Effective as of May 14, 2020
Table of Contents
- Controller, EU Representative and Data Protection Officer
- Sprinklr Platform
- Information We Automatically Collect
- Information You Provide to Us
- Cookies and other tracking technologies
- Website Analytics
- Purposes of and Legal Basis for Processing
- Data Sharing
- Information Security
- International Data Transfers
- Retention and Deletion
- Rights of the Data Subject
- Notice Concerning Children’s Information
- Payment Card Industry Data Security Standard Compliant (PCI DSS)
2. Controller, EU Representative and Data Protection Officer
This website is provided by Sprinklr, Inc. 29 West 35th Street, New York, Ny 10001, USA (“Sprinklr”). Sprinklr is the controller for the purposes of all applicable data protection legislation.
Sprinklr’s EU representative is Sprinklr Germany, GmbH, Alter Wall 67 – 69, 20457 Hamburg, Germany. Sprinklr Germany GmbH can be contacted by email at email@example.com.
Sprinklr’s data protection officer can be contacted at Sprinklr Inc, 29 West. 35th St. 7th Floor, New York, NY 10001, USA or at firstname.lastname@example.org.
3. Sprinklr Platform
Sprinklr however remains Controller of the personal data related to the registration, login and usage of our platform and products (“system”) by system users. During the registration process basic user profile data is collected including the user’s name, business email address (used as user identifier), password (stored in hashed format), and permissions. During login you’ll be required to provide your business email address and your password. While you’re using the Sprinklr Platform, we create logs of your actions including what you accessed, from which IP address and at which time. To better understand how you use our products and to continuously improve our product offerings, we may use additional analytic tools. When you are a registered user of the Sprinklr Platform, we may automatically register you in our support system, which simplifies the process for you to contact our technical support team. Furthermore, we use relevant information for billing purposes. Without a registered user account, you cannot use the Sprinklr Platform.
The legal basis for the processing of such personal data is “performance of a contract” (Art. 6 (1) lit b) GDPR). The purpose of the processing of such personal data is the provisioning, maintenance, improvement and security of the Sprinklr Platform. The above-mentioned personal data will be deleted after they are no longer necessary to achieve the purpose for which they were collected, generally upon the expiration of the underlying service contract, considering retention periods under tax and commercial law.
4. Information We Automatically Collect
When you visit our website, we collect certain information related to your device, such as your device’s IP address, browser types and versions used, operating system used by the accessing system, referring website, what pages your device visited, and the time that your device visited our website.
5. Information You Provide to Us
We may collect any Personal Information that you choose to send to us or provide to us:
On our website, you can subscribe to our email newsletter. When an email address is registered for our newsletter, a confirmation email will be sent to the e-mail address registered and the email newsletter will only be sent if the email address is confirmed by clicking a link provided in that confirmation email (so-called double opt-in procedure). We store the IP address and a timestamp, both for the registration and the subsequent confirmation. This data is collected for legal protection purposes, it enables Sprinklr to document and provide evidence for the addressees’ consent to be sent the email newsletter.
You may unsubscribe from our email newsletter and withdraw your consent to be sent the email newsletter at any time. Every email newsletter contains an unsubscribe link. In addition, you can send your request to unsubscribe to email@example.com and you can use our Preference Center.
We also may use tracking pixels in our email newsletter enabling Sprinklr to see if and when an email was opened and if certain links in that email were clicked by the addressee. This allows analysis, reporting and optimization of email marketing campaigns. Legal basis of the usage of such tracking pixels is our legitimate interest in performing, analyzing, reporting and optimizing our email marketing campaigns. You may opt-out from email newsletter tracking by unsubscribing from our newsletter or by contacting firstname.lastname@example.org.
5.2 Contact Forms
If you contact us via the website or request a demo or register for a webinar etc., we will use the data provided for the purpose of processing your request. We will keep a record of the correspondence.
5.3 Job Applications
Sprinklr processes the personal data provided in the context of a job application for the purpose of processing the application.
We use this information for the following purposes:
- assisting you in navigation;
- assisting in registration, login, and your ability to provide feedback;
- analyzing your use of our website; and
- assisting with our promotional and marketing efforts (including behavioral advertising).
How do I disable cookies?
If you want to disable cookies, please visit Cookie Preferences. You also can change your website browser settings to reject cookies. How you can do this will depend on the browser you use. Further details on how to disable cookies for the most popular browsers are set out below:
For Microsoft Internet Explorer:
Choose the menu “tools” then “Internet Options”
Click on the “privacy” tab
Select the setting the appropriate setting
For Google Chrome:
Choose Settings> Advanced
Under “Privacy and security,” click “Content settings”.
Choose Preferences > Privacy
Click on “Remove all Website Data”
For Mozilla firefox:
Choose the menu “tools” then “Options”
Click on the icon “privacy”
Find the menu “cookie” and select the relevant options
For Opera 6.0 and further:
Choose the menu Files”> “Preferences”
7. Website Analytics
8. Purposes of and Legal Basis for Processing
We process your personal data for the following purposes, subject to your consent where required by law:
- administer our relationship with you, including to respond to your inquiries or complaints;
- to provide any services or information you have requested and information about our products and services;
- to administer, operate, maintain, and improve the websites and our services;
- for efficient customer management relationship;
- to simplify access to some interactive features on our websites;
- to keep improving the way our websites work;
- to count how many persons visit our websites, where they come from, when they visit, how long they stay and what pages they look at;
- to associate your activity on our website in order to give us insights into products and services you might like and measure how our advertising performs;
- to note browser, OS and device details used to make sure you get a good online experience when you access our websites;
- to audit usage of the websites;
- to market and improve the services that we offer;
- Carry out research and statistical analysis including to monitor how all customers use our websites;
- to comply with applicable laws and regulations.
Sprinklr does not use automatic decision-making or profiling.
9. Data Sharing
Our policy is to not give, sell or otherwise distribute personal data we collect to third parties outside of Sprinklr (including Sprinklr affiliates), except where required with your express consent or where this is necessary and in accordance with applicable law. In line with this, we share personal data with the recipients listed below:
- Sprinklr Group Companies
We may share your personal data with affiliates entities of Sprinklr for the purposes specified above and as described under the section “International Data Transfers” below.
- Third-Party Service Providers
Your personal data may be disclosed to third party service providers, acting on our behalf, in connection with managing services, data analytics, marketing, finance, accounting or other administrative services and information technology support. These third-party service providers will have access to and process personal data only on our behalf and under our instructions and will be held to appropriate security obligations.
- Other data recipients
For the above purposes or where otherwise required by law, we may also need to make personal data available to third parties such as advisors, banks and financial institutions, professionals, independent consultants, potential or existing investors and/or acquirers (in connection with a merger, acquisition, or sale involving Sprinklr and/or affiliates entities of Sprinklr or as part of a corporate reorganization, stock or asset sale, or other change in corporate control), regulatory and/or administrative authorities, courts, police authorities.
Sprinklr may provide information, in response to properly made requests, for the purposes of the prevention and detection of crime, and the apprehension or prosecution of offenders, when required to do so by law, for example under a court order, or in response to properly made court or administrative demands. Sprinklr may also provide information for the purpose of safeguarding national security. In either case, Sprinklr will act in accordance with applicable data protection law.
10. Information Security
We use appropriate technical, organizational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction. We will also take all reasonable precautions to ensure that our staff and employees who have access to personal data about you have received adequate training.
11. International Data Transfers
In providing our services or websites to EU citizens, we may need to transfer your personal data outside the European Economic Area (“EEA”), including in countries that do not provide the same level of protection for personal data as in the EEA. In any case, we will only transfer personal data to recipients that provide an adequate level of data protection or as permitted by applicable data protection laws by implementing appropriate safeguards, including, but not limited to, relevant data transfer agreements based on the EU Standard Contractual Clauses, when needed.
If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using the European data protection authorities (EU DPAs) as an independent recourse mechanism. Sprinklr will cooperate with the DPAs in the investigation and resolution of complaints brought by you under the Privacy Shield. Sprinklr agrees to comply with any advice given by the DPAs where the DPAs take the view that the organization needs to take specific action to comply with the Privacy Shield Principles. Under certain conditions, it is possible for individuals to invoke binding arbitration before the Privacy Shield Panel.
12. Retention and Deletion
We process and store your personal data only for the period necessary to achieve the purpose of storage. If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.
13. Rights of the Data Subject
In accordance with applicable data protection law, you have a right to:
- obtain confirmation of the existence of, and to request a written copy of the personal information Sprinklr holds about you;
- have any inaccurate information about you corrected;
- have personal data we hold about you deleted, blocked or removed;
- withdraw your consent where relevant, without affecting the lawfulness of processing based on your consent before its withdrawal;
- restrict the processing we make in relation with your personal data;
- receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format in order to transmit them to another data controller;
- object to the use of your details for marketing activities and other promotional activities;
- lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data relating infringes applicable data protection law.
In case you wish to exercise any such rights, please send a request to email@example.com.
In addition to the above, you may revoke Sprinklr’s access to your personal data via the Google security settings page, found at https://security.google.com/settings/security/permissions.
14. Notice Concerning Children’s Information
Sprinklr does not direct any of its practices or system towards children. We are committed to respecting the privacy of children online. If Sprinklr learns that the information of a child under the age of 16 is stored, Sprinklr will promptly delete any such personal information.
17. Payment Card Industry Data Security Standard Compliant (PCI DSS)
The foundation of our platform is built on ensuring the privacy and security of our customers. Brands who accept credit card payments need a Cardholder Data Environment (CDE) that is Payment Card Industry Data Security Standard (PCI DSS) compliant. When accepting personal information from your customers, ensuring their data is protected is non-negotiable.
Sprinklr is PCI DSS compliant, which has been validated through a self-assessment as well a third-party review with a qualified security assessor or Attestation of Compliance (AOC). Sprinklr’s Modern Care is the first area of the platform to support this via our Live Chat feature.
Sprinklr’s CDE allows brands to transmit PCI secure information from their customers using Sprinklr Live Chat. Care agents can collect a customer’s credit card data and Personally Identifiable Information (PII) in a PCI compliant secure environment without moving between other communication channels to collect the information. Saving time and increasing purchase conversations while keeping customers happy and their information protected.