Skip to content
Snowflake Inc.
무료로 시작하기

Questions?

Languages:
  • Deutsch
  • Français
  • Español
  • English
  • 日本語
  • 한국어
  • 플랫폼 개요
    • Workloads
    • 플랫폼 개요
    • SNOWFLAKE 데이터 마켓플레이스
    수많은 데이터 워크로드, 하나의 플랫폼
    • 데이터 웨어하우스

      최신 클라우드 데이터 웨어하우스를 지원하도록 구축된 데이터 플랫폼을 통해 분석 속도 향상

    • 데이터 레이크

      데이터를 한 곳에서 안전하고 안정적이며 사용하기 쉽게 만드십시오.

    • 데이터 엔지니어링

      간단하고 신뢰할 수 있는 데이터 파이프라인을 다양한 프로그래밍 언어로 구축

    • 데이터 사이언스

      다양한 레임워크로 모델링 하기 위한 데이터 준비 간소화

    • 데이터 애플리케이션

      비용 효율적으로 확장되고 지속해서 빠른 분석 성능을 제공하는 데이터 집약적 애플리케이션 개발 간소화

    • 데이터 공유

      비즈니스 생태계 전반에서 라이브 데이터 공유 및 협업

    데이터 클라우드: 데이터가 번성하는 곳

    Snowflake의 고객이 공유 데이터를 서로 간에 그리고 상용 데이터 공급업체 및 데이터 서비스 공급자와 안전하게 공유하고 소비하는 에코시스템에 참여하십시오.

    Learn More
    • Rise of the Data Cloud Podcast
    • Become a Member of the Data Cloud Academy
    Snowflake Data Marketplace가 특별한 이유

    번거롭게 오래된 데이터를 복사하고 이동하지 않고, 실시간으로 통제된 라이브 데이터 세트에 안전하게 액세스할 수 있습니다.

    자세히 알아보기
  • Solutions
    • Industry Solutions
    • Department Solutions
    • 금융 서비스

      고객 경험 개인화, 효율성 개선, 리스크 추가 완화

    • 광고, 미디어, 엔터테인먼트

      소비자에게 고도로 맞춤화된 컨텐츠와 경험 제공

    • 소매 및 소비재

      전방위 데이터 주도 고객 경험 제공

    • 의료 및 생명 과학

      모든 의사 결정에 영향을 미치는 거의 모든 데이터로 더 건강한 미래 구축

    • 테크놀러지

      분석 제공, 혁신 강화, 손쉬운 확장

    • 공공 부문

      데이터를 사용하여 IT 최신화 촉진, 임무 추진, 시민 서비스 개선

    • 교육

      데이터를 활용하여 교육 우수성 강화, 협업 촉진

    • 제조

      IoT 및 AI를 통해 혁신을 이끌어 공급망 효율성을 극대화하고 데이터를 통해 생산 품질을 개선합니다.

    Snowflake가 부서에 데이터를 전달하는 방식

    마케팅 분석이든, 보안 데이터 레이크든, 아니면 다른 영업부문이든 Snowflake를 통해 본질적으로 모든 데이터를 쉽게 저장·액세스 통합·분석하는 방법을 알아보십시오.

    • 마케팅 분석

      전방위적인 고객 관점 획득, 관련 제안 생성, 마케팅 투자 수익 확대

    • IT

      Drive agility, business transformation, and employee experience with the Data Cloud

  • 데이터 마켓플레이스
    • 데이터 소비자
    새로운 데이터 주도 비즈니스 분석 생성

    타사 데이터에 액세스하여 조직에 대한 심층적인 분석을 제공하고 이미 협력하고 있는 SaaS 공급업체의 데이터를 Snowflake 계정으로 바로 연결할 수 있습니다.

    자세히 알아보기
  • Snowflake 파트너 네트워크
    • 파트너 개요
    • 데이터 공급자
    Snowflake Partner Network

    If you’re moving data into Snowflake or extracting insight out of Snowflake, our technology partners and system integrators will help you deploy Snowflake for your success.

    Learn More
    Data Providers

    As a Snowflake customer, easily and securely access data from potentially thousands of data providers that comprise the ecosystem of the Data Cloud. Also engage data service providers to complete your data strategy and obtain the deepest, data-driven insights possible.

    Learn More
  • 지원 및 서비스
    • 프로페셔널 서비스
    • 지원
    Snowflake 프로페셔널 서비스

    Snowflake 프로페셔널 서비스의 지원을 받아 Snowflake로 비즈니스 목표를 최적화하고 가속화하며 달성하십시오.

    연락처
    기타 서비스
    • 지원
    지원

    필요한 지원을 원할 때 받을 수 있으므로 Snowflake 데이터 클라우드를 지속적으로 활용할 수 있습니다.

    자세히 알아보기
  • Resources
    • 리소스
    • 블로그
    • Webinar
    Snowflake 리소스
    View All
    Snowflake 블로그
    View All
    • 회사에 관한 정보
    • 사고적 리더십
    • 파트너 및 고객 가치
    • 산업별 솔루션
    웨비나
    • 모든 웨비나 보기
    • 라이브 데모
    • 영업시간
    I want to...
    • Visit the Snowflake Blog
    • View Snowflake pricing
  • 회사
    • About
    Snowflake를 이끌어가는 이들

    Snowflake의 기술을 존재하게 하는 직원들에 대해 알아보십시오. 여러분과 여러분의 조직을 지원할 다양하고 열정적인 비즈니스 및 기술 전문가들이 있습니다.

    자세히 보기 연락처
무료로 시작하기
  • 플랫폼 개요
  • Solutions
  • 데이터 마켓플레이스
  • Snowflake 파트너 네트워크
  • 지원 및 서비스
  • Resources
  • 회사

Questions?

  • Deutsch
  • Français
  • Español
  • English
  • 日本語
  • 한국어
  • Workloads
  • Platform Overview
  • Snowflake Marketplace
  • What is the Data Cloud
Many Data Workloads, One Platform
  • Data Warehouse
  • Data Lake
  • Data Engineering
  • Data Science & ML
  • Data Applications
  • Collaboration
  • Cybersecurity
  • Unistore
Calculate Your Estimated Benefits of Migrating to Snowflake Get Started
A Modern Data Platform

Find out what makes Snowflake unique thanks to an architecture and technology that enables today’s data-driven organizations.

Learn More
  • Architecture
  • Security and Trust
  • Pricing
612% ROI? Read Forrester’s Total Economic Impact™ Study of Snowflake Download Now
What Makes Snowflake Marketplace Unique?

Securely access live and governed data sets in real time, without the risk and hassle of copying and moving stale data.

Learn More Watch Demo
Improve Marketing Analytics with Snowflake and iKnowlogy Learn More
Data Cloud: Where Data Thrives

Join the ecosystem where Snowflake customers securely share and consume shared data with each other, and with commercial data providers and data service providers.

Learn More
  • Rise of the Data Cloud Podcast
  • Become a Member of the Data Cloud Academy
Snowflake Summit 2022 is all about The World of Data Collaboration. Come join us! Learn More
  • Industry Solutions
  • Department Solutions
  • Financial Services
  • Advertising, Media & Entertainment
  • Healthcare & Life Sciences
  • Retail & CPG
  • Technology
  • Public Sector
  • Education
  • Manufacturing
Leverage Data to Uplevel Your Retail Holiday Planning | Live Webinar July 28 Register Now
How Snowflake Delivers to the Department

Whether its marketing analytics, a security data lake, or another line of business, learn how you can easily store, access, unite, and analyze essentially all your data with Snowflake.

  • Marketing Analytics
  • Product Development
  • IT
612% ROI? Read Forrester’s Total Economic Impact™ Study of Snowflake Download Now
  • For Consumers
  • For Providers
Create New Data-Driven Business Insights

Access third-party data to provide deeper insights to your organization, and get your own data from SaaS vendors you already work with, directly into your Snowflake account.

Learn More
The Modern Way to Share and Monetize Your Data

Generate more revenue and increase your market presence by securely and instantly publishing live, governed, and read-only data sets to thousands of Snowflake customers.

Learn More
  • Partner Overview
  • Technology Partners
  • Services Partners
  • Cloud Partners
  • Data Providers
  • Powered by Snowflake
Snowflake Partner Network

If you’re moving data into Snowflake or extracting insight out of Snowflake, our technology partners and system integrators will help you deploy Snowflake for your success.

Learn More
Technology Partners

Snowflake Technology Partners integrate their solutions with Snowflake, so our customers can easily get data into Snowflake and insights out of Snowflake by creating a single copy of data for their cloud data analytics strategy.

Learn More
  • Snowpark Accelerated
  • Snowflake Ready Technology Validation Program
  • Data Governance Accelerated
Service Partners

Snowflake Services Partners provide our customers with trusted and validated experts and services around implementation, migration, data architecture and data pipeline design, BI integration, ETL/ELT integration, performance, running POCs, performance optimization, and training.

Learn More
Cloud Partners

Snowflake is available on AWS, Azure, and GCP in countries across North America, Europe, Asia Pacific, and Japan. Thanks to our global approach to cloud computing, customers can get a single and seamless experience with deep integrations with our cloud partners and their respective regions.

Learn More
Data Providers

As a Snowflake customer, easily and securely access data from potentially thousands of data providers that comprise the ecosystem of the Data Cloud. Also engage data service providers to complete your data strategy and obtain the deepest, data-driven insights possible.

LEARN MORE
Powered by Snowflake

Powered by Snowflake program is designed to help software companies and application developers build, operate, and grow their applications on Snowflake. The program offers technical advice, access to support engineers who specialize in app development, and joint go-to-market opportunities.

Learn More
  • Professional Services
  • Education & Training
  • Community
  • Support
Snowflake Professional Services

Work with Snowflake Professional Services to optimize, accelerate, and achieve your business goals with Snowflake.

Learn More Contact Us
  • Education & Training
  • SnowPro Certification
  • Snowflake Community
  • Support
Calculate Your Estimated Benefits of Migrating to Snowflake Get Started
Education & Training

Find the training your team needs to be successful with Snowflake's Data Cloud.

Learn More
  • Instructor-Led Training
  • On-Demand Training
  • SnowPro Certification
Calculate Your Estimated Benefits of Migrating to Snowflake Get Started
Community

Access an ecosystem of Snowflake users where you can ask questions, share knowledge, attend a local user group, exchange ideas, and meet data professionals like you.

Learn More
  • Snowflake Community Login
  • Community Blog
  • Data Heroes
  • Discussions
  • Stack Overflow
  • User Groups
Calculate Your Estimated Benefits of Migrating to Snowflake Get Started
Support

Get the support you need, when you need it, so you can continue to leverage the Snowflake Data Cloud.

Learn More Submit a Case
  • Search for Answers
  • Documentation
  • System Status
  • Releases and Announcements
Calculate Your Estimated Benefits of Migrating to Snowflake Get Started
  • Resource Library
  • Events
  • Webinars
  • Snowflake Blog
  • Developers
  • Rise of the Data Cloud Podcast
See all
  • eBooks
  • Guides
  • Data Cloud Academy
  • Data Cloud Glossary
  • Documentation
  • Patterns
  • Snowflake Community
Weekly Demo Register Now
Events
  • All Events
  • User Groups
  • Data Cloud World Tour: A Global Event Series, August 30 - November 7
Weekly Demo Register Now
Webinars
  • See All Webinars
  • Live Demo
  • Office Hours
  • Virtual Hands-On Labs
  • Snowflake on Snowflake Series
Weekly Demo Register Now
Snowflake Blog
View Blog
Weekly Demo Register Now
Snowflake for Developers

Snowflake enables you to build data-intensive applications without operational burden. Trusted by fast growing software companies, Snowflake handles all the infrastructure complexity, so you can focus on innovating your own application.

Learn More
  • BUILD: The Data Cloud Dev Summit | October 4-5
  • Developer Resources
  • Developer Guides
  • Virtual Hands-On Labs
  • Documentation
  • Stack Overflow
Weekly Demo Register Now

Hear from data leaders to learn how they leverage the cloud to manage, share, and analyze data to drive business growth, fuel innovation, and disrupt their industries.

VIEW ALL
  • Listen on Apple Podcasts
  • Listen on Spotify
  • Listen on Simplecast
Weekly Demo Register Now
  • About
  • Customers
  • Careers
  • Newsroom
The Who of Snowflake

Learn about the talent behind the technology. A diverse and driven group of business and technology experts are here for you and your organization.

Read More
  • Investor Relations
  • Leadership & Board
  • Our Values
  • Speakers Bureau
  • Snowflake Ventures
  • ESG at Snowflake
  • Sustainability at Snowflake
  • Snowflake for Good
612% ROI? Read Forrester’s Total Economic Impact™ Study of Snowflake Download Now
Customers
  • Customer Stories
  • Data Drivers Awards
  • Customer Speaker Bureau
The Data Is In: The 2020 Snowflake Customer Experience Report Download Now
Careers at Snowflake

We challenge ourselves at Snowflake to rethink what’s possible for a cloud data platform and deliver on that. We’re looking for people who share that same passion and ambition.

Current Openings
612% ROI? Read Forrester’s Total Economic Impact™ Study of Snowflake Download Now
Press and News

See Snowflake press releases, Snowflake mentions in the press, and download brand assets.

See the Latest
612% ROI? Read Forrester’s Total Economic Impact™ Study of Snowflake Download Now

Data Processing Addendum

This is an archived version of our Data Processing Addendum September 22, 2021. View the current version here.

This Data Processing Addendum (“DPA“) forms part of, and is subject to, the Master SaaS Agreement or other written or electronic terms of service or subscription agreement between the member of the Snowflake Group that is a party to such agreement (“Snowflake“) and the legal entity defined as ‘Customer’ thereunder together with all Customer Affiliates who are signatories to an Order Form for their own Service Account pursuant to such agreement (collectively, for purposes of this DPA, “Customer”, and together with Snowflake, the “Parties“) (such agreement, the “Agreement“). All capitalized terms not defined in this DPA shall have the meanings set forth in the Agreement.

1. Definitions.

“Account” means Customer’s account in the Service in which Customer stores and processes Customer Data.

“Affiliate“ has the meaning set forth in the Agreement.

“Authorized Affiliate“ shall mean a Customer Affiliate who has not signed an Order Form pursuant to the Agreement, but is either a Data Controller or Data Processor for the Customer Personal Data processed by Snowflake pursuant to the Agreement, for so long as such entity remains a Customer Affiliate.

“California Consumer Privacy Act“ or “CCPA“ means the California Consumer Privacy Act of 2018, as may be amended from time to time.

“Customer Data” has the meaning set forth in the Agreement.

“Customer Personal Data” means any Customer Data that is Personal Data.

“Data Controller” means an entity that determines the purposes and means of the Processing of Personal Data.

“Data Processor” means an entity that Processes Personal Data on behalf of a Data Controller.

“Data Protection Laws” means all data protection and privacy laws applicable to the respective party in its role in the Processing of Personal Data under the Agreement, including, where applicable, EU & UK Data Protection Law and the CCPA.

“Data Subject” means the identified or identifiable natural person to whom Customer Personal Data relates.

“EU & UK Data Protection Law” means (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (“GDPR“); and (ii) the GDPR as it forms part of United Kingdom law pursuant to Section 3 of the European Union (Withdrawal) Act 2018 (“UK GDPR“) and the Data Protection Act 2018.

“Personal Data” means any information, including opinions, relating to an identified or identifiable natural person and includes similarly defined terms in Data Protection Laws, including, but not limited to, the definition of “personal information” in the CCPA.

“Processing” shall mean any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination and “Process“, “Processes” and “Processed” will be interpreted accordingly.

“Purposes“ shall mean (i) Snowflake’s provision of the Services as described in the Agreement, including Processing initiated by Users in their use of the Services; and (ii) further documented, reasonable instructions from Customer agreed upon by the Parties.

“Security Incident” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Customer Personal Data.

“Services” means the generally available Snowflake software-as-a-service offering described in the Documentation and procured by Customer, and any other services provided by Snowflake as described under the Agreement, including but not limited to support and technical services.

“Snowflake Group” means Snowflake Inc. and its Affiliates.

“SCCs“ means the standard contractual clauses for the transfer of personal data to third countries approved pursuant to Commission Decision (EU) 2021/914 of 4 June 2021, found at ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.

“Sub-Processor” means any other Data Processors engaged by a member of the Snowflake Group to Process Customer Personal Data.

2. Scope and Applicability of this DPA. This DPA applies where and only to the extent that Snowflake Processes Customer Personal Data on behalf of Customer as Data Processor in the course of providing the Services.

3. Roles and Scope of Processing.

3.1. Role of the Parties. As between Snowflake and Customer, Snowflake shall Process Customer Personal Data only as a Data Processor (or sub-processor) acting on behalf of Customer and, with respect to CCPA, as a “service provider” as defined therein, in each case regardless of whether Customer acts as a Data Controller or as a Data Processor on behalf of a third-party Data Controller (“Third-Party Controller“) with respect to Customer Personal Data. To the extent any Usage Data (as defined in the Agreement) is considered Personal Data under applicable Data Protection Laws, Snowflake is the Data Controller of such data and shall Process such data in accordance with the Agreement and applicable Data Protection Laws.

3.2. Customer Instructions. Snowflake will Process Customer Personal Data only for the Purposes. Customer shall ensure its Processing instructions are lawful and that the Processing of Customer Personal Data in accordance with such instructions will not violate applicable Data Protection Laws. The Parties agree that the Agreement (including this DPA) sets out the exclusive and final instructions to Snowflake for all Processing of Customer Personal Data, and (if applicable) include and are consistent with all instructions from Third-Party Controllers. Any additional requested instructions requires the prior written agreement of Snowflake. Snowflake shall promptly notify Customer if, in Snowflake’s opinion, such an instruction violates EU & UK Data Protection Law. Where applicable, Customer shall be responsible for any communications, notifications, assistance and/or authorizations that may be required in connection with a Third-Party Controller

3.3. Customer Affiliates. Snowflake’s obligations set forth in this DPA shall also extend to Authorized Affiliates, subject to the following conditions:

(a) Customer must exclusively communicate any additional Processing instructions requested pursuant to 3.2 directly to Snowflake, including instructions from its Authorized Affiliates;

(b) Customer shall be responsible for Authorized Affiliates’ compliance with this DPA and all acts and/or omissions by an Authorized Affiliate with respect to Customer’s obligations in this DPA shall be considered the acts and/or omissions of Customer; and

(c) Authorized Affiliates shall not bring a claim directly against Snowflake. If an Authorized Affiliate seeks to assert a legal demand, action, suit, claim, proceeding  or otherwise against Snowflake (“Authorized Affiliate Claim”): (i) Customer must bring such Authorized Affiliate Claim directly against Snowflake on behalf of such Authorized Affiliate, unless Data Protection Laws require the Authorized Affiliate be a party to such claim; and (ii) all Authorized Affiliate Claims shall be considered claims made by Customer and shall be subject to any liability restrictions set forth in the Agreement, including any aggregate limitation of liability.

3.4. Customer Processing of Personal Data.  Customer agrees that it: (i) will comply with its obligations under Data Protection Laws with respect to its Processing of Customer Personal Data; (ii) will make appropriate use of the Services to ensure a level of security appropriate to the particular content of the Customer Personal Data, such as pseudonymizing and backing-up Customer Personal Data; and (iii) has obtained all consents, permissions and rights necessary under Data Protection Laws for Snowflake to lawfully Process Customer Personal Data for the Purposes, including, without limitation, Customer’s sharing and/or receiving of Customer Personal Data with third-parties via the Services.

3.5. Details of Data Processing.

(a) Subject Matter: The subject matter of the Processing under this DPA is the Customer Personal Data.

(b) Frequency and duration: Notwithstanding expiry or termination of the Agreement, Snowflake will Process the Customer Personal Data continuously and until deletion of all Customer Personal Data as described in this DPA.

(c) Purpose: Snowflake will Process the Customer Personal Data for the Purposes, as described in this DPA.

(d) Nature of the Processing: Snowflake will perform Processing as needed for the Purposes, and to comply with Customer’s Processing instructions as provided in accordance with the Agreement and this DPA

(e) Retention Period. The period for which Customer Personal Data will be retained and the criteria used to determine that period shall be determined by Customer during the term of the Agreement via its use and configuration of the Service. Upon termination or expiration of the Agreement, Customer may retrieve or delete all Customer Personal Data as set forth in the Agreement. Any Customer Personal Data not deleted by Customer shall be deleted by Snowflake promptly upon the later of (i) expiration or termination of the Agreement and (ii) expiration of any post-termination “retrieval period” set forth in the Agreement.

(f) Categories of Data Subjects: The categories of Data Subjects to which Customer Personal Data relate are determined and controlled by Customer in its sole discretion, and may include, but are not limited to:

(i) Prospects, customers, business partners and vendors of Customer (who are natural persons);

(ii) Employees or contact persons of Customer’s prospects, customers, business partners and vendors; and/or

(iii) Employees, agents, advisors, freelancers of Customer (who are natural persons).

(g) Categories of Personal Data: The types of Customer Personal Data are determined and controlled by Customer in its sole discretion, and may include, but are not limited to:

(i) Identification and contact data (name, address, title, contact details);

(ii) Financial information (credit card details, account details, payment information);

(iii) Employment details (employer, job title, geographic location, area of responsibility); and/or

(iv) IT information (IP addresses, cookies data, location data).

(h) Special Categories of Personal Data (if applicable): Subject to any applicable restrictions and/or conditions in the Agreement or Documentation, Customer may also include “special categories of personal data” or similarly sensitive Personal Data (as described or defined in Data Protection Laws) in Customer Personal Data, the extent of which is determined and controlled by Customer in its sole discretion, and which may include, but is not limited to Customer Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data Processed for the purposes of uniquely identifying a natural person, data concerning health and/or data concerning a natural person’s sex life or sexual orientation.

4. Sub-Processing.

4.1. Authorized Sub-Processors. Customer provides Snowflake with a general authorization to engage Sub-processors, subject to Section 4.3 (Changes to Sub-processors), as well as Snowflake’s current Sub-processors listed at www.snowflake.com/legal/snowflake-sub-processors (“Sub-processor Site”) as of the effective date of this DPA and members of the Snowflake Group.

4.2. Sub-Processor Obligations. Snowflake shall: (i) enter into a written agreement with each Sub-processor imposing data protection obligations no less protective of Customer Personal Data as Snowflake’s obligations under this DPA to the extent applicable to the nature of the services provided by such Sub-processor; and (ii) remain liable for each Sub-processor’s compliance with the obligations under this DPA. Upon written request, and subject to any confidentiality restrictions, Snowflake shall provide Customer all relevant information it reasonably can in connection with its applicable Sub-processor agreements where required to satisfy Customer’s obligations under Data Protection Laws.

4.3. Changes to Sub-Processors. Snowflake shall make available on its Sub-processor Site a mechanism to subscribe to notifications of new Sub-processors. Snowflake shall provide such notification to those emails that have subscribed at least fourteen (14) days in advance of allowing the new Sub-processor to Process Customer Personal Data (the “Objection Period”). During the Objection Period, objections (if any) to Snowflake’s appointment of the new Sub-processor must be provided to Snowflake in writing and based on reasonable grounds relating to data protection. In such event, the Parties will discuss those objections in good faith with a view to achieving resolution. If it can be reasonably demonstrated to Snowflake that the new Sub-processor is unable to Process Customer Personal Data in compliance with the terms of this DPA and Snowflake cannot provide an alternative Sub-processor, or the Parties are not otherwise able to achieve resolution as provided in the preceding sentence, Customer, as its sole and exclusive remedy, may provide written notice to Snowflake terminating the Order Form(s) with respect only to those aspects of the Services which cannot be provided by Snowflake without the use of the new Sub-processor. Snowflake will refund Customer any prepaid unused fees of such Order Form(s) following the effective date of termination with respect to such terminated Services.

5. Security.

5.1. Security Measures. Snowflake shall implement and maintain appropriate technical and organizational security measures designed to protect Customer Personal Data from Security Incidents and to preserve the security and confidentiality of the Customer Personal Data in accordance with Snowflake’s Security Addendum found at www.snowflake.com/legal (“Security Addendum”). Snowflake may review and update its Security Addendum from time to time, provided that any such updates shall not materially diminish the overall security of the Services or Customer Personal Data.

5.2. Confidentiality of Processing.  Snowflake shall ensure that any person who is authorized by Snowflake to Process Customer Personal Data (including its staff, agents and subcontractors) shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty).

5.3. No Assessment of Customer Personal Data by Snowflake. Snowflake shall have no obligation to assess the contents or accuracy of Customer Personal Data, including to identify information subject to any specific legal, regulatory, or other requirement. Customer is responsible for reviewing the information made available by Snowflake relating to data security and making an independent determination as to whether the Services meet Customer’s requirements and legal obligations under Data Protection Laws.

6. Customer Audit Rights. 

6.1. Upon written request and at no additional cost to Customer, Snowflake shall provide Customer, and/or its appropriately qualified third-party representative (collectively, the “Auditor“), access to reasonably requested documentation evidencing Snowflake’s compliance with its obligations under this DPA in the form of the relevant audits or certifications listed in the Security Addendum, such as (i) Snowflake’s ISO 27001, HITRUST CSF, and PCI-DSS third-party certifications, (ii) Snowflake’s SOC 2 Type II audit reports, SOC 1 Type II audit reports, HIPAA Compliance Report for Business Associates, and (iii) Snowflake’s most recently completed industry standard security questionnaire, such as a SIG or CAIQ (collectively, “Reports”). 

6.2. Customer may also send a written request for an audit of Snowflake’s applicable controls, including inspection of its facilities. Following receipt by Snowflake of such request, Snowflake and Customer shall mutually agree in advance on the details of the audit, including the reasonable start date, scope and duration of, and security and confidentiality controls applicable to, any such audit. Snowflake may charge a fee (rates shall be reasonable, taking into account the resources expended by Snowflake) for any such audit. The Reports, audit, and any information arising therefrom shall be considered Snowflake’s Confidential Information and may only be shared with a third party (including a Third-Party Controller) with Snowflake’s prior written agreement.

6.3. Where the Auditor is a third-party, the Auditor may be required to execute a separate confidentiality agreement with Snowflake prior to any review of Reports or an audit of Snowflake, and Snowflake may object in writing to such Auditor, if in Snowflake’s reasonable opinion, the Auditor is not suitably qualified or is a direct competitor of Snowflake. Any such objection by Snowflake will require Customer to either appoint another Auditor or conduct the audit itself. Any expenses incurred by an Auditor in connection with any review of Reports or an audit shall be borne exclusively by the Auditor. For clarity, the exercise of audit rights under the SCCs shall be as described in this Section 6 (Customer Audit Rights) and Customer agrees these rights are carried out on behalf of Customer and all relevant Third-Party Controllers, subject to the confidentiality and non-use restrictions of the Agreement.

7. Data Transfers.

7.1. Hosting and Processing Locations. Snowflake will only host Customer Personal Data in the region(s) offered by Snowflake and selected by Customer on an Order Form or as Customer otherwise configures via the Services (the “Hosting Region”). Customer is solely responsible for the regions from which its Users access the Customer Personal Data, for any transfer or sharing of Customer Personal Data by Customer or its Users and for any subsequent designation of other Hosting Regions (either for the same Account, a different Account, or a separate Service). Once Customer has selected a Hosting Region, Snowflake will not Process Customer Personal Data from outside the Hosting Region except as reasonably necessary to provide the Services procured by Customer, or as necessary to comply with the law or binding order of a governmental body.

7.2. Transfer Mechanisms. For any transfers by Customer of Customer Personal Data from the European Economic Area and its member states, United Kingdom and/or Switzerland (collectively, “Restricted Countries”) to Snowflake in a country which does not ensure an adequate level of protection (within the meaning of and to the extent governed by the applicable Data Protection Laws of the Restricted Countries) (collectively, “Third Country”), such transfers shall be governed by a valid mechanism for the lawful transfer of Customer Personal Data recognized under applicable Data Protection Laws, such as those directly below in 7.2.1. For clarity, for transfers from the United Kingdom and Switzerland, references in the SCCs shall be interpreted to include applicable terminology for those jurisdictions (e.g., “Member State” shall be interpreted to mean “United Kingdom” for transfers from the United Kingdom).

7.2.1. SCCs. Each party agrees to abide by and transfer Customer Personal Data from the Restricted Countries in accordance with the SCCs, which are incorporated into this DPA by reference. Each party is deemed to have executed the SCCs by entering into this DPA.

(a) The below shall apply to the SCCs, including the election of specific terms and/or optional clauses as described in more detail in (i)-(x) below, and any optional clauses not expressly selected are not included:

(i) The Module 2 terms apply to the extent Customer is a Data Controller and the Module 3 terms apply to the extent Customer is a Data Processor of the Customer Personal Data;

(ii) The optional Clause 7 in Section I of the SCCs is incorporated, and Authorized Affiliates may accede to this DPA and the SCCs under the same terms and conditions as Customer, subject to Section 3.3 of this DPA via mutual agreement of the Parties;

(iii) For purposes of Clause 9 of the SCCs, Option 2 (“General written authorization”) is selected and the process and time period for the addition or replacement of Sub-processors shall be as described in Section 4 (Sub-processing) of this DPA;

(iv) For purposes of Clause 13 and Annex 1.C of the SCCs, Customer shall maintain accurate records of the applicable Member State(s) and competent supervisory authority, which shall be made available to Snowflake on request;

(v) For purposes of Clause 14(c), Customer may subscribe to the Sub-processor Site to receive notifications regarding updates to Snowflake’s overview of relevant laws and practices of Third Countries;

(vi) For purposes of Clause 17 and Clause 18 of the SCCs, the Member State for purposes of governing law and jurisdiction shall be the Netherlands;

(vii) For purposes of Annex 1.A, the “data importer” shall be Snowflake and the “data exporter” shall be Customer and any Authorized Affiliates that have acceded to the SCCs pursuant to this DPA;

(viii) For purposes of Annex 1.B, the description of the transfer is as described in Section 3.5 (Details of Data Processing) of this DPA;

(ix) For purposes of Annex 2, the technical and organization measures are as follows:  (i)  Those measures implemented by Snowflake shall be as described in Section 5.1 (Security Measures) of this DPA; and (ii) Those measures that can be selected or configured by Customer, including appropriate controls for “special categories of data”, shall be as further described in Snowflake’s Documentation; and

(x) The Sub-processors for Annex III shall be as described in Section 4.1 (Authorized Sub-processors) of this DPA.

(b) Binding Corporate Rules for Processors (“BCRs”): Notwithstanding the foregoing, if Snowflake has adopted BCRs for Processors that cover the transfer of Customer Personal Data to a Third Country, then such BCRs shall govern the transfer of Customer Personal Data.

8. Security Incident Response.

8.1. Security Incident Reporting.If Snowflake becomes aware of a Security Incident, Snowflake shall notify Customer without undue delay, and in any case, where feasible, notify Customer within seventy-two (72) hours after becoming aware. Snowflake’s notification shall be sent to the email registered by Customer within the Service for such purposes, and where no such email is registered, Customer acknowledges that the means of notification shall be at Snowflake’s reasonable discretion and Snowflake’s ability to timely notify shall be negatively impacted.  Snowflake shall promptly take reasonable steps to contain, investigate, and mitigate any Security Incident.

8.2. Security Incident Communications. Snowflake shall provide Customer timely information about the Security Incident, including, but not limited to, the nature and consequences of the Security Incident, the measures taken and/or proposed by Snowflake to mitigate or contain the Security Incident, the status of Snowflake’s investigation, a contact point from which additional information may be obtained, and the categories and approximate number of data records concerned. Notwithstanding the foregoing, Customer acknowledges that because Snowflake personnel do not have visibility to the content of Customer Personal Data, it will be unlikely that Snowflake can provide information as to the particular nature of the Customer Personal Data, or where applicable, the identities, number or categories of affected Data Subjects. Communications by or on behalf of Snowflake with Customer in connection with a Security Incident shall not be construed as an acknowledgment by Snowflake of any fault or liability with respect to the Security Incident.

9. Cooperation.

9.1. Data Subject Requests. Snowflake shall promptly notify Customer if Snowflake receives a request from a Data Subject that identifies Customer Personal Data or otherwise identifies Customer, including where the Data Subject seeks to exercise any of its rights under applicable Data Protection Laws (collectively, “Data Subject Request”). The Service provides Customer with a number of controls that Customer may use to assist it in responding to Data Subject Requests and Customer will be responsible for responding to any such Data Subject Requests. To the extent Customer is unable to access the relevant Customer Personal Data within the Services using such controls or otherwise, Snowflake shall (upon Customer’s written request and taking into account the nature of the Processing) provide commercially reasonable cooperation to assist Customer in responding to Data Subject Requests.

9.2. Data Protection Impact Assessments. Snowflake shall provide reasonably requested information regarding the Services to enable Customer to carry out data protection impact assessments or prior consultations with data protection authorities as required by Data Protection Laws, so long as Customer does not otherwise have access to the relevant information.

9.3. Government, Law Enforcement, and/or Third Party Inquiries. If Snowflake receives a demand to retain, disclose, or otherwise Process Customer Personal Data for any third party, including, but not limited to law enforcement or a government authority (“Third-Party Demand”), then Snowflake shall attempt to redirect the Third-Party Demand to Customer. Customer agrees that Snowflake can provide information to such third-party as reasonably necessary to redirect the Third-Party Demand. If Snowflake cannot redirect the Third-Party Demand to Customer, then Snowflake shall, to the extent legally permitted to do so, provide Customer reasonable notice of the Third-Party Demand as promptly as feasible under the circumstances to allow Customer to seek a protective order or other appropriate remedy. This section does not diminish Snowflake’s obligations under the SCCs with respect to access by public authorities.

10. Relationship with the Agreement.

10.1. The Parties agree that this DPA shall replace and supersede any existing data processing addendum, attachment, exhibit or standard contractual clauses that Snowflake and Customer may have previously entered into in connection with the Services. Snowflake may update this DPA from time to time, with such updated version posted to www.snowflake.com/legal, or a successor website designated by Snowflake; provided, however, that no such update shall materially diminish the privacy or security of Customer Personal Data.

10.2. Except as provided by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict in connection with the Processing of Customer Personal Data. Notwithstanding the foregoing, and solely to the extent applicable to any Customer Personal Data comprised of patient, medical or other protected health information regulated by HIPAA or any similar U.S. federal or state health care laws, rules or regulations (“HIPAA Data”), if there is any conflict between this DPA and a business associate agreement between Customer and Snowflake (“BAA”), then the BAA shall prevail solely with respect to such HIPAA Data.

10.3. Notwithstanding anything to the contrary in the Agreement or this DPA, each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or relating to this DPA, the SCCs, and any other data protection agreements in connection with the Agreement (if any), shall be subject to any aggregate limitations on liability set out in the Agreement. Without limiting the Parties’ obligations under the Agreement, each party agrees that any regulatory penalties incurred by one party (the “Incurring Party”) in relation to the Customer Personal Data that arise as a result of, or in connection with, the other party’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce the Incurring Party’s liability under the Agreement as if it were liability to the other party under the Agreement.

10.4. In no event shall this DPA benefit or create any right or cause of action on behalf of a third party (including a Third-Party Controller), but without prejudice to the rights or remedies available to Data Subjects under Data Protection Laws or this DPA (including the SCCs).

10.5. This DPA will be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement.

Snowflake Inc.
  • 플랫폼 개요
    • 아키텍처
    • 데이터 애플리케이션
  • 데이터 마켓플레이스
  • Snowflake 파트너 네트워크
  • 지원 및 서비스
  • 회사
    • 문의하기

Sign up for Snowflake Communications

Thanks for signing up!

  • Privacy Notice
  • Site Terms
  • Cookie Settings

© 2022 Snowflake Inc. All Rights Reserved