Effective: August 27, 2020

At SailPoint Technologies, Inc. (“SailPoint”, “we”, “us”, “our”), we are committed to respecting your privacy. Reconocemos que cuando elige proporcionarnos información sobre usted mismo confía en que actuaremos de forma responsable, protegeremos y gestionaremos de forma segura la información personal que comparta con nosotros.This Privacy Statement explains who we are, how we collect, share and use personal information we collect about you and how you can exercise your privacy rights.

“Personal Information” means any information that may be used to identify, relate to, describe, or that is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual..

If you have any questions or concerns about our use of your Personal Information, then please contact us using the contact details provided at the bottom of this Privacy Statement.

Quick Links

We recommend that you read this Privacy Statement in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Statement, then you can click on the relevant link below to jump to that section.

Definiciones

«Afiliadas» se refiere a las empresas presentes o futuras que, directa o indirectamente, a través de uno o más intermediarios, controlen, estén controladas por, o se encuentra bajo un control común de, SailPoint.

“Compass” refers to the SailPoint Support Community website, https://community.sailpoint.com and related materials.

“Identity University” refers to the Identity University website, https://university.sailpoint.com and related materials.

“IDN Extension” refers to the SailPoint IdentityNow password replay web browser extension.

“Materials” refers to the software, courseware, toolkits, documentation and all other information, whether tangible or intangible, that SailPoint makes available on Identity University, Compass, or Support Portal.

“Services” refers to the services provided by SailPoint, including the IDN Extension and those provided in connection with the Materials, as well as any other related education or training services provided by or through SailPoint via Identity University, Compass, or Support Portal.

“Support Portal” refers to the product-idea and support-case portal for SailPoint customers and partners, http://support.sailpoint.com/ and related materials.

“Third Party Services” refers to third party data rooms, channels, and services provided by Slack, Inc., Smartsheet, Inc., Box, Inc, or other third party service providers that SailPoint may grant you access to, and use of, for the purposes of collaborating and sharing information with SailPoint.

“Users” refers to individuals who use the Services or Third Party Services.

«Visitantes» se refiere a las personas que visitan un sitio web.

“Website” refers to the website www.SailPoint.com and all other related sub-domains, including Compass, Identity University and Support Portal, each of which includes text, media, documentation, pictures, and other content.

What does SailPoint do?

SailPoint is a provider of enterprise identity governance software and services, headquartered in the United States.

For more information about SailPoint please see the “About” section of our Website at https://www.sailpoint.com/company.

Recopilación, uso y limitaciones del propósito de su información

We collect Personal Information about you from a variety of sources, including directly or automatically from you, from third party sites and businesses, as well as from publicly available information.

Information you provide voluntarily:

Certain parts of our Website, Services and Third Party Services may ask you to provide Personal Information voluntarily.  For example, we may collect personal identifiers such as your name, email address, and phone number, and professional information such as your occupation and place of employment in order to register an account with us, to make use of our Services, to subscribe to marketing communications from us, to engage with a member of our team regarding your use of our Services, or in submitting enquiries to us.

When you participate in, access, use, or sign up to receive Services, Third Party Services, activities or online content, such as email publications, blogs, newsletters, competitions, live chats, message boards, vote, or create an account using SailPoint’s online registration system (e.g., for Compass, Identity University, Support Portal or Third Party Services), SailPoint may receive Personal Information about you, including personal identifiers and professional information, that we use to provide our identity management and governance services to our business customers. In comments you post to blogs, competitions, live chats, or message boards, you may also voluntarily disclose additional categories of Personal Information, depending on the content of your posts.

Recopilación automática de información:

When you visit our Website, SailPoint will gather internet activity information about your visit and your device automatically, including how you found or were directed to or used the Website and the name and URL of the website that you visited immediately preceding your visit to our Website. Please see our cookie policy for more information.  SailPoint may use this type of information internally, on a cumulative basis, to better understand what pages Visitors and prospective customers access or visit. SailPoint may aggregate internet activity information, combine it with other information, and disclose it to business and trade partners as well as SailPoint’s Affiliates. For information on who we share your information with, and why, please see “Disclosures, Sharing and Onward Transfers of Your Information” below [Disclosures, Sharing and Onward Transfers of Your Information].

When you use the IDN Extension, SailPoint may receive internet activity information, including data about your online browsing activity and the addresses of websites that you visit.  This information is used to provide password replay functionality to you in connection with your use of the IDN Extension.

When you complete training or certification courses through SailPoint, we automatically record and retain results for our administrative and record keeping purposes.

Solicitantes:

If you apply for a job or to work as a contractor, please see our HR Privacy Policy for specific information on how we use your Personal Information.

Procesadores de pago:

SailPoint may use certain third party payment processors, including Stripe, Inc., (“Payment Processors”) to collect and process personal financial information from Visitors such as name, phone number, address, zip postal code, and credit card or bank account information for the purposes of allowing Visitors to purchase various items, including Materials or Services, via our Website. If you make any payment through our Website, your credit card and other billing details may be gathered and stored with our trusted Payment Processors for the purpose of completing your purchases. SailPoint does not store your credit card or billing details, and such details cannot be accessed by SailPoint’s staff. For purchases in connection with Identity University, you should review Stripe’s own privacy policy to ensure you are comfortable with their privacy practices before providing any credit card information. SailPoint contractually requires that its Payment Processors, including Stripe, stay compliant with the Payment Card Industry Data Security Standards, as well as all applicable local, state, national and international laws and regulations related to the services provided to SailPoint by such Payment Processors.

Artículos del foro:

SailPoint may also receive information from you via any blogs, forums, or comments pages that are maintained within the Website or Third Party Services. Note that if you provide any Personal Information via any such pages maintained or used for public comment, your information will be publicly available to any other User or Visitor.

Personal Information Previously Collected

In the 12 months prior to the date of this Privacy Policy, we may have collected the categories of Personal Information identified above [Collection, Use and Purpose Limitations of Your Information] and disclosed them to the same parties for the same purposes as described above.

Nuestra política de cookies y uso de otras tecnologías de seguimiento

From time to time, some of SailPoint’s Websites may utilize “cookies” and other tracking technologies. When you visit our Website, SailPoint may place one or more “cookies” on your computer. A “cookie” is a small text file that may be used, for example, to collect information about website activity. Some cookies and other technologies may serve to recall Personal Information previously provided by a Website Visitor. SailPoint uses cookies for all or any of the following purposes:

  • Identifíquese cuando acceda, visite o inicie sesión en cualquier Sitio Web. Esto le permitirá que vuelva a visitar el Sitio Web sin la necesidad de volver a introducir información en cada visita.
  • Para indicar las diferentes áreas de cualquier Sitio Web a las que se haya accedido recientemente a través de su ordenador. La información recopilada de esta forma puede usarse para desarrollar y gestionar los servicios en línea de SailPoint mediante, por ejemplo, el almacenamiento de información sobre sus preferencias para permitir a SailPoint personalizar cualquier Sitio Web de acuerdo con sus intereses individuales.
  • Proporcionando contenido en cualquier Sitio Web que sea relevante para sus intereses personales.
  • Monitorizando la efectividad de cualquier promoción o campaña de marketing por parte de SailPoint o sus Afiliadas.
  • Haciendo un seguimiento de sus entradas, envíos y estado en promociones, rifas y concursos.
  • Mejorando el contendido de cualquier Sitio Web llevando a cabo diversos diagnósticos para mejorar los servicios de SailPoint. SailPoint puede, por ejemplo, usar cookies para monitorizar las métricas agregadas tales como el número total de visitantes y páginas vistas.
  • Analizando y mejorando la seguridad del sitio web.

Los Sitios Web no responden a la señal de «no realizar seguimiento» de los navegadores. Por lo tanto, aunque seleccione la opción «no realizar seguimiento» que ofrece su navegador, esto puede no tener ningún efecto sobre la recopilación de información de sus cookies con propósito de análisis o interno. Para gestionar eficazmente la recopilación de nuestros datos en las cookies, puede configurar la mayoría de los navegadores para que le notifiquen si recibe una cookie, o puede optar por bloquear las cookies en la configuración asociada con su navegador. But, please note that if you choose to erase or block cookies, you will need to re-enter your original information (e.g., user name, password, or general contact info) to gain access to certain parts of the Websites and may not be able to access other parts of the Websites.

SailPoint may also use tracking technologies that record information such as Internet domain and host names; Internet protocol (IP) addresses; browser software and operating system types; clickstream patterns; and dates and times that any Website is accessed by Visitors. SailPoint may also analyze information for trends and statistics, such as through the use of Google Analytics or other similar analytics services.

For more information about cookies please see the “Cookie Notice” section of our Website at Cookie Notice.

Revelación, intercambio y transferencia de su información

Who does SailPoint share my Personal Information with?

We may disclose your Personal Information to the following categories of recipients:

  • to our group companies, Affiliates, third party services providers and partners who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website, Third Party Services or Services), or who otherwise process Personal Information for purposes that are described in this Privacy Statement or otherwise notified to you when we collect your Personal Information;
  • to your employer or hiring entity, if you participated in training or received certification through your employer or hiring entity;
  • to the third parties that provide the Third Party Services for the purposes described in this Privacy Statement and each third party’s privacy statement;
  • to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights and property, or (iii) to protect your rights, property or safety or those of any other person;
  • to an actual or potential buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger or acquisition of assets or any part of our business; and
  • to any other person with your consent to the disclosure.

International data transfers

Your Personal Information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our Website servers are located in the United States, and our third-party service providers and partners operate around the world. This means that when we collect your Personal Information we may process it in any of these countries.

However, we have taken appropriate safeguards to require that your Personal Information will remain protected in accordance with this Privacy Statement.

Privacy Shield

Where Personal Information originates from the European Economic Area or Switzerland and is transferred to the United States, SailPoint agrees to comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, respectively. SailPoint makes an affirmative commitment to adhere to EU-U.S. and Swiss-U.S. Privacy Shield Principles (the “Privacy Shield Principles”). With respect to such Personal Information, to the extent of any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles govern. More information on the EU-U.S. and Swiss-U.S. Privacy Shield programs can be found at https://www.privacyshield.gov.

In the context of an onward transfer, SailPoint has responsibility for processing Personal Information it receives under Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Where required by Privacy Shield, we enter into written agreements with those third-party agents and service providers requiring them to provide the same level of protection Privacy Shield requires and limiting their use of the data to the specified services provided on our behalf. We take reasonable and appropriate steps to ensure that third-party agents and service providers process EEA and Swiss Personal Information in accordance with our Privacy Shield obligations and to stop and remediate any unauthorized processing. Under certain circumstances, we may remain liable for the acts of our third party agents or service providers who perform services on our behalf for their handling of EEA or Swiss Personal Data that we transfer to them.

On July 16, 2020, the Court of Justice of the European Union issued a judgment which made the Privacy Shield Framework no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States. However, SailPoint continues to honor its commitments under the EU-U.S. Privacy Shield Framework, along with reliance on alternative mechanisms to legitimize international personal data transfers.

Legal basis for processing Personal Information (EEA and Swiss visitors only)

If you are a User or Visitor from the European Economic Area or Switzerland, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.

However, we will normally collect Personal Information from you only (i) where we need the Personal Information to perform a contract with you, (ii) where the processing is in our legitimate interests and not overridden by your rights, or (iii) where we have your consent to do so.

If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided under the “Contact Information” heading below [Contact Information].

Security

Wherever your Personal Information may be held within SailPoint or on its behalf, SailPoint takes reasonable and appropriate steps to protect the Personal Information that you share with us from unauthorized access or disclosure. SailPoint trains its employees on data handling practices. Además, SailPoint y sus socios comerciales suscriben acuerdos de confidencialidad que requieren que se tomen medidas de cuidado y precaución para prevenir la pérdida, mal uso o revelación de su información personal.

However, while we attempt to ensure the integrity and security of Personal Information, please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, although SailPoint complies with its legal obligations in respect of the security of your personal data we cannot guarantee its absolute security.

Data retention

We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

Your data protection rights and choices

  • If you wish to make a request to access, correct, update or delete your Personal Information, you can do so at any time by contacting us using the contact details provided under the “Contact Information” heading below [Contact Information].  If you are a California resident, see below for additional information.
  • You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “Contact Information” heading below [Contact Information].

If you are a resident of the European Economic Area or Switzerland, you can also:

  • object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. Again, you can exercise these rights by contacting us using the contact details provided under the “Contact Information” heading below [Contact Information].
  • Similarly, if we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

California Residents’ Rights

If you are a California resident whose information is covered by the California Consumer Privacy Act (the “CCPA”), you may have certain rights regarding Personal Information we may have collected about you, as described in this below. 

Those rights include (a) the right to access specific pieces of Personal Information we have collected about you in the 12 months prior to receipt of a verified request, and (b) the right to know about the categories of Personal Information we collected about you, the categories of sources from which that information was collected, the purpose for collection, and/or the categories of Personal Information we have shared with third parties and the categories of those third parties, all within the 12 months preceding your verified request. 

You may also have the right to request deletion of Personal Information we have collected about you that is covered by the CCPA, subject to various exceptions in the CCPA. 

These rights to access, know about, or delete Personal Information do not apply to Personal Information we may have collected in the course of certain business-to-business transactions or in the human resources context, consistent with the CCPA.  

We do not sell the Personal Information of California residents.

Submitting CCPA requests

You may submit a request for Personal Information consistent with this section by emailing us at privacy@sailpoint.com or 1-877-378-1220.

Depending on the nature of your request, we may ask you for information to verify your request and identity. 

Please note that you may designate an agent to submit requests on your behalf.  Any such agent will have to verify their identity and we will require separate verifiable confirmation from you that you have authorized the agent to act on your behalf.  

Non-discrimination

We are committed to complying with the law. If you exercise any of the rights explained in this Policy, we will continue to treat you fairly.

We are a CCPA Service Provider

SailPoint primarily operates as a “service provider,” as that term is defined in the CCPA, for its customers.  This means SailPoint primarily collects and/or processes Personal Information on behalf of its customers, for customers’ business purposes, pursuant to written agreements.  As a service provider, we do not use, disclose or retain Personal Information collected in its capacity as a service provider other than is necessary to perform the services for its customers as described in their agreements. 

If we receive a request to access, know about, or delete Personal Information we have collected in our capacity as a service provider, we will inform the requestor that we will not be responding because we are a service provider, and recommend you place your request directly to the business. 

Privacy Policies of Third Party Services and Third Party Websites

Our Website and Third Party Services may contain or reference links to non-SailPoint websites (including the websites of the providers of Third Party Services). SailPoint has no control over, and assumes no responsibility for, the content, privacy policies (if any), or practices of any third party website or any link contained in a third party website. The inclusion of a link within any Website or Third Party Service does not imply any endorsement by or any affiliation with SailPoint. Access to any third party website is at your own risk, and you should be aware that third party websites may contain privacy policies that have terms that are different from that of this Privacy Statement.

In connection with your use of any Website, Service or Third Party Service, you may be made aware of services, products, articles, offers, and promotions provided by third parties, and not by us.

Finally, your use of Third Party Services may expose your data to the providers of such Third Party Services. The collection, use and retention of your data by such third parties is governed solely by such third parties’ respective privacy policies, and SailPoint has no control over how such third parties use your data.

Change Management of Privacy Statement

SailPoint may amend this Privacy Statement from time to time by posting a revised policy on our Website. If SailPoint makes material changes to this Privacy Statement, SailPoint will endeavor to notify you of such changes (e.g., by email or an alert on any Website for a period of time). Sin embargo, revisar este sitio web de forma regular es el mejor método para que usted siempre tenga conocimiento de la información que SailPoint recopila, cómo se usa y en qué circunstancias.

You can see when this Privacy Statement was last updated by checking the “last updated” date displayed at the top of this Privacy Statement.

Política respecto a la información personal de menores

SailPoint does not knowingly solicit or sell any Personal Information from children under the age of 16. If SailPoint is made aware that SailPoint has collected Personal Information from a child under 16 years old in a manner that is inconsistent with the Children’s Online Privacy Protection Act of the United States, then SailPoint will delete this information as soon as practicable.

Accessibility Policy

SailPoint is committed to ensuring that our communications, including our Website, are accessible to people with disabilities.  Our Website is designed to meet recognized industry standards of accessibility.  To make accessibility-related requests or report barriers, please contact us at 1-512-346-2000 or contact us at legal@sailpoint.com.

Contact Information

For disputes regarding SailPoint’s collection or use of your Personal Information or for more information, or questions or comments concerning the Privacy Statement, please contact SailPoint at:

SailPoint Technologies, Inc.
c/o Privacy Manager
11120 Four Points Dr.
Suite 100
Austin, Texas 78726
USA

privacy@sailpoint.com

Puede también detener los mensajes de correo electrónico y otros correos promocionales poniéndose en contacto con SailPoint en la dirección postal o electrónica referida anteriormente.

Nuestro objetivo es resolver cualquier reclamación a través de nuestros procesos internos. If you have a complaint regarding our collection, use, disclosure or retention of Personal Information originating from the European Economic Area or Switzerland that cannot be resolved through those processes, you may:

(1) submit the complaint to the relevant data protection authorities, EU Data Protection Authorities and Swiss Federal Data Protection and Information Commissioner (FDPIC) (“DPAs”);

(2) at no cost to you, resolve the complaint through JAMS using this link: https://www.jamsadr.com/eu-us-privacy-shield; or

(3) provide notice to SailPoint that you desire to resolve the complaint through binding arbitration. SailPoint is subject to the enforcement powers of the U.S. Federal Trade Commission. In the event that we or such authorities determine that we did not comply with this Privacy Statement, we will take appropriate steps to address any adverse effects and to promote future compliance.