But I don't see where it's particularly egregious. It shares some data with advertisers (surprise) and only to the extent required for ads and promotions. And it says you can opt out, though it's via email.
e.g. https://www.google.com/policies/privacy/archive/20160325-201...
https://github.com/digitalocean/tos/commit/782ce59ec49a75fe2...
I'm not seeing anything there that substantially differs from the previous version, but IANAL.
Do you expect your doctor to similarly "share your data" for "ads and promotions"? No, because he's getting paid for services rendered.
Its one thing if you are partaking in free service such FB or Google et al but when you are exchanging money for good or services I think this crosses the line. Recent examples of this I have seen are AT&T who sent out notice about Customer Proprietary Network Information, basically selling your data even though in the US you are likely paying AT&T > $100 a month. This blogs has the actual notification:
http://ivebeenmugged.typepad.com/my_weblog/2016/03/att-cpni....
Ditto for Verizon with their supercookies. In Verizon/AT&Ts case their position seems to be "well Google and FB are doing it." and we need to compete.
Another recent example was was ING now Voya Financial Services that manages a 401K retirement accounts sent out a notification to customers explaining that they would be sharing your data with third parties.
This is really a disturbing trend. If the service is free then I think your infomration is fair game but when I am paying for something it needs to be opt in.
And almost without waver the reason these companies give for such actions is "so we can provide yo with better service"
It's sad, and I don't advocate it, but it's true.
However, they do reserve the right to use collected data to pass sales leads to one of our distribution partners, and that is something that sounds very broad. This is one of those things that do not seem to be explicitly forbidden by privacy shield, but totally collide with german law. I do not see how then privacy shield can be legal in Germany, even if the EU commission did enact that framework. I would expect that the german juridical system will block this later on, but well, I'm an optimist – and I might be wrong here.
Still, for the submission title to stay like this, OP should point out what exactly did change that warrants it.
DigitalOcean may share your information with contracted service providers if sharing your information is necessary to provide a Service you have requested, as part of a joint sales promotion or to pass sales leads to one of our distribution partners, or to keep you up-to-date on product announcements, software updates, special offers or other information.
Note the comma after the Service you have requested, and the leading or. I assume your interpretation is probably what they want to say, but it is not what they do say, if I understand correctly what sale leads can be here.
Also note that https://www.privacyshield.gov/article?id=My-Rights-under-Pri... makes no statement in that regard, that sharing with third parties is forbidden. Only that you can ask to be informed (how nice!). Mixing issues here, the privacy shield seems to be a horrible framework for EU-customers, while the DO privacy policy is probably alright. Besides, it is not like DO has much information they could share.
Thank you for your transparency in this change. I received an email notifying me of it. The policy itself is in a public repository - allowing me to see exactly what changed. (Though to be honest, a link to the diff would be a nice-to-have next time.)
I appreciate your forthrightness. After evaluating the changes further, I will be making my decision about whether to continue making use of your services - as I'm sure you would expect.
Sincerely,
A Customer
----
Agree or disagree with the change, they were very up front with their customers that it happened.
Edit: forgt sme lttrs. Also, too many words so I some.
Is it really transparent? Is it really worth the praise?
