What are the institutional and regulatory implications of this document?

(1) REGULATORY LANDSCAPE: This policy engages GDPR and UK GDPR through its appointment of Article 27-style EU and UK data representatives (Verasafe Ireland Ltd. and Verasafe United Kingdom Ltd.) and its reliance on EU Commission adequacy decisions or Standard Contractual Clauses for cross-border transfers. The policy also engages the California Consumer Privacy Act (CCPA/CPRA) through its Privacy Snapshot, explicit 'Do Not Share' mechanism, and disclosure of data categories and sharing practice…

How does PlanetScale's PlanetScale Privacy Policy affect users?

PlanetScale collects a broad range of personal data including identifiers, device data, online activity, and behavioral inferences, and shares this with advertising partners for interest-based targeting across the web. EU and UK users benefit from formal data representative appointments and cross-border transfer safeguards, while California residents have explicit opt-out rights for advertising data sharing. You can opt out of interest-based advertising data sharing by clicking 'Do Not Share My…

How often is PlanetScale's PlanetScale Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when PlanetScale updates this document?

Yes. Watcher subscribers ($9.99/month) can add PlanetScale to their watchlist and receive same-day email alerts whenever this document or any other PlanetScale document changes.

CA-D-000684

PlanetScale Privacy Policy

PlanetScale

Last change detected May 5, 2026 Privacy policy

SHA-256: 2b2c9ae3a502b44543b… 1 version captured 0 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at PlanetScale ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

1 High severity

6 Medium severity

1 Low severity

Summary

This is PlanetScale's privacy policy explaining what personal data the company collects when you use its database platform and website, and how that data is used and shared. The most important thing to know is that PlanetScale shares your identifiers, usage data, and behavioral inferences with third-party advertising partners for interest-based advertising, though you can opt out of this sharing. You can opt out of interest-based advertising sharing by clicking 'Do Not Share My Personal Information' in the footer of PlanetScale's website or by adjusting cookie settings through the Cookie Policy.

Technical / Legal Breakdown

This Privacy Policy, last updated October 26, 2023, governs PlanetScale Inc.'s handling of personal information collected through its website, database platform, and related services, treating all covered data as pertaining to individuals acting in a business representative capacity rather than a personal or household capacity. The policy states that PlanetScale collects contact details, account credentials, payment information (processed by Stripe), usage data, device and online activity data, marketing data, and inferences; the terms authorize sharing this information with service providers, advertising partners, professional advisors, law enforcement, and business transferees in merger or acquisition scenarios. Notably, the policy explicitly carves out data processed on behalf of enterprise customers as a service provider or processor, meaning that data falls outside this policy's scope entirely, which is operationally significant for B2B customers assessing their own compliance obligations. The policy engages GDPR and UK GDPR through its appointment of EU and UK data representatives (Verasafe) and reliance on EU Commission and UK government adequacy decisions or contractual safeguards for cross-border transfers; it also participates in the EU-US Data Privacy Framework, the UK Extension, and the Swiss-US Data Privacy Framework, with PlanetScale expressly subject to FTC investigatory and enforcement authority. California residents should note the detailed CCPA-aligned Privacy Snapshot disclosing data categories, collection sources, processing purposes, and sharing limitations, including a 'Do Not Share My Personal Information' opt-out for interest-based advertising, though the policy clarifies that personal information is not sold.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

High — 1 provision

Enterprise Customer Data Processor Carve-Out Compare →

If you are an enterprise customer and PlanetScale processes data on your behalf, that data is not covered by this privacy policy and is governed by a separate agreement.

Added May 10, 2026 Standard Seen across 189 platforms

Medium — 6 provisions

Interest-Based Advertising Data Sharing Compare →

PlanetScale shares your data with advertising companies like Google so they can show you targeted ads on other websites and platforms, and to find other users similar to you.

Added May 7, 2026 Standard Seen across 246 platforms
EU-US Data Privacy Framework Certification Compare →

PlanetScale has certified under the EU-US Data Privacy Framework, meaning it has committed to specific data protection standards for data transferred from the EU, UK, and Switzerland to the US, and the FTC can enforce these commitments.

Added May 10, 2026 Standard Seen across 262 platforms
Personal Information Rights and Requests

Depending on where you live, you can request to see, correct, or delete your personal data held by PlanetScale, and opt out of having your data shared for advertising.

Added May 10, 2026 Rare
International Data Transfers and Cross-Border Safeguards Compare →

Your personal data is stored and processed primarily in the US, and may also be sent to PlanetScale's partners in other countries with potentially weaker privacy protections; PlanetScale commits to using legal transfer mechanisms such as adequacy decisions or Standard Contractual Clauses.

Added May 7, 2026 Common Seen across 122 platforms
Privacy Policy Modification Without Individual Notice Compare →

PlanetScale can change its privacy policy at any time; if the changes are significant, users are notified only by a date update on the website, not by email or other direct communication.

Added May 10, 2026 Standard Seen across 262 platforms
Job Applicant Data Collection and Use Compare →

If you apply for a job at PlanetScale, the company collects your resume details, professional history, and any diversity information you choose to share, and uses this for recruiting purposes under a legitimate business interests basis.

Added May 10, 2026 Standard Seen across 251 platforms

Low — 1 provision

Do Not Track Non-Response

If your browser sends a 'Do Not Track' signal, PlanetScale ignores it and will continue to collect and process your data as described in the policy.

Added May 10, 2026 Rare

Monitoring

PlanetScale has updated this document before.

Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

Professional Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Professional free trial

Cross-platform context

See how other platforms handle Enterprise Customer Data Processor Carve-Out and similar clauses.

Compare across platforms →