Effective: December 31, 2018
At SailPoint Technologies, Inc. (“SailPoint”, "we", "us", "our"), we are committed to respecting your privacy. We recognize that when you choose to provide us with information about yourself, you trust us to act in a responsible manner and to protect and safely manage any personal information that you share with us. This Privacy Statement explains who we are, how we collect, share and use personal information we collect about you and how you can exercise your privacy rights.
“Personal Information” means any information that may be used to identify an individual, either directly or indirectly.
If you have any questions or concerns about our use of your Personal Information, then please contact us using the contact details provided at the bottom of this Privacy Statement.
We recommend that you read this Privacy Statement in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Statement, then you can click on the relevant link below to jump to that section.
“Affiliates” refers to present or future companies that, directly or indirectly, through one or more intermediaries, control, are controlled by, or are under common control with SailPoint.
“Compass” refers to the SailPoint Support Community website, https://community.SailPoint.com and related materials.
“Horizon” refers to the product-idea and support-case portal for SailPoint customers and partners, https://www.sailpoint.com/customers/horizon/ and related materials.
“Materials” refers to the software, courseware, toolkits, documentation and all other information, whether tangible or intangible, that SailPoint makes available on SailPoint University, Compass, or Horizon.
“SailPoint University” refers to the SailPoint University website, https://university.SailPoint.com and related materials.
“Services” refers to the services provided by SailPoint in connection with the Materials, as well as any other related education or training services provided by or through SailPoint via SailPoint University, Compass, or Horizon.
“User Content” refers to any data, text, links, media, or other content that you submit to SailPoint via a Website.
“Website” refers to the website www.SailPoint.com and all other related sub-domains, including Compass, Horizon and SailPoint University, each of which includes text, media, documentation, pictures, and other content.
“Visitors” refers to individuals who visit a Website.
What does SailPoint do?
SailPoint is a provider of enterprise identity governance software and services, headquartered in the United States.
For more information about SailPoint please see the “About” section of our Website at https://www.sailpoint.com/company.
Collection, Use and Purpose Limitations of Your Information
Information you provide voluntarily:
Certain parts of our Website may ask you to provide Personal Information voluntarily, such as in order to register an account with us, to subscribe to marketing communications from us, or in submitting enquiries to us. Where SailPoint collects Personal Information on a Website, we will explain why such Personal Information will be collected.
When you participate in, access or sign up to receive any of SailPoint’s Services, activities or online content, such as email publications, blogs, newsletters, competitions, live chats, message boards, vote, or create an account using SailPoint’s online registration system (e.g., for Compass, Horizon, or SailPoint University), SailPoint may receive Personal Information about you. This may consist of contact information but may also include other Personal Information that you voluntarily provide.
Automatic Collection of Information:
When you visit our Website, SailPoint will gather certain information about your visit and your device automatically. This information may, for example, reflect how you found or were directed to or used the Website. It may collect the name and URL of the website that you visited immediately preceding your visit to a Website. SailPoint may use this type of information on a cumulative basis to better understand what pages Visitors and prospective customers access or visit, and SailPoint may disclose this information to business and trade partners as well as SailPoint’s Affiliates in an aggregated form. For information on who we share your information with, and why, please see "Disclosures, Sharing and Onward Transfers of Your Information" below [Disclosures, Sharing and Onward Transfers of Your Information].
SailPoint may also receive information from you via any blogs, forums, or comments pages that are maintained on any Website for public comment by Visitors. Note that if you provide any Personal Information via any page of the Websites maintained for public comment, your information will be publicly available to any other Visitor.
The Websites do not respond to “do not track” signals from browsers. Thus, your selection of the “do not track” option provided by your browser may not have any effect on our collection of cookie information for analytic and internal purposes. To effectively manage our collection of cookie information, you may set most browsers to notify you if you receive a cookie, or you may choose to block cookies through the settings associated with your browser. But, please note that if you choose to erase or block cookies, you will need to re-enter your original information (e.g., user name, password, or general contact info) to gain access to certain parts of the Websites and may not be able to access other parts of the Websites.
SailPoint may also use tracking technologies that record information such as Internet domain and host names; Internet protocol (IP) addresses; browser software and operating system types; clickstream patterns; and dates and times that any Website are accessed by Visitors. SailPoint may also analyze information for trends and statistics, such as through the use of Google Analytics or other similar analytics services.
For more information about cookies please see the “Cookie Notice” section of our Website at Cookie Notice.
Disclosures, Sharing and Onward Transfers of Your Information
Who does SailPoint share my Personal Information with?
We may disclose your Personal Information to the following categories of recipients:
International data transfers
Your Personal Information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).
Specifically, our Website servers are located in the United States, and our third-party service providers and partners operate around the world. This means that when we collect your Personal Information we may process it in any of these countries.
However, we have taken appropriate safeguards to require that your Personal Information will remain protected in accordance with this Privacy Statement.
Where Personal Information originates from the European Economic Area or Switzerland and is transferred to the United States, SailPoint agrees to comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, respectively. SailPoint makes an affirmative commitment to adhere to EU-U.S. and Swiss-U.S. Privacy Shield Principles (the “Privacy Shield Principles”). With respect to such Personal Information, to the extent of any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles govern. More information on the EU-U.S. and Swiss-U.S. Privacy Shield programs can be found at https://www.privacyshield.gov.
In the context of an onward transfer, SailPoint has responsibility for processing Personal Information it receives under Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Where required by Privacy Shield, we enter into written agreements with those third-party agents and service providers requiring them to provide the same level of protection Privacy Shield requires and limiting their use of the data to the specified services provided on our behalf. We take reasonable and appropriate steps to ensure that third-party agents and service providers process EEA and Swiss Personal Information in accordance with our Privacy Shield obligations and to stop and remediate any unauthorized processing. Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers who perform services on our behalf for their handling of EEA or Swiss Personal Data that we transfer to them.
Legal basis for processing Personal Information (EEA and Swiss visitors only)
If you are a visitor from the European Economic Area or Switzerland, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.
However, we will normally collect Personal Information from you only (i) where we need the Personal Information to perform a contract with you, (ii) where the processing is in our legitimate interests and not overridden by your rights, or (iii) where we have your consent to do so.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided under the “Contact Information” heading below [Contact Information].
Wherever your Personal Information may be held within SailPoint or on its behalf, SailPoint takes reasonable and appropriate steps to protect the Personal Information that you share with us from unauthorized access or disclosure. SailPoint trains its employees on data handling practices. In addition, SailPoint and its business partners enter into confidentiality agreements which require that care and precautions be taken to prevent loss, misuse, or disclosure of your Personal Information.
We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
Your data protection rights and choices
If you are a resident of the European Economic Area or Switzerland, you can also:
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Privacy Policies of Third-Party Websites
Our Website may contain or reference links to non-SailPoint websites. SailPoint has no control over, and assumes no responsibility for, the content, privacy policies (if any), or practices of any third-party website or any link contained in a third-party website. The inclusion of a link within any Website does not imply any endorsement by or any affiliation with SailPoint. Access to any third-party website is at your own risk, and you should be aware that third-party websites may contain privacy policies that have terms that are different from that of this Privacy Statement.
In connection with your use of any Website, you may be made aware of services, products, articles, offers, and promotions provided by third parties, and not by us.
Change Management of Privacy Statement
SailPoint may amend this Privacy Statement from time to time by posting a revised policy on our Website. If SailPoint makes material changes to this Privacy Statement, SailPoint will endeavor to notify you of such changes (e.g., by email or an alert on any Website for a period of time). However, regularly reviewing this page is the best method to ensure you are always aware of the information SailPoint collects, how it is used and under what circumstances.
You can see when this Privacy Statement was last updated by checking the “last updated” date displayed at the top of this Privacy Statement.
Children’s Personal Information Policy
SailPoint does not knowingly solicit any Personal Information from children under the age of 16. If SailPoint is made aware that SailPoint has collected Personal Information from a child under 16 years old in a manner that is inconsistent with the Children’s Online Privacy Protection Act of the United States, then SailPoint will delete this information as soon as practicable.
For disputes regarding SailPoint’s collection or use of your Personal Information or for more information, or questions or comments concerning the Privacy Statement, please contact SailPoint at:SailPoint Technologies, Inc.
You may also stop email messages and other promotional mailings by contacting SailPoint at the above address or email.
Our goal is to resolve all disputes through our internal processes. If you have a complaint regarding our collection, use, disclosure or retention of Personal Information originating from the European Economic Area or Switzerland that cannot be resolved through those processes, you may:
(1) submit the complaint to the relevant data protection authorities, EU Data Protection Authorities and Swiss Federal Data Protection and Information Commissioner (FDPIC) (“DPAs”);
(2) at no cost to you, resolve the complaint through JAMS using this link: https://www.jamsadr.com/eu-us-privacy-shield; or
(3) provide notice to SailPoint that you desire to resolve the complaint through binding arbitration. SailPoint is subject to the enforcement powers of the U.S. Federal Trade Commission. In the event that we or such authorities determine that we did not comply with this Privacy Statement, we will take appropriate steps to address any adverse effects and to promote future compliance.