What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This agreement engages GDPR through its handling of Personal Information and Aggregated Data derived from customer data; the agreement references a separate Data Processing Addendum (DPA), and customers operating as data controllers under GDPR should assess whether that DPA adequately addresses Article 28 processor obligations, data transfer mechanisms for cross-border processing, and the Aggregated Data carve-out. CCPA applicability may arise for California-based customer…

How does Supabase's Supabase Terms of Service affect users?

Supabase's terms establish that disputes must be resolved through individual arbitration rather than court proceedings unless the customer opts out, which limits access to class action remedies and jury trials. The agreement also permits Supabase to suspend service without prior notice in circumstances including security threats, suspected illegal activity, or non-payment, which could affect business continuity for customers relying on the platform. You can opt out of the arbitration and class …

How often is Supabase's Supabase Terms of Service updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Supabase updates this document?

Yes. Watcher subscribers ($9.99/month) can add Supabase to their watchlist and receive same-day email alerts whenever this document or any other Supabase document changes.

CA-D-000681

Supabase Terms of Service

Supabase

Last change detected May 6, 2026 Terms of service

SHA-256: 0f68e0578c23fa9e89d… 2 versions captured 1 change documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Supabase ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

2 High severity

5 Medium severity

1 Low severity

Summary

This is the legal agreement that governs your use of Supabase's database and backend cloud platform, covering everything from how you can use the service to what happens when disputes arise. The most important thing to know is that the agreement includes mandatory arbitration and a class action waiver, meaning disputes must generally be resolved individually through arbitration rather than in court, unless you opt out within 30 days of your first acceptance. If you want to preserve your right to sue in court or join a class action, you should send a written opt-out notice to legal@supabase.io within 30 days of first accepting these terms.

Technical / Legal Breakdown

This Agreement governs access to and use of Supabase's proprietary hosted cloud services platform, constituting a binding contract between the customer and Supabase Pte. Ltd., a Singapore-incorporated entity, effective upon click-through acceptance or service access. The agreement states that customers receive a non-exclusive, non-transferable, non-sublicensable license to the services for internal business purposes only, while Supabase retains all intellectual property rights including in Aggregated Data derived from customer use; the terms also authorize Supabase to suspend services without prior notice under defined circumstances including security threats, illegal activity, or payment failures. Notably, the agreement includes a mandatory individual arbitration clause and class action/jury trial waiver applicable to all disputes, with an opt-out mechanism, and a broad competitive use restriction prohibiting use of Supabase IP for competitive analysis or development of competing products; the enforceability of the arbitration clause and class action waiver may be constrained under certain jurisdictions, including EU member states and some US state courts, and does not automatically override applicable consumer protection law. The agreement engages GDPR and other data privacy frameworks through its Personal Information and Aggregated Data definitions and its data processing representations; customers operating under GDPR, CCPA, or sector-specific regulations should evaluate whether Supabase's use of Aggregated Data derived from customer data and the DPA referenced in the agreement satisfy their upstream compliance obligations. Customers subject to Singapore law as governing law should note that Section 13 dispute resolution provisions are stated to apply to the fullest extent permitted by applicable law, which may limit enforceability outside the US context.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

1 important change detected

2 versions captured · Last updated: May 2026

May 6, 2026

medium

What changed Supabase updated its legal entity from a Delaware corporation to a Singapore-based company and refined several procedural details in its Terms of Service. Key changes include clarifying how agreement acceptance works (clicking an explicit 'I Accept' button rather than implicit sign-up), updating documentation URLs, and adding a new section addressing AI-powered support tools. The shift to Singapore incorporation may affect which laws govern disputes and how certain consumer protections apply depending on your location.

Why this matters The relocation of Supabase's legal entity from Delaware to Singapore may affect which jurisdiction's courts and laws apply to disputes, potentially impacting your ability to pursue claims in US courts and changing which consumer protection laws govern your relationship. The requirement to explicitly click 'I Accept' rather than accepting through sign-up or service use clarifies consent but does not substantively change the agreement's terms. The new section on AI-powered tools discloses that Supabase may use AI chatbots for customer support; review that section to understand how such tools may process your inquiries.

View full change record →

High — 2 provisions

Mandatory Individual Arbitration Compare →

All disputes with Supabase must be resolved through individual arbitration, not in court, unless you send a written opt-out notice within 30 days of first accepting these terms.

Added May 8, 2026 Standard Seen across 189 platforms
Class Action and Jury Trial Waiver Compare →

You give up your right to sue Supabase in court, have a jury decide your case, or join a class action lawsuit against Supabase.

Added May 8, 2026 Standard Seen across 189 platforms

Medium — 5 provisions

Aggregated Data as Supabase Intellectual Property Compare →

Supabase can use anonymized and aggregated data derived from your data and usage to improve and analyze its services, and this derived data is treated as Supabase's own intellectual property.

Added May 10, 2026 Standard Seen across 198 platforms
Service Suspension Without Prior Notice

Supabase can cut off your access to the platform at any time if it reasonably determines there is a security threat, illegal activity, non-payment, or other defined risk, potentially without advance notice.

Added May 10, 2026 Rare
Competitive Use Prohibition Compare →

You are not allowed to use Supabase's platform or documentation to analyze or develop competing products, or for any purpose that harms Supabase's commercial interests.

Added May 10, 2026 Standard Seen across 179 platforms
Limitation of Liability Compare →

Neither party can claim lost profits, indirect damages, or consequential damages from the other, regardless of the circumstances or whether the harm was foreseeable.

Added May 8, 2026 Standard Seen across 228 platforms
Governing Law and Venue Compare →

Any legal dispute not resolved through arbitration will be handled under California law in the courts of San Francisco, regardless of where you are located.

Added May 10, 2026 Standard Seen across 187 platforms

Low — 1 provision

Customer Data Ownership and License to Supabase Compare →

You own your data, but you grant Supabase a broad license to use, copy, and display it as needed to operate the service.

Added May 10, 2026 Standard Seen across 198 platforms

Monitoring

Supabase has updated this document before.

Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

Professional Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Professional free trial

Cross-platform context

See how other platforms handle Aggregated Data Commercialization and similar clauses.

Compare across platforms →