Skip to main content

Privacy Policy

CoreWeave, Inc. Privacy Policy

Last Updated

This policy was last updated on October 5, 2022.

This Privacy Policy describes how CoreWeave ("CoreWeave," "we," "our" or "us") collects, uses, and shares information in connection with a customer’s or user’s use of or access to our websites (“Sites”), platforms, applications, services, and solutions (collectively, the "Services"). When you access or use our Services or otherwise disclose information to CoreWeave, we will handle your information in accordance with this Privacy Policy. By using any of our Services, you are agreeing to the terms of this Privacy Policy and Terms of Use.

This Privacy Policy does not address or govern a customer’s “Processed Customer Data,” which is different from the information a customer provides or we collect when a customer interacts with our Sites. Processed Customer Data is data processed by CoreWeave on behalf of the customer during the customer’s access and use of the Services. Each customer that opens an account and accepts the Terms of Service for use of the Services controls and is responsible for the collection, use and disclosure of its Processed Customer Data.

We recommend that you read this Privacy Policy in full to ensure you are fully informed. If you have any questions about this Privacy Policy or CoreWeave's collection, use, and disclosure practices, please contact us at [email protected].

1. Information We Collect

Information You Provide We collect information you provide directly to us. For example, we collect information when you:

  • interact with CoreWeave through our Sites
  • register for an account
  • participate in any interactive features of the Services, request customer support, or otherwise communicate with us.

We may combine information you provide with other personal information we collect from you.

I. Account Registration

When you create an account, we may ask for certain contact information, including items such as name, company name, address, email address, and telephone number, or other information helpful in connection with the administration and personalization of your account.

II. Payment Information

We may collect and store information about the Services you purchase. When you add your financial account and payment information to your account, that information is directed to our third-party payment processor. We do not store your financial account information on our systems.

III. Communications

If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

IV. Content You Submit

We collect the content you submit to the Services and our Sites. This includes any posts and comments, including any messages with us (e.g., email messages, chats, and on our customer-facing Slack channels). This also includes submission of information by you through the “Careers” section of our Sites. Your content may include text, links, images, gifs, and videos.

Information We Collect When You Use Our Services

I. Cookies, Tokens and Other Tracking Technologies

We gather certain information automatically and store it in log files. This information may include, but is not limited to:

  • internet protocol (IP) addresses
  • browser type
  • Internet Service Provider (ISP)
  • referring/exit pages
  • operating system
  • date/time stamp
  • clickstream data
  • landing page
  • referring URL
  • and text analysis.

To collect this information, a cookie or other tracking tool may be set on your computer or device when you use our Services and visit our Sites. This tracking technology contains information that allows our servers to recognize you. We may automatically collect information about your use of features of our Services, about the functionality of our Services, frequency of visits to our Sites, and other information related to your interactions with the Services and our Sites.

We may track your use across different websites and services. Most web browsers are set to accept cookies or similar tracking tools by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies.

Please note that if you choose to remove or reject cookies or similar tracking tools, this could affect the functionality of certain Services or supporting you in your use of the Services. Some of our business partners may use cookies, tokens or other tracking technologies on our Sites. However, we have no access to or control over such tracking technologies used by a third-party.

This Privacy Policy covers the use of cookies, tokens and other similar tracking technologies by CoreWeave only, and does not cover the use of cookies, tokens or other similar tracking technologies by any third-party services.

II. Usage of our Services

When you use our Services, we may collect information about your engagement with and utilization of our Services, such as processor and memory usage, storage capacity, navigation of our Services, and system-level metrics. We use this data to operate the Services, maintain and improve the performance and utilization of the Services, develop new products and features, protect the security, safety and accessibility of our Services and our customers, and provide customer support. We also use this data to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.

III. Log Information

When you access or use the Services, our servers automatically record certain log file information, such as your Internet Protocol ("IP") address, operating system, browser type and language, referring URLs, access times, pages viewed, links clicked and other information about your activities on the Services. We do not alter our data collection and usage practices when we detect a "Do Not Track" signal from your browser.

IV. Mobile Device Information

We collect information about the mobile device you use to access or use the Services and our Sites, including the hardware model, operating system and version, mobile network information and information about your use of our mobile applications.

V. Location Information

We collect information about the precise location of your device using methods that may include GPS, wireless networks, cell towers, and Wi-Fi access points. The processing of location information (as described in this Privacy Policy) is strictly necessary for the purpose of preventing fraud and providing fraud-prevention security measures for individuals.

Information We Receive from Third Parties

If you choose to link our Services to a third-party account, we will receive information about that account, such as your authentication token from the third-party account, to authorize linking. If you wish to limit the information available to us, you should visit the privacy settings of your third-party accounts to learn about your options. This Privacy Policy does not apply to information collected through or by any third party. If you have any questions about such third parties' privacy practices, you should review their privacy policies.

2. How We Use Information

We may use information we collect in various ways, including to:

  • provide, operate, and maintain our Services;
  • improve, personalize, and expand our Services;
  • understand and analyze how you use our Services;
  • market our Services;
  • develop new ways to partner with our potential and registered customers;
  • develop new products, services, features, and functionality;
  • communicate with you, either directly or through one of our partners, including for customer service,
  • to provide you with updates and other information relating to the Services, and for our marketing and promotional purposes;
  • process your customer account transactions;
  • send you notices, text messages and push notifications in connection with the Services;
  • monitor and analyze trends, usage and activities in connection with our Services;
  • protect the rights and property of CoreWeave and others;
  • perform operational functions in connection with our business;
  • link or combine with information we get from others to help us understand your needs and provide you with a better experience;
  • carry out any other purpose described to you at the time the information was collected;
  • maintain appropriate records for internal administrative purposes;
  • comply with legal and regulatory requirements, required disclosures and choices and controls that may be available;
  • find and prevent fraud and other illegal activity; and
  • for compliance purposes, including enforcing our Terms of Use or Terms of Service, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.

We also may use aggregated or de-identified information, which cannot reasonably be used to identify you. Once de-identified and aggregated so that data does not personally identify you (for example, we may aggregate data in order to improve our automation and improve care), it is no longer personal information. Such de-identified and/or aggregated information which does not identify individuals is not subject to this Privacy Policy.

3. How We Share Information

We may share the information we collect in various ways, including the following:

  • Vendors and Service Providers. We may share information with third-party vendors and service providers that provide services on our behalf, such as helping to provide our Services, for promotional and/or marketing purposes, and to provide you with information relevant to you such as product announcements, software updates, special offers, or other information.
  • Aggregate Information. Where legally permissible, we may use and share information about users with our partners in aggregated or anonymized form that cannot reasonably be used to identify you.
  • Third-Party Partners. We also share information about users with third-party partners in order to receive additional publicly available information about you.
  • Information We Share When You Come to Us Through a Referral. If you create an Account to use our Services through a referral, we may share information with your referrer to let them know.
  • Analytics. We use analytics providers such as Google Analytics. Google Analytics uses cookies to collect non-identifying information. Google provides some additional privacy options regarding its Analytics cookies at https://www.google.com/policies/privacy/partners/.
  • Business Transfers. Information may be disclosed and otherwise transferred to any potential acquirer, successor, or assignee as part of any proposed merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
  • As Required By Law and Similar Disclosures. We may also share information to (i) satisfy any applicable law, regulation, legal process, or governmental request; (ii) enforce this Privacy Policy and our Terms of Service, including investigation of potential violations hereof; (iii) detect, prevent, or otherwise address fraud, security, or technical issues; (iv) respond to your requests; or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
  • With Your Consent. We may share information with your consent.

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only (i) where we need the personal information to perform a contract with you such as a purchase order for on-demand, reserved compute instances or bulk credits; (ii) where the processing is in our legitimate interests and not overridden by your rights; or (iii) where we have your consent to do so.

We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

5. Third-party Services

You may access other third-party services through our Sites or your use of the Services, for example by clicking on links to those third-party services from within our Sites or if a third-party service has been integrated with the Services. We are not responsible for the privacy policies and/or practices of these third-party services, and we encourage you to carefully review their privacy policies. The fact that we may link to a third-party website or integrate or configure a solution or tool into the Services from a third party is not an endorsement, authorization, or representation of any affiliation by us with that third party, nor is it an endorsement of their privacy or information security policies or practices.

6. Security

CoreWeave is committed to protecting your information. To do so, we employ a variety of security technologies and measures designed to protect information from unauthorized access, use, or disclosure. We follow industry standards on information security management to safeguard sensitive information, such as personal information entrusted to us. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. However, please bear in mind that the Internet and any online platform cannot be guaranteed to be 100% secure. Therefore, we cannot guarantee the absolute security of your personal information.

7. Data Retention

We retain personal information we collect from you where we have a legal obligation or an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).

When we have no ongoing legitimate business need or legal obligation to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in standard backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

If you have any questions about the retention of your personal data, you can contact CoreWeave at [email protected].

8. Your Data Protection Rights Under the General Data Protection Regulation (GDPR)

Data protection law in certain jurisdictions differentiates between the "controller" and "processor" of information. In general, you are the controller of the “Processed Customer Data” (described above in this Privacy Policy) that you upload to the Services and CoreWeave is the processor of such disclosed information.

CoreWeave is the controller of information it collects directly or indirectly from you through the Sites or non-Processed Customer Data collected directly or indirectly through your use of the Services. If you are an individual and a resident of the EEA, you have the following data protection rights:

  • Access/Correction/Deletion of Your Data. If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing [email protected].
  • Objection/Restriction of Certain Processing. You can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request portability of your personal information by emailing [email protected].
  • Withdrawal of Consent to Process. If we have collected and processed your personal information with your consent, without a separate legal basis under the GDPR to process your data, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • File a Complaint. You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

However, if CoreWeave receives data through a third party or a customer of its Services, CoreWeave has no direct relationship with the individual whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to the third party or CoreWeave customer within whose account such individual’s data exists (the data controller).

CoreWeave currently utilizes Standard Contractual Clauses in connection with transfers of data from the EEA to the US. Please also refer to our Data Processing Agreement (CoreWeave as Controller) for more information about data transfers. The processing of personal data through cookies, tokens and similar tracking technologies (as described in this Privacy Policy) is strictly necessary for the purpose of preventing fraud and providing fraud-prevention security measures for individuals.

9. California Resident Rights

If you are a California resident, applicable state law may provide you with additional rights regarding our use of your personal information.

I. California Resident Rights

Subject to certain exceptions under California law, California residents may have the following rights with respect to their personal information collected by CoreWeave:

Right to Know and Access. The right to request CoreWeave disclose (i) a copy of the personal information that we collect about you; (ii) the categories of personal information that we collected about you; (iii) the purposes for which such personal information was collected, disclosed or sold; (iv) the categories of sources from which the personal information was collected; and (v) the categories of third parties with whom such personal information may have been shared.

Right to Delete. The right to request that CoreWeave delete the personal information that we or our vendors collected about you. There may be circumstances under which we will be unable to delete your personal information, such as if we need to comply with our legal obligations or complete a transaction for which your personal information was collected. If we are unable to comply with your request for deletion, we will let you know the reason why.

Right to Correct. The right to request that CoreWeave correct the personal information that we or our vendors collected about you.

Right to Restrict Sensitive Information Processing. The right to request that CoreWeave restrict the use and disclosure of your sensitive personal information (as defined under California law).

Right to Equal Service. If you choose to exercise any of these rights, CoreWeave will not discriminate against you in any way. If you exercise certain rights, you may be unable to use or access certain features of the Services.

II. Exercising Your Rights

To exercise any of these rights, submit an email request to [email protected], or, if you are a user of the Services, you may submit a request through the chat function.

In connection with submitting a request, you must provide the following information:

  • name
  • email address
  • phone number
  • address

and you must state what type of request you are making.

Your legally authorized representative may make a request on your behalf related to your personal information. CoreWeave will take steps to verify your identity prior to processing your request, and we may ask for additional information from you that helps us with this verification.

CoreWeave cannot respond to a request or provide personal information if we cannot verify the identity or authority to make the request. In addition, if CoreWeave receives data through a third party or a customer of its Services, CoreWeave has no direct relationship with the individual whose personal information it processes.

An individual who seeks access, or who seeks to correct or delete data, should direct their query to the third party or CoreWeave customer within whose account such individual’s data exists (the data controller). If we deny a request, we will provide a response explaining the reasons we cannot comply with a request, if applicable.

III. Sharing of California Resident Personal Information

CoreWeave may have collected and disclosed the following categories of personal information from a California resident for a business purpose: various identifiers, including: name, address, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), including telephone number or financial information.

Internet or other similar network activity, including, browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement, including protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our Services (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data in order to analyze trends in the aggregate and administer our Services. Geolocation data, including, physical location or movements.

Professional or employment-related information, including, current or past job history or performance evaluations. Educational information, including, transcript, student records, grades and performance, activities, school name or school ID.

CoreWeave may collect the above categories of personal information directly from you, indirectly as you interact with our Services and Sites, from or through other third party sources, including our business partners, or through email or other electronic messages between you and our Services.

CoreWeave may have disclosed the categories of personal information set forth above for one or more of the purposes set forth in this Privacy Policy, including disclosure to a service provider or other third party of CoreWeave’s for a business purpose.

IV. Sale of California Resident Personal Information

CoreWeave does not sell personal Information.

You have the right to opt-out of the disclosure of your personal information with a third party for cross-contextual behavioral advertising purposes. To make such a request, please send an email to [email protected].

V. How We Respond to “Do Not Track” Signals

Some web browsers have a “Do Not Track” feature or similar features that allow you to tell each website you visit that you do not want your activities on that website tracked. At present, the Sites and Services do not respond to “Do Not Track” signals and consequently, the Sites and Services will continue to collect information about you even if your browser’s “Do Not Track” feature is activated.

VI. “Shine the Light” Law

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected].

10. Email Opt Out

You may opt out of receiving general emails from CoreWeave by following the unsubscribe instructions in any email we send you.

11. Children's Privacy

CoreWeave does not knowingly collect information from children under the age of 18, and children under 18 are prohibited from using our Services. If you learn that a child has provided us with personal information in violation of this Privacy Policy, you can alert us at [email protected].

12. Changes to this Privacy Policy

This Privacy Policy may be modified from time to time, so please review it frequently. Changes to this Privacy Policy will be posted on our Sites. If we materially change the ways in which we use or share personal information previously collected from you through our Services, we will notify you through our Services, by email, or other communication.

13. International Data Transfers

CoreWeave is a global business. We may transfer personal information to countries other than the country in which the data was originally collected. These countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your personal information to other countries, we will protect that information as described in this Privacy Policy.

14. Accessibility

We are committed to facilitating the accessibility of our Services for all people with disabilities. To access this Privacy Policy or any other portion of the Services in an alternative format, please contact us at [email protected].

15. Contact Us

If you have any questions or concerns about this Privacy Policy, please feel free to email us at [email protected].