Fireworks AI may buy your name and mailing address from data brokers or other third parties and combine that purchased information with data it already holds about you to send you marketing mail.
This analysis describes what Fireworks AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This clause establishes the operational basis for Fireworks AI's direct mail marketing program, specifying that the company sources contact information from external data brokers rather than solely from direct user interactions. The provision clarifies that combined data sets—whether from third-party brokers or direct collection—are governed under the company's Privacy Notice framework.
Your personal data may be acquired from data brokers and combined with your account data, which could result in receiving unsolicited direct mail and in Fireworks holding a richer profile of you than you explicitly consented to. California residents have the right to opt out of the sale or sharing of their personal information by contacting privacy@fireworks.ai.
Cross-platform context
See how other platforms handle Third-Party Data Broker Acquisition for Marketing and similar clauses.
Compare across platforms →Monitoring
Fireworks AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Data Providers. To provide our direct mail marketing services, we may purchase or receive personal data, such as name and mailing addresses, from data providers and third parties. We use this information to send Fireworks mailings with information on new products and services offered by Fireworks or our clients. We may combine this information with other information we collect from or about you. In these cases, our Privacy Notice governs the handling of the combined information.— Excerpt from Fireworks AI's Fireworks AI Privacy Policy
REGULATORY LANDSCAPE: This provision implicates CCPA and CPRA, which require disclosure of data broker sourcing and provide California residents with opt-out rights for sale or sharing of personal information. GDPR Article 14 requires notice to individuals whose data is obtained from third parties, including the source and categories of data, which this policy partially addresses but may not satisfy in full depending on implementation. The FTC Act applies to potentially deceptive or unfair acquisition and combination practices. GOVERNANCE EXPOSURE: High. The purchase and combination of externally sourced personal data with internally held account data creates compounding data lineage and consent chain obligations. The statement that this notice governs the combined information may not be sufficient to satisfy Article 14 individual notification requirements under GDPR, which have specific timing and delivery obligations. JURISDICTION FLAGS: California residents under CPRA have the right to know about data broker sourcing and to opt out. EU and UK users have Article 14 rights to notification when data is not collected directly from them. Illinois, Virginia, Colorado, and other states with comprehensive privacy laws may impose similar obligations. Heightened exposure exists for EU and California-based users. CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers whose employee data may be included in purchased data broker lists should assess whether their own employee privacy notices and consent mechanisms account for this downstream processing. Data broker vendor agreements used by Fireworks should be assessed for adequacy under applicable data protection law. COMPLIANCE CONSIDERATIONS: Compliance teams should map the data broker acquisition pipeline, confirm whether Article 14 notices are being delivered to EU users whose data is sourced externally, and verify that CCPA-compliant opt-out mechanisms for data broker-sourced data are accessible and functional. The policy should be reviewed to confirm that marketing use of broker-sourced data is covered by an appropriate legal basis beyond the current notice-only approach.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This clause establishes the operational basis for Fireworks AI's direct mail marketing program, specifying that the company sources contact information from external data brokers rather than solely from direct user interactions. The provision clarifies that combined data sets—whether from third-party brokers or direct collection—are governed under the company's Privacy Notice framework.
Your personal data may be acquired from data brokers and combined with your account data, which could result in receiving unsolicited direct mail and in Fireworks holding a richer profile of you than you explicitly consented to. California residents have the right to opt out of the sale or sharing of their personal information by contacting privacy@fireworks.ai.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Fireworks AI.