Your name, e-mail address, billing address, security question / answer, credit card info, social security number (??) password, IP address, and a history of your actions. "some of which may be personally identifiable".
They sell your info only to "trusted business affiliates and/or associates"
One might trust their "trusted business affiliates", but certainly not their [untrusted] "associates".
Given the choice to make $$ and sell your data or not make $$, the decision is a no-brainer. Dreamhost can and very likely does sell your personal information, but only to those whom they trust and/or associate.
In addition to selling your data, they also have a list of
"reputable third-party providers, vetted by our designers, developers, security team members and marketing people"
whom they allow to run scripts on your machine.
Who are these third-party evesdroppers?
"Tech Support team doesn't have a list of such third-party tools because that list changes frequently."
Does anybody believe that everybody at Dreamhost except tech support knows who these reputable parties are? Could this be why their other trusted and paying business partners, their customers, can not know who is using their computer?
Tech support sent this answer:
Re: Full Disclosure of 3rd Party Security Vetting LIST
Message #: 140310247
Time: 2017-10-11 22:46:23
"I have consulted the highest authorities at DreamHost and unfortunately we will not be publishing that information. Please let me know if you have any other questions. Thanks! Heckman
Buy canned customer data or Harvest it Yourself!
Or, if you want to harvest Dreamhost's customer's data yourself without any paper trail or traceable bank transactions, Dreamhost will give you the keys to the customer's computer by inserting your Script into their web pages. You can execute whatever you like in their browser on their computer. And, Dreamhost will guarantee to not publish your identity as you hoover up all the customer data you want. Whose privacy do they value?
These third-parties running scripts might also have privacy policies as to what they collect and what they do with it. The "Highest authorities" at Dreamhost refuse to identify their "reputable third-party providers" so we can't know what these policies or uses are. Surely, like Dreamhost, they can sell your harvested data to their untrusted associates, ad infinitum.
Imagine hiring a plumber to fix your toilet while you were at work only to find out that the plumber is making copies of your key for all of the [undisclosed list of] helpers. And, all of the helpers can make copies for all their "associates". Everybody would have unlimited access to your home while you are at work.
Dreamhost list moderater Smaffulli says, "here is a list of reputable detective agencies whom you can hire to watch the plumber's helpers' helpers' helpers. There, your problem is solved!"
As Supreme Court Justice Louis Brandeis once said, "Sunlight is said to be the best of disinfectants".