Privacy and Security

Building Trust Through Transparency

At Sitecore, we recognize the immense value of data and the critical importance of safeguarding it. Our commitment to privacy and security is at the heart of every interaction with our customers, partners, service providers, and web visitors. We believe in being transparent about our data practices, ensuring you are fully informed about how your information is protected.


Privacy at the Core

Our approach to data privacy is comprehensive, extending from our detailed Privacy Policy to our specific Data Processing Addendum and Cookie Policy. Each document is crafted to provide clarity and confidence in how we handle, store, and protect your personal information.

  • Data Processing Addendum (DPA): Tailored to meet stringent data processing standards, ensuring compliance and security in our handling of customer data.
  • Privacy Policy: Outlining our practices in collecting, using, and safeguarding personal information.
  • Cookie Policy: Explaining how and why we use cookies to improve your experience on our website.
  • DPO: Sitecore retains Calligo Ltd to provide DPO services. They can be contacted by email at privacy@Sitecore.com.

Unwavering Security

Security is not just a program at Sitecore; it's an integral part of our culture. We maintain robust security measures and undergo regular assessments to ensure the integrity and confidentiality of your data.

  • Security Programs Overview: Our comprehensive security strategies are designed to protect data across all touchpoints.
  • Compliance and Certifications: Demonstrating our commitment to industry standards, our compliance and certifications reflect our dedication to maintaining the highest security levels.
  • Status by Product: Detailed insights into the security status and updates for each Sitecore product.

Additional Resources

For in-depth information, access our privacy, security, and compliance datasheets, white papers, and brochures go to Downloads.

We continuously update our privacy and security practices to not only meet but exceed industry standards. This dedication to excellence in data protection and security is a cornerstone of the trust you place in Sitecore.

Frequently asked questions

01.

Does Sitecore adhere to the GDPR?

Like all globally engaged companies, Sitecore took a number of steps to implement the various requirements of the General Data Protection Regulation (GDPR) and evolving global privacy laws into Sitecore’s business. This meant building our privacy, security and data governance teams and continuing to build our data strategy to ensure a robust data model for continuing adherence beyond the May 25th 2018 implementation dates of new laws.

These steps included:

  • Building an accountable privacy team: With a Data Governance Committee comprised of Sitecore C-suite members from the Legal, HR, Finance, Marketing, Customer Operations, Product, and Sales teams, and supported by a Steering Group, Sitecore has implemented top-down awareness of our privacy and data governance framework to ensure accountability in all of our business processes.
  • Transparency, notice and choice: We have updated our Privacy Policy to ensure that those whose data we collect understand how it will be processed and can make informed choices about whether to share their data with us.
  • Organizational measures: We reviewed our internal processes to ensure that we have improved internal guidelines and thresholds on who we work with and engage as vendors, reviewing our contracts to ensure that appropriate contractual mechanisms are in place before sharing data, implementing structures that incorporate privacy by design in our product review cycles and establishing protocols for responding to data subject requests.
  • Technical measures: We have improved our internal security measures to ensure greater asset management and encryption on portable devices, as well as updating our internal security policies to deal with new legal requirements. Refer to the security page for more information on Sitecore’s security framework.
  • Reviews: We have built into our business model reviews and audits to ensure that we continue to assess.