Digital Ocean

digitalocean.com · facts updated 1 day ago

Privacy facts at a glance

Jurisdictions: US · EU · EEA · UK · Switzerland · India · Finland · Poland
Subprocessors: 31
Retention: The duration of processing covered by the DPA shall be in accordance with the duration of the Agreement.
Transfer mechanism: EU-U.S. Data Privacy Framework (EU-U.S. DPF), UK Extension to the EU-U.S. DPF, Swiss-U.S. DPF; SCCs and UK Addendum as fallback if DPF is invalidated.
DPA available: Yes
GDPR addressed: Yes
CCPA addressed: Yes

Named subprocessors

Amazon Web Services Cloudflare Traversal BlogVault Immunify360 Telesign Twilio WPRemote Aiven Exa Labs, Inc. Galileo MongoDB

Tracked documents

https://www.digitalocean.com/legal/privacy-policy checked 10 hours ago

https://www.digitalocean.com/legal/terms-of-service-agreement checked 4 hours ago

Data processing agreement

https://www.digitalocean.com/legal/data-processing-agreement checked 3 hours ago

Subprocessor list

https://www.digitalocean.com/trust/subprocessors checked 12 hours ago

Security / trust page

https://www.digitalocean.com/security checked 1 hour ago

Recent changes

Security / trust page 1 day ago

Document updated.

Data processing agreement 1 day ago

Document updated.

Subprocessor list 1 day ago

Document updated.

minor Data processing agreement 2 days ago

DigitalOcean's DPA diff shows navigation/page-structure reformatting and a minor typographical fix ('ThirdParty' corrected to 'Third Party' in section 2.3), with no substantive changes to data handling terms visible in the truncated diff.

Security / trust page 6 days ago

Document updated.

Data processing agreement 6 days ago

Document updated.

Public summary; per-account review history visible to subscribers tracking this vendor.

Track Digital Ocean in your workspace.

Get notified when Digital Ocean adds a subprocessor, changes retention, updates their DPA, or quietly amends their privacy posture.

Start tracking — 14-day trial

No card required.