This provision authorizes Perplexity to use sub-processors to fulfill its service obligations, requires advance notice of sub-processor changes, provides a customer objection window, and permits termination if an objection cannot be resolved.
This analysis describes what Perplexity AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This clause governs the sub-processor oversight mechanism required by GDPR Article 28(2); the practical enforceability of the objection right depends on the notice period length and whether the termination remedy is commercially available to the customer without penalty.
Interpretive note: The specific notice period for sub-processor changes was not recoverable from the rendered HTML; the practical adequacy of the objection mechanism depends on that period, which requires review of the full document text.
Under this clause, enterprise customers receive advance notice of new or replacement sub-processors and may raise a written objection within the specified period; if no objection is raised within the window, the sub-processor change proceeds under the DPA terms.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
Monitoring
Perplexity AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Perplexity shall provide Controller with prior written notice of any intended changes concerning the addition or replacement of sub-processors. Controller may object to such changes within the timeframe specified in the notice. If Controller objects and the parties cannot resolve the objection, Controller may terminate the applicable services.— Excerpt from Perplexity AI's Perplexity Data Processing Addendum
REGULATORY LANDSCAPE: GDPR Article 28(2) requires that processors obtain controller authorization before engaging sub-processors, either specifically or generally. General authorization with a notice-and-objection mechanism is a common GDPR-compliant approach, but regulators expect that the objection right be meaningful and the notice period sufficient. The Irish DPC and other EU supervisory authorities have issued guidance on sub-processor obligations. GOVERNANCE EXPOSURE: Medium. The adequacy of the notice period is critical: if the window is short (for example, less than 14 days), customers may face operational difficulty in conducting a timely sub-processor assessment. The document does not specify the exact notice period in the extracted text, which limits assessment of adequacy. JURISDICTION FLAGS: EU/EEA and UK users are most directly affected. CCPA service provider agreements also require disclosure of sub-processors engaged in personal information processing. Organizations in regulated sectors (healthcare, financial services) face heightened sub-processor due diligence obligations. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should confirm that the notice period is sufficient for internal sub-processor risk assessment, that the termination remedy for unresolved objections does not trigger contractual penalties, and that Perplexity's current sub-processor list is accessible and kept current. COMPLIANCE CONSIDERATIONS: Compliance teams should establish a process to monitor Perplexity's sub-processor list updates and document objection assessments. Sub-processor changes may require updates to the customer's own vendor management records, data maps, and privacy notices.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This clause governs the sub-processor oversight mechanism required by GDPR Article 28(2); the practical enforceability of the objection right depends on the notice period length and whether the termination remedy is commercially available to the customer without penalty.
Under this clause, enterprise customers receive advance notice of new or replacement sub-processors and may raise a written objection within the specified period; if no objection is raised within the window, the sub-processor change proceeds under the DPA terms.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Perplexity AI.