- Account information. Information related to the account you create, such as account ID and password.
- Registration information. Information you submit to us when you sign up for or attend a Sitecore training, conference, webinar, or other such educational or promotional event (collectively “Event”).
- License information. Information regarding your licensed Sitecore product or software, such as license ID, support and maintenance levels, license usage reports and other license data.
- Payment information. Information necessary to process payment such as billing address, transaction history, payment and financial information which may include credit card information is collected only in relation to purchased tickets for marketing events and training. Sitecore uses a third party service to do this and does not store any payment information.
- Information from third parties. Information we may obtain from third parties about your interests or your company. For instance, to keep our databases current and to provide you with relevant content and experiences, we may combine your personal information with other sources, in accordance with applicable law. For example, we may learn about the name, size, industry and location of the company your work for from these sources.
- Social media data. We may provide social media features that enable you to share information through your social networks and to interact with us on social media sites. Additionally, in order to use some features of Sitecore’s websites, you must first complete the registration process, which may also occur via your single sign on social media account. Your use of these features may result in the collection or sharing of information about you, depending on the feature. We encourage you to review the privacy policies and settings on the social media sites you use to make sure you understand the information that may be collected, used, and shared by those sites. Further, you acknowledge that when you provide credentials to access or authenticate your single sign on social media account such as Facebook.com, LinkedIn.com, or other third party services, Sitecore is not responsible for the security of your password, credentials, or other personal data stored or provided by such services.
- Other unique identifying information. Examples include information you provide when you interact in-person, online or by phone or mail with our services centers, help desks or other customer support channels, your responses to customer surveys or contests or additional information you have provided to us to facilitate delivery of the Sitecore Services and to respond to your inquiries.
How we comply with the Privacy Shield
Sitecore complies with the E.U.-U.S. Privacy Shield and Swiss – US Privacy Shield Frameworks (together referred to as “Privacy Shield”) as set forth by the U.S. Department of Commerce and the European Commission regarding the collection, use, and retention of personal information from data subjects who reside in the EU and Switzerland, respectively. Sitecore has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability.
As required under the principles, when Sitecore receives information under the Privacy Shield and then transfers it to a third party service provider acting as an agent on behalf of Sitecore, Sitecore has certain liability for the onward processing of personal data under the Privacy Shield if both (i) the agent processes the information in a manner inconsistent with the Privacy Shield and (ii) Sitecore is responsible for the event giving rise to the damage. To learn more about the Privacy Shield program, and to view Sitecore’s certification, please visit the Privacy Shield website.
If you have an inquiry regarding our privacy practices in relation to our Privacy Shield certification, we encourage you to contact us to respond or resolve your query.
For residents of the United States, Sitecore is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC).
For European residents, we have chosen the EU Data Protection Authorities (EU DPAs) to serve as an independent recourse mechanism for dispute resolution arising from collection, use, and retention of personal information transferred from EU member countries to the United States.
You may refer a complaint to your local EU DPA here, at no cost to you, and we will work with them to resolve your concern. In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.