What is the severity of this clause?

ConductAtlas classifies this EU/EEA Data Subject Rights clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

EU/EEA Data Subject Rights — Fly.io

Share 𝕏 Share in Share 🔒 PDF

Monitor governance changes for Fly.io Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

ⓘ

This analysis describes what Fly.io's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

These rights are legally enforceable and Fly.io is obligated to respond to valid requests, typically within 30 days, giving EU users meaningful control over their personal data.

Consumer impact (what this means for users)

Fly.io collects a range of personal and usage data from platform users, including billing information, log data, and support communications, and may share this data with service providers and in connection with corporate transactions like mergers or acquisitions. Customers who deploy applications on Fly.io are treated as data controllers for their own end users' data, which means compliance responsibility for that downstream data sits primarily with the deploying business rather than Fly.io. You can exercise data access, correction, or deletion rights by contacting Fly.io at the privacy contact details provided in the policy.

How other platforms handle this

Runway Medium

In addition to the above rights, your local laws (including those in the EU, UK, Japan, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Virginia, or Utah) may afford you f...

ADP Medium

If you are a California resident, you may have certain rights under the California Consumer Privacy Act (CCPA). These rights may include: the right to know about personal information collected, disclosed, or sold; the right to delete personal information collected from you; the right to opt-out of t...

TransUnion Medium

Depending on where you live, you may have certain rights with respect to your personal information. These rights may include: The right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which we collected i...

See all platforms with this clause type →

Monitoring

Fly.io has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
If you are located in the European Economic Area, you have certain rights under the General Data Protection Regulation, including the right to access personal data we hold about you, the right to request correction or deletion of your personal data, the right to object to or restrict processing, and the right to data portability.

— Excerpt from Fly.io's Fly.io Privacy Policy

Applicable regulations

Connecticut Data Privacy Act Amendments

US-CT

CAN-SPAM

United States Federal

FTC Act Section 5

United States Federal

GDPR

European Union

Indiana Consumer Data Protection Act

US-IN

Kentucky Consumer Data Protection Act

US-KY

Universal Opt-Out Mechanism Expansion 2026

VPPA

United States Federal

Provision details

Document information

Document

Fly.io Privacy Policy

Entity

Fly.io

Document last updated

May 5, 2026

Tracking information

First tracked

May 7, 2026

Last verified

May 10, 2026

Record ID

CA-P-005360

Document ID

CA-D-00688

Evidence Provenance

Source URL

https://fly.io/legal/privacy-policy/

Wayback Machine

View archived versions →

Content hash (SHA-256)

19a1a2f725780010e94de6f3c43dec738dd179544e2e7fb169307defe20615ae

Analysis generated

May 7, 2026 18:51 UTC

Methodology

summarize_document-v8

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Fly.io
Document: Fly.io Privacy Policy
Record ID: CA-P-005360
Captured: 2026-05-07 18:51:54 UTC
SHA-256: 19a1a2f725780010…
URL: https://conductatlas.com/platform/flyio/flyio-privacy-policy/eueea-data-subject-rights/
Accessed: May 14, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Data Collection Scope medium
Customer Application Data Responsibility high
Third-Party Data Sharing medium
Corporate Transaction Data Transfer medium
Cross-Border Data Transfers medium
User Rights for EU, UK, and California Residents low

Professional Governance Intelligence

Need to monitor specific governance provisions?

Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Professional free trial

Or start with Watcher →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Fly.io's EU/EEA Data Subject Rights clause do?

These rights are legally enforceable and Fly.io is obligated to respond to valid requests, typically within 30 days, giving EU users meaningful control over their personal data.

Is ConductAtlas affiliated with Fly.io?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Fly.io.