Sprinklr Privacy Notice

To make this Notice concise and to avoid repetition, we will use the following terms (these terms will apply whether used in singular or plural and upper case or lower case):

• “Customer” means any organization or business that is a client of Sprinklr’s, has purchased Sprinklr’s Products, and has authorized its users to engage on the Sprinklr platform.

• “Personal Information” means any information that can be used to identify you.

• “Products” means Sprinklr products, modules, platforms, solutions or services provided by Us to our Customers (including demos and trials). Our Products form a unified customer experience management platform for social engagement and front office management. Sprinklr’s platform enables our Customers to connect, engage and service their own customers, including through the processing of publicly available online information. We also provide enablement, success management, transformation, analytics and moderation services for our Customers. You can find more information about our Products by clicking on “Products” here, and additional information about our services is available here. We will use the term “Products” in this Notice to refer to the individual or multiple components that make up the Sprinklr offering.

• “We” “Us” “Our” or “Sprinklr” means Sprinklr, Inc. 29 West 35th Street, New York, NY 10001, USA and our affiliated or group companies.

• “Websites” means sprinklr.com and any linked web pages hosted by us.

• “You” or “Your” means you (the person reading this), your organization, or the individual whose Personal Information is being processed.

This Notice explains how we process your Personal Information when you connect with Sprinklr, engage with the Sprinklr team or use Sprinklr’s Products or Websites.  This Notice applies to the Personal Information collected during the course of Sprinklr’s relationship with you, through your use of the Websites, or in relation to your interest, purchase, registration, login, and usage of our Products.  For the purposes of this Privacy Notice, Sprinklr is the controller, because we are responsible for deciding how your Personal Information is processed. 

This Notice does not apply to Personal Information Sprinklr processes on behalf of our Customers.   In those instances, our Customers are the controllers of the Personal Information and their privacy notices (rather than this Notice) will apply to the Personal Information they upload or store in our Products, as well as any Personal Information they may process from public sources through their use of Sprinklr’s Products.  You can find more information on how we support our Customers, including Personal Information we may process at their instruction, in the section called “Sprinklr as a Service Provider and Processor,” below.  

This Notice also does not apply to Personal Information that is processed when you access third party sites through our Websites.  Third party websites are governed by their own terms and privacy policies  which will explain how your Personal Information is used. Sprinklr accepts no responsibility or liability for third party websites.

The Personal Information we collect depends on your interaction and engagement with Sprinklr’s Websites or Products, as well as the business context through which it was collected. It comes from three basic sources: 

Personal Information You Provide: When you interact with our Websites or Products or our personnel, we collect the Personal Information that you provide to us. This includes the Personal Information you provide on our Websites in order to get more information about Sprinklr’s Products, to subscribe to our content, to attend our events, or for any other purpose determined by you. It may also include Personal Information you provide to us so that we can set up and authenticate your Sprinklr account once you purchase our Products, as well as Personal Information obtained during our communications with you while we service your Sprinklr relationship. Personal Information you may provide includes, but is not limited to:

• Contact and Profile Information, such as your name and email address, when you subscribe to our newsletters, request a demo, register for a webinar, or seek to download Sprinklr content; and additional profile information, such as your profile image, contact number, language or other profile details you provide when you set up an account to use or purchase our Products.

• Relationship Management Information, such as details about payment and billing, including direct debit details, billing contacts, and payment cadence; 

• Employment Information, such as the company you work for, your role at that company, company industry information, company contact information and business address;

• Commercial Records, such as records of Products being considered or purchased and information obtained through the sales process;  

• Geographic Location Data so that we can tailor our communications, language, obligations and services to your region;

• Communication Preferences regarding marketing content, areas of interest, records of consent, or other correspondence; and

• Communication Data, which may include records of calls or any other communications which may be used for training, monitoring and improvement purposes.

Personal Information We Get When You Use Our Products: When you engage with our Websites or Products, we may also collect Personal Information automatically. This includes, but is not limited to:

• Usage Information, such as how you interact with our services, what pages you visit, what pages directed you to our Website, the date and time of your visit, which features and tools you access, access times, and what actions you took in our Products or Websites;

• Device Information such as your hardware and software, operating system, unique identifiers, including unique device identifiers, and IP addresses; 

• Location Information; and 

• Information collected via Cookies and Similar Technologies. 

Personal Information We Get From Third Parties: Sprinklr may also receive Personal Information about you from other individuals, organizations, users, affiliates, or third parties. This includes, but is not limited to:

• Social Media Networks and accounts that are authenticated and connected to Sprinklr by our Customers, who may provide us with posts, followers, engagement metrics, and messages; 

• Third Party Applications that are integrated into Sprinklr by Customers who may provide us with account and usage information from the third party application or information we need to verify you or your identity or location for legal or regulatory or other reasons such as fraud prevention;

• Sprinklr’s Authorized Resellers, partners, or third party service providers who may provide us with contact information or commercial information, or who support us with advertising functions; 

• Another entity in the event of a merger or acquisition who may provide us with commercial information and services purchased; and

• Public Sources, including public forums, information made publicly available on social media networks or other websites, or government entities that maintain public records, from which we may get any information that is made publicly available in accordance with the terms and policies of those underlying sites (Please remember that any Personal Information you choose to make publicly visible can be seen by anyone). 

For details on what Personal Information Sprinklr may collect on behalf of our Customers, please review the section called “Sprinklr as a Service Provider and Processor,” below.

We process your Personal Information to provide you with a unique and valuable Sprinklr experience, including:

• Providing, operating, and delivering our Products and Websites, including creating and maintaining your accounts and fulfilling your requests for resources and support; 

• Communicating with you, including responding to your inquiries about Sprinklr’s Products or Websites, following up on your requests for information, webinars, or events, sending you marketing content (where you have permitted us to do so), and sending you service messages about your Sprinklr Products, or responding to support inquiries; 

• Managing our Customer relationships, including servicing your account, managing your commercial contracts, and facilitating billing; 

• Monitoring and enhancing the safety and security of our Websites and Products to address suspicious behavior, fraud, legal compliance, repairing and addressing bugs, and maintaining the integrity of our Products and Websites; 

• For our own business purpose, such as analyzing performance trends and usage to enhance our Products and Websites, personalizing and improving your experience with our Products and Websites, marketing our Products, performing internal research to develop new Products, services or features, quality assurance, and for the maintenance of Sprinklr’s business records; 

• Meeting our legal or regulatory compliance obligations and enforcing violations of our Terms of Use and other Policies or in the event of a corporate transaction such as a merger, sale, or acquisition; and

• Any other legitimate business purposes (always balancing our interests against yours), or where you have given your consent. 

We may combine your Personal Information with information we have obtained from other sources, such as your use of (or connection with) multiple Products, to provide a unified, seamless, and valuable digital experience. We may also combine and enhance your Personal Information with information obtained from third party sources that are permitted to share that information with us.

Our processing of Personal Information includes both manual (human) and automated (computerized) methods, which support each other.  Our automated methods include artificial intelligence (AI) and machine learning (ML).  However, we do not make automated decisions that could have a significant legal impact on you without human intervention.

Our policy is to not give, sell, or otherwise distribute the Personal Information we collect to third parties outside of Sprinklr, other than those listed below, except with your express consent, where the third party is a service provider for us or our Products or Websites, or where this is necessary and in accordance with applicable law.  

The circumstances in which your Personal Information may be shared include:

• Affiliates: We may share your Personal Information with Sprinklr affiliates so that they can help provide Sprinklr’s Products and Websites, service your account, or troubleshoot concerns or support legitimate business operations;

• Authorized Parties: We share your Personal Information with authorized third party vendors and service providers which support the delivery of our Websites and Products (e.g., by providing technical infrastructure services, data processing, or analytics), enable our marketing activities (e.g., event sponsors or email vendors), parties who support our business operations, as well as Sprinklr’s professional advisors or auditors;

• Social Networks and Integrated Applications: We share Personal Information with social networks and integrated applications Customers have chosen to authenticate and connect with Sprinklr; 

• Legal Purposes: We may disclose Personal Information in response to legal demands such as subpoenas, court orders, law enforcement requests, legal claims or government inquiries, to detect fraud, or to protect the rights, interests, safety, and security of Sprinklr (including our Websites, Products, or Services, affiliates, owners, and users) or the public, to the extent we are legally required to.

• Business Transfers: We may share your Personal Information with third parties in connection with corporate transactions, such as sales, mergers, or consolidations;

• With Your Consent and Instruction: We will also share you Personal Information where you have consented to such sharing, or as otherwise authorized by our Customers (e.g., with third party service providers that our Customers integrate into their Sprinklr platform)

Where we share your Personal Information, as legally required, we either (i) enter into written agreements with recipients who process Personal Information on behalf of Sprinklr which contain data protection obligations that are no less protective than those in this Notice or our Data Protection Addendum; or (ii) ensure that any transfer of Personal Information to a third party who will be using the information for their own purposes is conducted in compliance with applicable data protection law.

The security of your Personal Information is of paramount importance to us. Sprinklr uses industry standard technical, organizational, and administrative security measures to protect any information (including Personal Information) we hold in our records from loss, misuse and unauthorized access, disclosure, alteration, and destruction.  We will also take all reasonable precautions to ensure that our staff and employees who have access to Personal Information have received adequate training. All employees who are permitted to handle Personal Information are subject to statutory or contractual confidentiality obligations and may only get access to Personal Information in accordance with Sprinklr’s access control policies. Sprinklr keeps your Personal Information until it is no longer necessary for the purpose for which it was collected, for legitimate business purposes, or to comply with our legal obligations. You can request deletion of your Personal Information through the mechanism referenced in the section of this Notice called “Your Rights and Choices,” below.

In accordance with applicable data protection law, you can exercise certain rights over your Personal Information, such as obtaining a copy of the Personal Information held about you, requesting deletion of your Personal Information, opting out of future communications, or withdrawing consent for processing (where relevant).  To exercise your rights, you can submit a request on our Security & Privacy request page or email us at privacy@sprinklr.com. You can also unsubscribe from emails using the “unsubscribe” link at the bottom of Sprinklr email communications.

There are instances where we may ask for Personal Information to enhance your user experience or provide you with the most relevant content.  Where Personal Information is not required and your provision of it is optional, you can choose not to share it, but it may mean that certain features on our Products or Websites may not be available to you. There are other instances, however, where we require Personal Information in order to enable access to certain Product features or Products, or provide other services you have requested.  For example, to create, authenticate, and log into your Sprinklr account, we will need your email address. You can decline to provide Personal Information if you’d prefer not to, or request deletion of that data, but that may mean we cannot have a relationship with you or you can’t use some of Sprinklr’s services, including our Products and Websites. We are happy to discuss this with you to find a solution if possible.

In addition to the rights and choices listed above, you may also have the right to lodge a complaint with a supervisory authority in your state or country of residence.  In the United States, Sprinklr is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and, depending on your state of residence, you may also be able to submit complaints with your state Attorney General’s office. If you are visiting from the EU, you can lodge a complaint with the supervisory authority in your country of residence.  Visitors from the United Kingdom may direct their complaints to the Information Commissioner's Office and visitors from Brazil may contact the Autoridade Nacional de Protecaio de Dados. If you reside in a different country and need information about exercising your rights, please email privacy@sprinklr.com and we will do our best to help.

In providing our Websites and Products, the Personal Information that we collect may be processed, stored, and used in the United States and other jurisdictions. These transfers are necessary so that we can operate and provide our Websites and Products, and so that we can fix, analyze, and improve our Websites and Products. You can find more information on the categories of third parties with whom we share data here. 

The data protection laws of the countries to which we send Personal Information may vary from those in your country of residence.  When we transfer Personal Information outside of your country of residence, where required by law, we carry out transfer impact assessments and ensure that there is an adequate transfer mechanism in place, such as standard contractual clauses.  We also make sure that any recipients of your Personal Information, especially third party recipients, have an adequate transfer mechanism in place as well. This is to ensure an equivalent level of protection of your Personal is provided in those countries.  

Although Sprinklr no longer relies on the Privacy Shield Framework as a data transfer mechanism, we remain part of the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce, regarding our collection, use, and retention of Personal Information from the European Union and Switzerland in the United States.  Sprinklr has certified to the Department of Commerce that it adheres to the Privacy Shield Principles and to the extent there is a conflict between the terms of this Notice and the Privacy Shield Principles the Privacy Shield Principles shall govern (as permitted under EU law).  As noted in the section regarding Your Rights and Choices, above, if you have a complaint that Sprinklr cannot resolve, Sprinklr cooperates with the relevant Data Protection Authorities for resolving disputes and  binding arbitration is available to address residual complaints. To learn more about the Privacy Shield Program and to view our certification page, please visit www.privacyshield.gov.

Sprinklr does not direct any of our business practices, Products, or Websites, directly or indirectly, towards children.  We are committed to respecting the privacy of children online and ensuring that Sprinklr is compliant with the Children’s Online Privacy Protection Act (COPPA) and other all applicable laws. If we learn that the Personal Information of a child under the age of thirteen is stored on our platform, we will promptly delete that information or notify our Customers.

Please click here to read our cookie policy and find out more about use of cookies at Sprinklr.

Sprinklr’s Products are intended for use by our Customers to manage their customer experience and marketing functions, including social media integration and engagement, advertising, benchmarking, research, and customer care support.  In order to provide our Products, Sprinklr allows our Customers and their users to, for example:

• Add, upload, or store Personal Information including images about their employees, purchasers, customers, contacts, or users in our Products;

• Integrate various social media networks, accounts, or other third party services through our Products in order to post content, including videos and images, and assess engagement, measure the success of campaigns, or respond to comments and messages, including direct messages made via social media platforms;

• Instruct Sprinklr to collect, analyze, and aggregate information, which may include Personal Information, from publicly available social media sites, blogs, forums, or other websites or Personal Information uploaded by the Customer or its users, so that Customers can, for example, monitor trends, assess public sentiment of their brand, and manage campaigns; or  

• Use Sprinklr’s Products to collect Personal Information directly from you or your users, agents and employees, by, for example:

  • Leveraging Sprinklr’s Products for customer care functions in order to receive, manage, and respond to support tickets, inquiries, or questions; or

  • Deploying Sprinklr features throughout their social media accounts or websites  (e.g., Link in Bio feature on Instagram; website chatbots, content publishing etc.) 

In all these instances, Sprinklr’s Customers are controllers of the Personal Information because they decide how or why your Personal Information is processed.  Sprinklr is engaged as a service provider and processor to provide the Products and help our Customers achieve their objectives.  When our Customers process Personal Information through our Products, they are responsible for ensuring that they do so in compliance with the law, including providing their customers and users  with transparent notices. Our Customers are also responsible for validating any integrations they enable through our Products, as well as ensuring that their use of publicly available personal information complies with the terms of the social media networks or  websites the personal information is obtained from. 

Where Sprinklr is a service provider and processor for our Customers, our Customer’s privacy policies, rather than this one, will be applicable to the Personal Information processed, and we direct individuals to review those policies if they have any questions around how their data is obtained or processed within the Sprinklr Products.  

Sprinklr’s processing activity as a service provider and processor is governed by the contracts we have with our Customers, including our Master Services Agreement and Data Processing Addendum (DPA) which includes limits on our processing and defines how we secure and protect the Personal Information we process for our Customers.  Under the terms of those agreements, we will direct any data subject request you make to Sprinklr for Personal Information that we process as a processor under this section to our Customers.

If you have any questions about how the businesses you engage with process your Personal Information, you should contact them directly.  You can also refer to the privacy policies of the social media networks and websites that you interact with or where you post content to  to learn more about the privacy practices of those networks and sites.

This Supplemental Privacy Notice for Users in the European Economic Area (EEA) and UK (the “EEA/UK Notice”) supplements the information included in our main Privacy Notice and applies to visitors, users, and individuals from the EEA and UK.  The EEA/UK Notice provides you with more information on the types of Personal Information we collect and the purposes for which we use that data.  All terms used in this EEA/UK Notice have the same meaning as set out in the EU General Data Protection Regulation and the UK General Data Protection Regulation (collectively, the “GDPR”). 

Legal Basis for Processing 

Sprinklr is committed to the fair, transparent and lawful processing of your Personal Information and relies on a variety of legal bases for collecting and using Personal Information, including:

• As necessary to perform our contractual obligations to you, or take steps at your request before we enter into a contract with you;

• Where the processing is in our legitimate interest and is not overridden by your rights and freedoms; 

• Where we have obtained your consent to do so. When we rely on consent, you may withdraw your consent at any time (though withdrawal of consent does not impact the lawfulness of processing based on consent prior to its withdrawal); or

• Where we have a legal obligation to process Personal Information.

Where we rely on legitimate interests to process your Personal Information, those interests are generally to maintain our relationships with you, operate our business and platform, to provide you with the Sprinklr Websites, Products, and services, to communicate with you, to respond to your questions or inquiries, to improve our platform, Websites, and Products, and to detect or prevent illegal activities. 

Purpose of Processing: Providing and Improving Our Services

• Types of Personal Information:Contact Information, Commercial Records, Employment Information, Communication Preferences and Data, Location  and Geographic Information, Usage Information, Device Information,Information Collected Via Cookies or Similar Technologies, Social Media Information, Information from Third Party Applications, Information from a Merger or Acquisition, Public Information 

• Legal Basis:Contractual Necessity; Legitimate Interests to operate, maintain, and provide our services

Purpose of Processing: Analyzing Your Use of the Services

• Types of Personal Information:Location  and Geographic Information, Usage Information, Device Information,Information Collected Via Cookies or Similar Technologies, Social Media Information, Information from Third Party Applications, Information from a Merger or Acquisition, Public Information 

• Legal Basis: Legitimate Interests to operate, maintain, and provide our services, Consent

Purpose of Processing: Communicating With You In Relation to Sprinklr’s Products

• Types of Personal Information:Contact Information, Commercial Records, Employment Information, Communication Preferences and Data

• Legal Basis:  Contractual Necessity; Legitimate Interests to respond to your requests for information; Consent; Compliance with Legal Obligations

Purpose of Processing: Communicating With You Through Marketing Communications

• Types of Personal Information:Contact Information, Commercial Records, Employment Information, Communication Preferences and Data

• Legal Basis:  Legitimate Interests to respond to your requests for information; Consent 

Purpose of Processing: Promoting the Safety and Security of our Services

• Types of Personal Information:Contact Information, Commercial Records, Communication Preferences and Data, Location Information, Usage Information, Information Collected Via Cookies or Similar Technologies 

• Legal Basis:Legitimate Interests to ensure the safety of our Products, Websites, and services; Compliance with Legal Obligations

Exercising Your Rights

Under applicable laws, you may have the right to access, rectify, port, or erase your Personal Information, as well as the right to restrict processing or object to certain processing of your Personal Information. To exercise your rights, you can either:

• Submit a request on our Security & Privacy request page; or

• Email us at privacy@sprinklr.com 

You also have the right to opt out of marketing communications you receive at any time by clicking the ‘unsubscribe’ link in the marketing emails you receive.  You can exercise your options with respect to cookies through the “Cookie Preferences” link on the banner at the bottom of our Websites.  We respond to all requests we receive in accordance with applicable data protection law. 

You also have the right to complain to a data protection authority about our collection and use of your Personal Information, which you can do with either the supervisory authority in the EEA or the Information Commissioner's Office in the UK. 

EU and UK Representatives

The GDPR requires non-EU entities to have an EU Representative when offering goods and services in the EU, or processing Personal Information of individuals in the EU:

• Sprinklr’s EU Representative: Sprinklr Germany, GmbH, Alter Wall 67 – 69, 20457 Hamburg, Germany. 

• Sprinklr’s UK Representative:  Sprinklr UK Ltd., 123 Victoria St, Westminster, London SW1E 6RA, UK.   

Both can be contacted by email at privacy@sprinklr.com.

This Supplemental Privacy Notice for California Residents (the “CA Notice”) supplements the information included in our main Notice and applies solely to visitors, users, and individuals who reside in the State of California. All terms used in this CA Notice have the same meaning as set out in the California Consumer Privacy Act of 2018 (CCPA) and California Privacy Rights Act (CPRA). 

Sprinklr’s Information Practices

To provide you with our Websites and Products, we process information about you which may include Personal Information, as defined under California law. You can learn more about what kind of information we collect and how we use it in our main Privacy Notice, above, but the following is a summary of the California specific categories of Personal Information we collect and, depending on our Websites or Products, how we use it or share it:

Categories of Personal Information 

• Identifiers

• Commercial Information

• Internet or other electronic network activity information

• Location related information

• Audio or Visual information

• Professional or Employment Information

• Education Information

• Financial Information

• Information Derived from other Personal Information 

Examples of how Sprinklr uses Personal Information

• To provide our Websites, Products, and services to you;

• To personalize our Products and Services to you, where relevant;

• To communicate with you; and

• To promote the safety and security of our Products and Websites

Parties with Whom the Categories of Personal Information May Be Shared

• Sprinklr Affiliates;

• Sprinklr Customers;

• Service Providers;

• New Owners in the event of a change of ownership or control of all or part of our Products or assets; and

• Law Enforcement or other third parties in connection with legal requests, as needed to comply with applicable law, or to prevent harm

Your Rights and Choices

California residents have specific rights regarding their Personal Information, including the right to request disclosure about our collection, use, and disclosure of your Personal Information.  Depending on the nature of your request, our response may provide you with information about:

• The specific pieces of Personal Information we collected about you, including, under certain circumstances, in a portable format.

• The categories of Personal Information we collected about you.

• The categories of sources for the Personal Information we collected about you.

• The categories of your Personal Information that we disclosed for a business purpose.

• The categories of third parties with whom we disclosed that personal information for a business purpose.

• Our business or commercial purpose for collecting or disclosing that Personal Information.

CA residents may also request deletion of their Personal Information. The CCPA also provides a right to opt out of the sale of your Personal Information. At this time, we do not sell your Personal Information.  To the extent that the sharing of cookie information for purposes of targeted advertising constitutes a “sale” under California law, you can exercise your options with respect to cookies through the “Cookie Preferences” link on the banner at the bottom of our Websites.

Exercising Your Rights

To exercise your rights, you can either:

• Submit a request on our Security & Privacy request page; or

• Email us at privacy@sprinklr.com 

You also have the right to opt out of marketing communications you receive at any time by clicking the ‘unsubscribe’ link in the marketing emails you receive. 

Only you or someone legally authorized by you can make a consumer request on your behalf.  If we do not receive enough information through your request to authenticate you, we may request additional information so that we can ensure you are who you say you are. We will only use the information you provide us in a consumer request to verify your identity.  We respond to all requests we receive in accordance with California’s regulatory timelines. 

Other California Privacy Rights

Under California’s “Shine the Light” Law (Civil Code Section § 1798.83), users of our Websites who are California residents can request certain information regarding disclosures of Personal Information to third parties for direct marketing purposes.  Specifically, individuals who are California residents can request: (a) a list of the categories of Personal Information disclosed by Sprinklr to third parties during the preceding calendar year for Sprinklr’s own direct marketing purpose; and (b) a list of the categories of third parties to whom Sprinklr disclosed that information. To make such a request, please reach out to privacy@sprinklr.com.  Note that additional information may be required to authenticate your identity, and we are only obligated to respond to such requests once during the calendar year.

We may update this Notice from time to time. Where appropriate or required by law, we will notify you about the new Notice by posting appropriate notice on our website. We encourage you to periodically review this Notice to stay informed about our Personal Information processing practices. We will revise the date at the top of this Notice when such changes are made so you know when the Notice was last modified.