Privacy Policy

Last Updated on January 1, 2025

This Privacy Policy describes how DigitalOcean, LLC and its affiliates (“DigitalOcean,” “we,” “our” or “us”) collect, use, and share Personal Information (including “Personal Data,” as those terms are defined under applicable law) in connection with your use of our websites (including www.digitalocean.com, www.cloudways.com, and related domains and websites), services, and applications (collectively, the “Services”). This Privacy Policy (the “Privacy Policy”) does not apply to information or content our customers may process when using our Services.

If you are looking for California-specific information, check out our CCPA Privacy Notice as well, which is incorporated into this Privacy Policy.

We may collect and receive information about users of our Services (“users,” “you,” or “your”) from various sources, including: (i) information you provide through your user account on the Services (your “Account”) if you register for the Services; (ii) your use of the Services; and (iii) from third-party websites, services, and partners.

We recommend that you read this Privacy Policy in full, including the Additional Disclosures referenced at the bottom of this document, to ensure you are fully informed. If you have any questions about this Privacy Policy or DigitalOcean’s data collection, use, and disclosure practices, please contact us at privacy@digitalocean.com.

1. Personal Information We Collect

We collect Personal Information about you as follows:

  1. Personal Information You Provide: We collect Personal Information when you register for an Account to use our Services or communicate with us as follows

    I. Account Registration. When you register for an Account, we may ask for your contact information, including your name, company name, address and/or your city and country of residence and postal code, email address, payment method information including your PayPal ID and transaction information, business information, a profile image in connection with use of certain of our Services if you choose to provide one, and telephone number. If you choose to refer a friend to our Services, we may also collect your friend’s email address so that we may send them a referral or promotional code to sign up for our Services.

    II. Payment Information. When you add your financial account information to your Account, that information is directed to our third-party payment processors. We do not store your financial account information on our systems; however, we have access to, and may retain, subscriber information we receive from through our third-party payment processors.

    III. User Content. When you use our Services, we collect Personal Information that is included in the input, file uploads, or feedback that you provide our Services. For example, our “Community” feature allows you to publicly post content on our Services. By registering for our Community, you agree that your profile information and the content you post may be viewed and used by other users and third parties we do not control.

    IV. Communication Information. If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

    V. Other Information You Provide. We collect other information that you may provide to us such as when you participate in events, surveys, research activities, or information you provide to establish your identity.

  2. Personal Information we Receive Automatically: When you interact with or use our Services, we receive the following information:

    I. Log Data. Information that your browser or device automatically sends when you use our Services including but not limited to your IP address.

    II. Device and Configuration Information. Information including the type of the device you are using, operating system, configuration information, device identifiers, location of files and other data, and browser type and settings.

    III. Usage Data. When you use our Services, we may collect information about your engagement with and utilization of our Services, such as processor and memory usage, storage capacity, navigation of our Services, system-level metrics, etc. We use this Usage Data to operate and improve the Services, maintain and improve the performance and utilization of the Services, develop new features, products, or functionality, protect the security and safety of our Services and our customers, and provide customer support. We also use this Usage Data to develop aggregate analysis and business intelligence that enable us to operate, improve, protect, make informed decisions about, and report on the performance of our business.

    IV. Cookies and Other Tracking Technologies. We use cookies and similar technologies to operate and administer the Services and personalize and improve your experience with them. We may also store information that we collect through cookies, log files, and/or clear gifs to record your preferences, to collect information about your use of our Services, about the functionality of our Services, frequency of visits, and other information related to your interactions with the Services. For more information on how we use cookies and similar technologies, please visit the Cookie Policy.

  3. Information We Receive from Third Parties.

    I. Third-Party Accounts. If you choose to link our Services to a third-party account, we will receive information about that account, such as your authentication token from the third-party account, to authorize linking. If you wish to limit the information available to us, you should visit the privacy settings of your third-party accounts to learn about your options.

2. How We Use Personal Information

We use Personal Information for the following purposes and in accordance with the legal bases outlined below:

Purpose Examples Legal bases
To provide, operate, administer, maintain, improve, expand, personalize, and analyze your Usage Data, and to develop new products, Services, features, or functionality based on your Usage Data To create, update, and manage your DigitalOcean account or improve the Services based on Usage Data we collect Performance of a contract or legitimate interest
To process your transactions To share and receive information about your payment method and transaction data from our payment processors Performance of a contract or legitimate interest
To complete surveys or conduct research To develop new services, solutions, and products or get feedback from you on existing services Legitimate interest
To communicate with you (either directly or through a partner) including to send you information about our Services or events or to provide you customer service To manage your online requests for more information or demos or to contact you if needed Take steps prior to entering into a contract or performance of a contract
To send you marketing or promotional materials To send you marketing and promotional materials about DigitalOcean services Legitimate interest
To prevent fraud or misuse of our Services, and to protect the security and integrity of our Services, IT systems, network, and architecture To investigate suspicious or fraudulent activity, to protect our business from fraud or risk, to take action in the event of a security breach, or to investigate any disputes Legitimate interest
To comply with legal obligations and protect our, your, and third parties’ rights, privacy, safety, or security To comply with legal obligations and manage your data access and deletion requests Legal and regulatory obligations to which DigitalOcean is subject

3. How We Share Personal Information

We may share the information we collect in various ways, including the following:

  1. Vendors and Service Providers. We may share information with third-party vendors and service providers that provide services on our behalf, such as helping to provide our Services, for promotional and/or marketing purposes, and to provide you with information relevant to you such as product announcements, software updates, special offers, or other information.

  2. Aggregate Information. Where legally permissible, we may use and share information about users with our partners in aggregated or de-identified form that cannot reasonably be used to identify you.

  3. Advertising. We work with third-party advertising partners to show you ads that we think may interest you. These advertising partners may set and access their own cookies, pixel tags, and similar technologies on our Services, and they may otherwise collect or have access to information about you which they may collect over time and across different online services. Some of our advertising partners are members of the Network Advertising Initiative or the Digital Advertising Alliance. To learn more about these programs, or opt-out of personalized ads, visit the Digital Advertising Alliance’s Self-Regulatory program for Online Behavioral Advertising at www.aboutads.info, or the Network Advertising Initiative at www.networkadvertising.org.

  4. Third-Party Partners. We also share information about users with third-party partners in order to receive additional publicly available information about you.

  5. Information We Share When You Sign Up Through a Referral. If you sign up for our Services through a referral from a friend, we may share information with your referrer to let them know that you used their referral to sign up for our Services.

  6. Analytics. We use analytics providers such as Google Analytics. Google Analytics uses cookies to collect non-identifying information. Google provides some additional privacy options regarding its Analytics cookies at http://www.google.com/policies/privacy/partners/.

  7. Business Transfers. Information may be disclosed and otherwise transferred to any potential acquirer, successor, or assignee as part of any proposed merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.

  8. As Required By Law and Similar Disclosures. We may also share information to (i) satisfy any applicable law, regulation, legal process, or governmental request including requests made by public authorities to meet national security or law enforcement requirements; (ii) enforce this Privacy Policy and our Terms of Service, including investigation of potential violations hereof; (iii) detect, prevent, or otherwise address fraud, security, or technical issues; (iv) respond to your requests; or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.

  9. With Your Consent. We may share information with your consent.

  10. Other Third Parties. We may share your Personal Information with other third parties, such as other cloud hosting providers, such as, for example, when you use our Cloudways Service.

4. Third-party Services

You may access other third-party offerings through the Services, for example by clicking on links to those third-party offerings from within the Services. DigitalOcean is not responsible for the privacy policies and/or practices of these third-party offerings, and we encourage you to carefully review their privacy policies. For the avoidance of doubt, this Privacy Policy does not apply to your use of third party services or sites. By providing these links to third parties, we do not endorse those third party services or sites and such links are provided for your convenience and informational purposes only.

5. Security

DigitalOcean is committed to data security. To do so, we employ a variety of security technologies and measures designed to help protect information from unauthorized access, use, or disclosure. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Information.

For more information on DigitalOcean’s security controls, please see the following resources:

6. Data Retention

We retain your Personal Information for as long as necessary to provide you our Services, or for other legitimate business purposes such as resolving disputes, safety and security reasons, or complying with our legal obligations. How long we retain Personal Information will depend on a number of factors, such as the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, our purpose for processing the information, and any legal requirements.

7. Access

If you are a registered user, you may access certain information associated with your Account by logging into our Services or emailing privacy@digitalocean.com. If you terminate your Account, any public activity on your Account prior to deletion may remain stored on our servers and may remain accessible to the public.

To help protect your privacy and security, we may also take reasonable steps to verify your identity before updating or removing your information. The information you provide us may be archived or stored periodically by us according to backup processes conducted in the ordinary course of business for disaster recovery purposes. Your ability to access and correct your information may be temporarily limited where access and correction could: (i) inhibit DigitalOcean’s ability to comply with a legal obligation; (ii) inhibit DigitalOcean’s ability to investigate, make or defend legal claims; (iii) result in disclosure of personal data about a third party; or (iv) result in breach of a contract or disclosure of trade secrets or other proprietary business information belonging to DigitalOcean or a third party.

8. Your Data Protection Rights Under the General Data Protection Regulation (GDPR)

If you are a resident of the EEA, Switzerland, or the United Kingdom (“UK”), you have the following data protection rights:

  • Right to access, correct, update, or request deletion of your Personal Information, which you can do at any time by emailing privacy@digitalocean.com.

  • Right to delete your Personal Information by deactivating and purging your Account in your control panel settings (e.g., https://cloud.digitalocean.com/settings). All Account data will be deleted within 90 days of purging.

  • Right to object to the processing of your Personal Information, asking us to restrict the processing of your Personal Information, or requesting portability of your Personal Information. Again, you can exercise these rights by emailing privacy@digitalocean.com.

  • Right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing, please contact us by emailing privacy@digitalocean.com.

  • Right to withdraw your consent, if we have collected and processed your Personal Information with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.

  • Right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

9. Your Choices

You can use some of the features of the Services without registering, thereby limiting the type of information that we collect.

You may unsubscribe from receiving certain promotional emails from us. If you wish to do so, simply follow the instructions found at the end of the email.

Many browsers have an option for disabling cookies, which may prevent your browser from accepting new cookies or enable selective use of cookies. Please note that, if you choose not to accept cookies, some features and the personalization of our Services may no longer work for you.

10. Children’s Privacy

DigitalOcean does not knowingly collect information from children under the age of 13, and children under 13 are prohibited from using our Services. If you learn that a child has provided us with Personal Information in violation of this Privacy Policy, you can alert us at privacy@digitalocean.com.

11. Changes to the Privacy Policy

This Privacy Policy may be modified from time to time, so please review it frequently. Changes to this Privacy Policy will be posted on our websites. If we materially change the ways in which we use or share Personal Information previously collected from you through our Services, we will notify you through our Services, on this page, by email, or other communication.

12. International Data Transfers

With respect to Personal Data of Data Subjects located in the EEA, Switzerland, or the United Kingdom that Customer transfers to DigitalOcean or permits DigitalOcean to access, the parties agree that by executing the DPA they also execute the Standard Contractual Clauses, which will be incorporated by reference and form an integral part of the DPA. The parties agree that, with respect to the elements of the Standard Contractual Clauses that require the parties’ input, Schedules 1-3 contain all the relevant information.

DigitalOcean, LLC complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF (“UK Extension”), and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. DigitalOcean has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension. DigitalOcean has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (together with the EU-U.S. Data Privacy Framework Principles, the “DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles will govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. DigitalOcean’s compliance with the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Please also refer to our GDPR FAQ and Data Processing Agreement for more information about data transfers.

DigitalOcean complies with the DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions.

DigitalOcean commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF should first contact DigitalOcean using the details provided below.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, DigitalOcean LLC commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to the American Arbitration Association (“AAA”), an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of AAA are provided at no cost to you.

For complaints regarding DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found in Annex 1 of the DPF Principles.

Contact Us

If you have any questions or concerns about this Privacy Policy, please email us at privacy@digitalocean.com or write to us at:

DigitalOcean

101 6th Ave

New York, NY 10013

ATTN: Legal

The data controller of your personal information is DigitalOcean, LLC.

Additional Disclosures

CCPA Privacy Notice

Prior Versions of our Privacy Policy