Quick Recap of Our Updated Customer Terms

We’ve updated our terms and policies. If you’re a Drata customer, below is a summary of key changes to our most recent updates.
Drata Icon Blue BG Circle Crop

by Drata

March 04, 2024
Customer Terms-1

We update our terms and policies on an annual basis, driven by customer feedback, evolving legal standards, and product updates. A summary of the most recent and key updates is below. If you would like more information about our legal terms, please visit our website here. If you would like more information about our privacy and security practices, please visit our Trust Center.

Our updated Terms of Service - Subscription Agreement (Agreement) will become effective on March 4, 2024. 

Terms of Service - Subscription Agreement (Agreement)

In addition to making many of our terms clearer, we made the following key updates to the Drata Agreement:

Key Changes:

  • To improve readability, Drata has reorganized our Agreement including a table of contents with hyperlinks and a definition section at the end of the Agreement for easier reference.

  • Customers can now download a PDF version of the Agreement.

  • We have updated the ‘Fees’ section in the Agreement to clarify payment, billing, taxes, upgrades, downgrades and updating billing information;

  • To assist Customers with privacy law compliance, Drata has modified the Agreement to provide a direct link to Drata’s signature-ready Data Processing Addendum (see below).

  • We have added an explicit commitment that we will not materially decrease the overall functionality of the Services during a subscription term;

  • We have updated our privacy and security provisions to be even more straightforward, including Drata’s use of third parties to provide the Services to Customers and Customers’ ability to enter into supplemental privacy terms with Drata (e.g. Data Processing Addendum);

  • We have added language giving Customers the right to assign the Agreement without Drata’s consent in the event of an assignment to an affiliate or in connection with a merger or change of control provided that certain conditions are met;

  • We have clarified the process for how Drata updates its Agreement and provides Customers with notice thereof;

  • We have added detail regarding our export compliance and use restrictions that comply with United States and applicable import and export laws and regulations;

  • We have updated our security measures to add an explicit commitment to notify an affected Customer within 48 hours of verifying that the incident affects a Customer’s Customer Data;

  • We have added an insurance provision detailing the minimum coverage types and amounts that Drata will carry; and

  • We have updated the email address for notices under the Agreement to [email protected].

Data Processing Addendum

Drata has revised its Data Processing Addendum (DPA) to better describe Drata processes and procedures.

If you would like to review and execute our DPA, please see here.

Privacy Notice

Drata has modified its Privacy Notice (formerly known as our Privacy Policy) to better describe our privacy practices and to address applicable requirements of GDPR and the CCPA.

We have also updated our Privacy Notice to, among other things, provide more transparency around how we process personal data about users that Drata stores separate from the Services in order to communicate with them regarding Drata’s provision and support of the Services.

Cookie Notice

Drata has modified its Cookie Notice (formerly known as our Cookie Policy) to better reflect cookie practices.

Trusted Newsletter
Resources for you
Launch Alliance Program Allbound Banner

Introducing our New Partner Program: Launch—The Drata Alliance Program

New Year New Capabilities

New Year, Already New Capabilities

AI Best Practices

Essential AI Security Practices Your Organization Should Know

Momentum Blog Thumb

Reflecting on FY24: Resilient Growth and Leadership in Compliance Automation

Drata Icon Blue BG Circle Crop
Drata
Related Resources
Launch Alliance Program Allbound Banner

Introducing our New Partner Program: Launch—The Drata Alliance Program

New Year New Capabilities

New Year, Already New Capabilities

AI Best Practices

Essential AI Security Practices Your Organization Should Know

Momentum Blog Thumb

Reflecting on FY24: Resilient Growth and Leadership in Compliance Automation