Privacy Shield

Last Updated on April 19, 2022

DigitalOcean is committed to protecting your privacy. This Privacy Shield Notice sets out the privacy principles we follow with respect to transfers of personal data from the European Economic Area (“EEA”) and Switzerland to the United States, including personal data we receive from individuals who visit our or our affiliates’ web and mobile sites (“Websites”), who access or use our product or service offerings (“Services”), or who otherwise interact with us (“you”).

We comply with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the EU and the United Kingdom and/or Switzerland. DigitalOcean, LLC and certain of its controlled US affiliates * (together, DigitalOcean) has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information.

The Federal Trade Commission has jurisdiction over our compliance with the Privacy Shield.

For more information about the Privacy Shield generally, and to view our certification online, please visit https://www.privacyshield.gov.

If there is any conflict between the terms of this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

* As of April 19, 2022, the following entities are included in DigitalOcean’s Privacy Shield Certification: Serverstack, Inc.; DigitalOcean Holdings

Types of Personal Data We Collect and Use

The types of personal data we may receive in the United States, as well as the purposes for which we collect and use it, are set out in our Privacy Policy.

We will only process personal data in ways that are compatible with the purposes we collected it for or for purposes you later authorize. Before we use your personal data for a materially different purpose, we will provide you with the opportunity to opt-out.

Transfers to Third Parties

Information about the types of third parties to which we disclose personal data and the purposes for which we do so is described in our Privacy Policy.

If we have received your personal data in the United States and subsequently transfer that information to a third party acting as an agent, and such third-party agent processes your personal data in a manner inconsistent with the Privacy Shield Principles, we will remain responsible unless we can prove we are not responsible for the event giving rise to the damage.

Disclosures for National Security or Law Enforcement

Please note that under certain circumstances, we may be required to disclose your personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Access, Correction and Deletion Rights

You may have the right to access personal data that we hold about you and request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of a third party. If you would like to request access to, correction, amendment, or deletion of your personal data, you can submit a written request to the contact information provided below. We may request specific information from you to confirm your identity.

Your Choices

We commit to giving you an opportunity to opt out if personal data we control about you is to be disclosed to another independent third party or is to be used for a purpose that is materially different from those set out in our Privacy Policy. Where sensitive personal data is involved, we will obtain your express opt-in consent to do such things. If you otherwise wish to limit the use or disclosure of your personal data, please write to us at the contact details set out below. You can also ask us to remove you from any mailing list to which you previously subscribed by sending us an email or by following the “unsubscribe” link in any marketing communications we send to you.

Questions or Complaints

In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal data. EEA and Swiss individuals with inquiries or complaints regarding our Privacy Shield practices should first contact us at privacy@digitalocean.com.

If a complaint cannot be resolved with us directly, we have agreed to cooperate with JAMS. If you are not satisfied with the resolution of your complaint, please contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield to address complaints.

You may, under limited circumstances, invoke binding arbitration for complaints not resolved by the above mechanisms. Additional information can be found at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

DigitalOcean is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission with regards to our compliance with the EU–U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.