This FAQ answers questions we often get about our Terms of Service, our privacy statements, our documentation, our Acceptable Use Policy, and how they all work together. It does not replace any of those, nor is it legally binding on its own.
NOTE: If you have questions or would like to suggest an update, check out our support page.
We believe in transparent communication. That's why we built out a public documentation portal that describes our products, how our services work, and our security and technology compliance programs. Fastly documentation is available to anyone (including all subscribers and prospective subscribers) at https://docs.fastly.com. We contractually stand behind all of our documentation. Anyone can sign up for a free account and confirm that what they see on https://docs.fastly.com matches our services.
We work hard to improve and evolve our services, and we'll update the documentation as that happens and we post changes in our documentation to our changes blog. Anyone can subscribe to receive our changes blog via email or an RSS feed. We also maintain our significant changes blog, which highlights changes to our documentation that might reflect a reduction in features or functionality of our services, changes to our security program, or a significant increase in our subscribers' obligations. You can also subscribe to the significant changes blog by RSS or email.
Our Support Description and SLA describes the hours of availability and response times for all our levels of customer support for our delivery products. The support offering a subscriber receives depends on the level of service a subscriber has purchased from us. The type of SLA a subscriber receives depends on the type of contract and level of support service the subscriber has purchased from us. Our Availability SLA describes our service level commitments for our network. Our Availability SLA also addresses how to work with our support team in the event of a planned (or unplanned) significant spike in usage. Product specific service and support SLAs are included in the product descriptions for Signal Sciences Next-Gen WAF and Signal Sciences Cloud WAF.
The Privacy Policy describes information we collect about visitors to our website and attendees to our corporate events, the information we collect from individuals who register for or authenticate to our edge cloud services, and individuals who submit an application for a career opportunity. It also summarizes our commitments to the EU-US Data Privacy Framework and the Swiss and United Kingdom extensions (together, the "Data Privacy Framework") as set forth by the US Department of Commerce. You can view our notice of Data Privacy Framework self-certification here.
The Privacy Policy doesn't apply to how we process personal information submitted to us by our subscribers (or their internet clients) via our services — these commitments are covered by the privacy policies of our subscribers.
As you'll find with any internet company, when Fastly provides services to our subscribers, we receive some data about their websites and applications. We also learn a lot simply by having such a big presence on the internet. We collect data that is operationally necessary to deliver, maintain and improve our services. Details about how we retain and use data can be found in our Compliance documentation.
Fastly’s security services collect data insights from anomalous activity and suspicious behavior detected by the services. Fastly uses these data insights to further protect its customers and improve Fastly products. Fastly provides additional information about how these data insights are used in Threat Intelligence in the descriptions of Signal Sciences Next-Gen WAF and Signal Sciences Cloud WAF.
Fastly services by default do not process personal data other than IP addresses to route requests and deliver content. Our service can be configured or used at the direction of the customer to process personal data. In addition, Fastly’s data processing terms available here and incorporated by reference into the Fastly Terms of Service, include the European Commission's standard contractual clauses for the transfer of personal data to the U.S.
The data processing terms cover use cases in which a data controller uses or configures the Fastly services to process personal data, to cache or transmit personal data, or to log personal information in your log files, including IP addresses. Like with all source code, service configurations and VCL are not appropriate places to store personal information.
These data processing terms do not apply if you have reached separately agreed terms with Fastly. If you require a signed version of these terms, please contact [email protected]. Fastly considers any changes made to these data processing terms to be a significant update and will post a notice that these data processing terms have been updated on https://docs.fastly.com/changes.
Reach out to your sales representative if you think you have needs or requirements that aren't addressed by our terms, data privacy, documentation, or this FAQ. Feel free to email [email protected] to be connected with a sales team member for assistance.
Fastly is an intermediary between our subscribers and their users. This means we have to put a few rules in place to ensure that we're not held accountable for illegal or harmful things that subscribers (or their users) do while using Fastly services. We expect subscribers and their end users to respect the law while using Fastly. You can find more information in our Acceptable Use Policy, which hosts DMCA information and process.
In addition to being an intermediary between our subscribers and their end users, we often appear to be the provider for subscriber content. If someone has a complaint about content being delivered by or cached on our network, we want to enable the parties involved to resolve their issues as quickly as possible. The fastest way to do that is for Fastly to send a subscriber contact email to the person who alerted us to the potential violation of our Acceptable Use Policy.
Non-Fastly services are services that our subscribers elect to use outside of Fastly. Examples include your origin, a DNS provider, a CMS like WordPress, or something similar. In many cases, Fastly is actually configured to work with these third-party services. The Non-Fastly Services provision gives us permission to work with these services, makes it clear that subscribers are directly responsible for their relationships with third-party service providers, and lets subscribers know that we are not responsible if something goes wrong with a service that Fastly does not provide.
Fastly typically uses three lifecycle categories for releases: beta, limited availability, and general availability. Our product lifecycle guide describes the support and long term availability for each of these categories in more detail. The Beta Services section of our Terms of Service also provides additional information.
At Fastly, we take pride in our customer support and how effectively we are able to respond to subscriber requests. We also want to build an awesome edge cloud service that continues to evolve, and we are very open to suggestions for features and improvements. Our feedback provision ensures that if a subscriber gives us a suggestion about how to improve our service, we can integrate it efficiently.
Usage of our services that interferes with or disrupts the integrity and performance of our services violates our Acceptable Use Policy and may result in the suspension or termination of services to the applicable subscriber. To avoid adversely affecting other subscribers or the Fastly network, a subscriber must promptly respond to any communication from Fastly regarding its use of our services or its users' use of our services if that use interferes or disrupts our services.
As described in our Service Availability SLA, utilization spikes in traffic may interfere with our services and adversely affect other subscribers. In addition, security vulnerability research testing or penetration testing by third parties or our subscribers that do not comply with our instructions may interfere with our services and as a result adversely affect our network or other subscribers. Fastly may take action against any unauthorized use of our services including suspension or termination of a subscriber's account.
We most recently updated our Terms of Service on August 9, 2022. All previous versions of our Terms of Service are archived in our documentation archives site. Our current Data Processing Terms, which are incorporated into our Terms of Service, may be found here. The Terms of Service applicable to you are determined by the date you agreed to them, and stay in effect unless you agree to a new version, which means that updates to our Terms of Service don't affect you until you take significant action with your account. You will be asked to agree to our Terms of Service when you first create an account (usually a trial account). If after that, you switch to a paid month-to-month account, purchase a self-service product, or sign a service order with us, you will be asked to agree to the Terms of Service then in effect. If you are a trial subscriber prior to an update to the Terms of Service, you won't have to accept new terms of service until you convert to a paid account. Some subscribers have other arrangements with us, and updates to the Terms of Service on our website do not affect the terms of their arrangement with us.
We believe in transparency and want to make sure you have the opportunity to see the changes we have made over time. In addition to historical versions of our Terms of Service, we make available all historical versions of the Acceptable Use Policy and the Privacy Policy. Updates to our Acceptable Use Policy are effective for everyone upon posting, but existing subscribers will have thirty days before they become effective for them. Updates to our Privacy Policy are effective thirty (30) days after being posted.
As defined in our subscription documents, Subscriber Data is content transmitted or cached through our network, requests received by the network, and the configurations and credentials of our subscribers. Any content authorized or permitted by a subscriber to be transmitted or cached through our network is Subscriber Data of that subscriber.