This analysis describes what Supabase's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The protection offered to users' personal information when shared with third parties is limited to 'reasonable' confidentiality terms, not an absolute prohibition on use.
Interpretive note: The excerpt does not define 'reasonable' or specify what the restricting provisions prohibit or permit. The qualifier 'reasonable' is preserved exactly but its practical scope is unspecified.
The updated policy discloses that Supabase may use business contact information, including email domains, to identify organizations for sales and marketing outreach. The policy now explicitly states that personal information will be shared with Customer.io, a marketing communications service provider. For marketing communications, the policy relies on user consent for three purposes: sending marketing messages, using approximate location information to determine relevant communications, and combining personal information from different sources for relevance determination. These three consents operate independently, meaning you can grant or withdraw any of them without affecting the others. You can manage these marketing-related consents separately through the consent mechanisms available in your account or in response to marketing communications.
View change record →Third parties who receive users' personal information through Supabase are subject to reasonable confidentiality and use restrictions, though the specific scope of those restrictions is not defined.
How other platforms handle this
These companies are subject to contractual obligations governing privacy, data security, and confidentiality consistent with applicable laws.
We will disclose personal information to companies that help us run our business to detect, prevent, or otherwise address fraud, deception, illegal activity, misuse of Adobe Services and Software, and security or technical issues.
We also require these service providers to protect your personal information to at least the same standards that we do.
Monitoring
Supabase has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"These third parties are subject to reasonable confidentiality terms and provisions restricting their use of your personal information— Excerpt from Supabase's Supabase Privacy Policy
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The protection offered to users' personal information when shared with third parties is limited to 'reasonable' confidentiality terms, not an absolute prohibition on use.
Third parties who receive users' personal information through Supabase are subject to reasonable confidentiality and use restrictions, though the specific scope of those restrictions is not defined.
ConductAtlas has identified this type of provision across 290 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Supabase.