Your contract is with Neon LLC, but Neon is now part of the Databricks corporate family, which may mean Databricks-level terms, data handling practices, or sub-processors also apply to your use of the platform.
This analysis describes what Neon's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This structure means your data and contractual obligations may involve more than one corporate entity, which has practical implications for data protection agreements, liability allocation, and vendor due diligence.
Interpretive note: The full text of the Product Specific Schedule was not available in the provided document; the affiliate structure is confirmed by the meta description but the operational implications for data handling depend on provisions in the full agreement and any applicable master agreement with Databricks.
Customers storing data in Neon databases should confirm whether Databricks entities are identified as sub-processors under applicable data protection law, particularly if operating under GDPR or CCPA compliance obligations.
How other platforms handle this
While the categories of Restricted Content above provide a clear framework, we may also moderate other types of Content in response to evolving challenges posed by advancements in Machine Learning. As we assess such Content, we hold consent as a core value, ensuring our approach remains thoughtful, ...
Mistral AI may monitor use of the Mistral AI Products through automated means in accordance with the Usage Policy. This monitoring is conducted to ensure compliance with Mistral AI's terms and policies, and to maintain the security and integrity of Mistral AI Products. We reserve the right to review...
The Subscription Service will begin on the Subscription Billing Date and continue for the subscription period that you select on your account (such period, the "Initial Subscription Period"), and will automatically renew for successive periods of the same duration as the Initial Subscription Period....
Monitoring
Neon has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"This Neon Platform Services Product Specific Schedule ("Product Specific Schedule") is entered into as of the Effective Date between Neon, LLC ("Neon" or "we"), an affiliate of Databricks, Inc. ("Databricks"), and Customer (as defined below) ("Customer", "you," or "your") and governs Customer's use of the Neon proprietary cloud computing platform— Excerpt from Neon's Neon Terms of Service
(1) REGULATORY LANDSCAPE: The Databricks affiliate relationship engages GDPR Article 28 sub-processor obligations for EU/EEA customers, requiring that any transfer of personal data to or through Databricks entities be covered by appropriate contractual mechanisms. The FTC Act may also apply to representations made about data handling practices across affiliated entities. Enforcement authorities include national data protection authorities within the EU/EEA and the FTC in the United States. (2) GOVERNANCE EXPOSURE: High. The multi-entity structure creates ambiguity about which entity controls or processes customer data, which entity bears liability for data incidents, and whether Databricks' own platform terms impose additional obligations on Neon customers. This is particularly significant for enterprise customers with established data protection compliance programs that relied on Neon as a standalone entity. (3) JURISDICTION FLAGS: EU and EEA customers face the highest exposure, as the Databricks affiliation may constitute a cross-border data transfer requiring standard contractual clauses or equivalent mechanisms. UK customers face similar considerations post-Brexit. California customers should evaluate whether the Databricks relationship affects Neon's status as a CCPA service provider. (4) CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should update vendor assessments to reflect the Databricks affiliation and request a current sub-processor list from Neon. Existing Data Processing Agreements should be reviewed to confirm they cover data flows to and from Databricks-affiliated entities. The product-specific schedule structure implies a parent agreement exists; that parent agreement should be obtained and reviewed for liability caps, indemnification terms, and data handling provisions. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should trigger a vendor relationship review to assess whether the Databricks acquisition or affiliation constitutes a material change requiring notification to regulators, customers, or internal governance bodies. Data mapping exercises should be updated to reflect potential Databricks data flows. Organizations subject to GDPR should confirm whether updated Data Processing Agreements are required.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This structure means your data and contractual obligations may involve more than one corporate entity, which has practical implications for data protection agreements, liability allocation, and vendor due diligence.
Customers storing data in Neon databases should confirm whether Databricks entities are identified as sub-processors under applicable data protection law, particularly if operating under GDPR or CCPA compliance obligations.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Neon.