues or others is prohibited.
How other platforms handle this
All users should safeguard their Account sign-in ID, password, passkey, or other authenticating information and take steps to prevent access to your Account by other persons on any shared devices.
Don't share your account credentials or give others access to your account.
If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential. You must not disclose it to any third party.
Monitoring
Figma has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Each Authorized User's account is personal to the Authorized User to which it is issued. Account credentials may not be shared or used by anyone other than the individual to whom they were provisioned.— Excerpt from Figma's Figma Terms of Service
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Because credentials are non-transferable, any sharing—even within a team—constitutes a violation of the Terms, exposing the Customer to enforcement action.
Each user must have their own account; sharing login credentials with colleagues or others is prohibited.
ConductAtlas has identified this type of provision across 266 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Figma.