Sprinklr Privacy Notice

To make this Notice concise and to avoid repetition, we will use the following terms (these terms will apply whether used in a singular or plural and upper case or lower case).

• “Customer” means any organization or business that is a client of Sprinklr’s, has purchased Sprinklr’s Products, and has authorized its users to engage on the Sprinklr platform.

• “Personal Information” means any information that can be used to identify you.

• “Products” means Sprinklr products, modules, platforms, solutions or services provided by Us to our Customers (including demos and trials). Our Products which are predominantly powered by Artificial Intelligence, consolidate listening and insights, social media management, campaign lifecycle management and customer service in one unified platform. Sprinklr’s platform enables our Customers to connect, engage and service their own customers, including through the processing of publicly available online information and direct non-public online communications. We also provide enablement, success management, transformation, analytics and moderation services for our Customers. You can find more information about our Products by clicking on “Products” here, and additional information about our services is available here. We will use the term “Products” in this Notice to refer to the individual or multiple components that make up the Sprinklr offering. 

• “We” “Us” “Our” or “Sprinklr” means Sprinklr, Inc. 441, 9th Avenue 12th Floor, New York, NY 10001, USA and our affiliated or group companies. 

• “Websites” means sprinklr.com and any linked web pages hosted by us.

• “You” or “Your” means you (the person reading this), your organization, or the individual whose Personal Information is being processed

This Notice explains how we process your Personal Information as a data controller. For example, when we obtain data from public sources (which may happen to include your Personal Information), when you connect with Sprinklr, engage with the Sprinklr team, or use Sprinklr’s Products or Websites. This Notice applies to the Personal Information collected during the course of Sprinklr’s controller activities including: to manage its relationship with you, through your use of the Websites, or in relation to your interest, purchase, registration, login, and usage of our Products. For the purposes of this Notice, Sprinklr is the controller, because we are responsible for deciding what Personal Information is collected and how that Personal Information is processed. 

This Notice does not apply to Personal Information Sprinklr processes on behalf of our Customers. In those instances, our Customers are the controllers of the Personal Information and their privacy notices (rather than this Notice) will apply to the Personal Information they upload, ingest, create or store in our Products, as well as any Personal Information they may process from public sources through their use of Sprinklr’s Products. You can find more information on how we support our Customers, including Personal Information we may process at their instruction, in the section called “Sprinklr as a Service Provider and Processor,” below. 

This Notice also does not apply to Personal Information that is processed when you access third party sites through our Websites. Third party websites are governed by their own terms and privacy notices which will explain how your Personal Information is used. Sprinklr accepts no responsibility or liability for third party websites. 

The Personal Information we collect depends on your interaction and engagement with Sprinklr’s Websites or Products, as well as the business context through which it was collected. It comes from three basic sources:

1. Personal Information You Provide:

When you interact with our Websites, Products, or our personnel, we collect the Personal Information that you provide to us. This includes the Personal Information you provide on our Websites to obtain more information about Sprinklr’s Products, to subscribe to our content, to attend our events, or for any other purpose determined by you. It may also include Personal Information you provide to us so that we can set up and authenticate your Sprinklr account once you purchase our Products, as well as Personal Information obtained during our communications with you while we service your Sprinklr relationship. Personal Information you provide may include, but is not limited to:

• Contact and Profile Information, such as your name and email address, when you subscribe to our newsletters, request a demo, register for a webinar, or seek to download Sprinklr content and additional information, such as your profile image, contact information, language or other profile details you provide when you set up an account to use or purchase our Products;

• Relationship Management Information, such as details about payment and billing, including direct debit details, billing contacts, and payment cadence;

• Employment Information, such as the company you work for, your role at that company, company industry information, company contact information and business address;

• Commercial Records, such as records of Products being considered or purchased and information obtained through the sales process;

• General Geographic Location Data so that we can tailor our communications, language, obligations and services to your region;

• Communication Preferences regarding marketing content, areas of interest, records of consent, or other correspondence; and

• Communication Data, which may include records of calls or any other communications which may be used for training, monitoring and improvement purposes.

Note: by providing your mobile phone number, you consent to receiving SMS/MMS communications from Sprinklr. You can opt out of receiving these messages at any time by replying “STOP.”

2. Personal Information We Collect When You Use Our Products:

When you engage with our Websites or Products, we may also collect Personal Information automatically. This includes, but is not limited to:

• Usage Information, such as how you interact with our services, what pages you visit, what pages directed you to our Website, the date and time of your visit, which features and tools you access, access times, and what actions you took in our Products or Websites;

• Device Information such as your hardware and software, operating system, unique identifiers, including unique device identifiers, and IP addresses;

• Location Information; and

• Information collected via Cookies and Similar Technologies

3. Personal Information We Get From Third Parties:

Sprinklr may also receive Personal Information about you from other individuals, organizations, users, websites or online sources, affiliates, or third parties. This includes, but is not limited to: 

• Social Media Networks and accounts that are authenticated and connected to Sprinklr by our Customers, who may enable us to provide you with posts, followers, engagement metrics, and messages;  

• Third Party Applications that are integrated into Sprinklr by Customers who may provide us with account and usage information from the third party application or information we need to verify you, your identity, or location for legal or regulatory or other reasons such as fraud prevention;

• Sprinklr’s Authorized Resellers, partners, or third party service providers who may provide us with contact or commercial information, or who support us with advertising functions;

• Another entity, in the event of a merger or acquisition, who may provide us with commercial information and services purchased; and

• Public Sources, including public forums, information made publicly available on social media networks or other websites, or government entities that maintain public records, from which we may get any information that is made publicly available in accordance with the terms and policies of those underlying sites (Please remember that any Personal Information you choose to make publicly visible can be seen by anyone).

For details on what Personal Information Sprinklr may collect on behalf of our Customers, please review the section called “Sprinklr as a Service Provider and Processor,” below.

We process your Personal Information to provide you with a unique and valuable experience with Sprinklr, which involves:

• Providing, operating, and delivering our Products and Websites, including creating and maintaining your accounts and fulfilling your requests for resources and support;

• Communicating with you, including responding to your inquiries about Sprinklr’s Products or Websites, following up on your requests for information, webinars, or events, sending you marketing content (where you have permitted us to do so), and sending you service messages about your Sprinklr Products, or responding to support inquiries;

• Managing our Customer relationships, including servicing your account, managing your commercial contracts, and facilitating billing;

• Monitoring and enhancing the safety and security of our Websites and Products to address suspicious behavior, fraud, legal compliance, repairing and addressing bugs, and maintaining the integrity of our Products and Websites;

• For our own business purpose, such as analyzing performance trends and usage to enhance our Products and Websites, personalizing and improving your experience with our Products and Websites, marketing our Products, performing internal research to develop new Products, services or features, quality assurance, and for the maintenance of Sprinklr’s business records;

• Meeting our legal or regulatory compliance obligations and enforcing violations of our Terms of Use and other Policies or in the event of a corporate transaction such as a merger, sale, or acquisition; and

• Any other legitimate business purposes (always balancing our interests against yours), or where you have given your consent.

We may combine your Personal Information with information we have obtained from other sources, such as your use of (or connection with) multiple Products, to provide a unified, seamless, and valuable digital experience. We may also combine and enhance your Personal Information with information obtained from third party sources that are permitted to share that information with us.

Our processing of Personal Information includes both manual (human) and automated (computerized) methods, which support each other. Our automated methods include artificial intelligence (AI) and machine learning (ML) which may process publicly available data that includes Personal Information as a by-product. However, we do not make automated decisions that could have a significant legal impact on you without human intervention. 

Our policy is to not give, sell, or otherwise distribute the Personal Information we collect to third parties outside of Sprinklr unless we have your express consent. However, an exception applies to the parties listed below, circumstances where the third party is a service provider for us or our Products or Websites, or when deemed necessary and in accordance with applicable law.

The circumstances in which your Personal Information may be shared include:

• Affiliates: We may share your Personal Information with Sprinklr affiliates so that they can help provide Sprinklr’s Products and Websites, service your account, or troubleshoot concerns or support legitimate business operations;

• Authorized Parties: We share your Personal Information with authorized third party vendors and service providers which support the delivery of our Websites and Products (e.g., by providing technical infrastructure services, data processing, or analytics), enable our marketing activities (e.g., event sponsors or email vendors), parties who support our business operations, as well as Sprinklr’s professional advisors or auditors;

• Social Networks and Integrated Applications: We share Personal Information with social networks and integrated applications that Customers have chosen to authenticate and connect with Sprinklr;

• Legal Purposes: We may disclose Personal Information in response to legal demands such as subpoenas, court orders, law enforcement requests, legal claims or government inquiries, to detect fraud, or to protect the rights, interests, safety, and security of Sprinklr (including our Websites, Products, or Services, affiliates, owners, and users) or the public, to the extent we are legally required to;

• Business Transfers: We may share your Personal Information with third parties in connection with corporate transactions, such as sales, mergers, or consolidations; or

• With Your Consent and Instruction: We will also share your Personal Information where you have consented to such sharing, or as otherwise authorized by our Customers (e.g., with third party service providers that our Customers integrate into their Sprinklr platform).

Where we share your Personal Information with a third party, as legally required, we only do so when we have entered into written agreements with those third parties which contain data protection obligations that are no less protective than those in this Notice, our Data Processing Addendum, or other privacy commitments we have made to you, including in relation to the secure and legal onward transfer of Personal Information. We also ensure that any transfer of Personal Information to a third party who will be using the information for their own purposes is conducted in compliance with applicable data protection law.

Integration of Your Social Channel Accounts or Other Communication Accounts with Sprinklr

Sprinklr enables its Customers to connect their Gmail account using Oauth. If You connect Your Gmail account to Your Sprinklr Account it will allow Sprinklr to view Your email address and access Your emails to create them as a ticket within Sprinklr, and to transmit the service data to third-party applications listed on Sprinklr Marketplace that you integrate with Your Sprinklr Account as required to provide the services. This connection will further allow You to respond to Your emails directly from Sprinklr or send new emails to your Customers or other individuals or organizations.

Sprinklr’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy's App's, including the Limited Use requirement.

Sprinklr also enables Customers to connect their Google Drive using Oauth. If You connect Your Drive to Your Sprinklr Account it will allow Sprinklr to upload images and videos from Google Drive to our publisher and upload them in our asset manager, to publish the content across various social media channels using Sprinklr.

This allows the user an easier pathway to publish, preventing the additional steps of downloading an image from Google Drive and then uploading to Sprinklr. You may disconnect your accounts at any time.

This Google integration will not share the data with Google’s third-party AI models.

We will not share mobile information with third parties/affiliates for marketing/promotional purposes. All the above categories of Personal Information exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

The security of your Personal Information is of paramount importance to us. Sprinklr uses industry standard technical, organizational, and administrative security measures to protect any information (including Personal Information) we hold in our records from loss, misuse and unauthorized access, disclosure, alteration, and destruction. We will also take reasonable precautions to ensure that our staff and employees who have access to Personal Information have received adequate training. All employees who are permitted to handle Personal Information are subject to statutory or contractual confidentiality obligations and may only get access to Personal Information in accordance with Sprinklr’s access control policies. Sprinklr only keeps your Personal Information until it is no longer necessary for the purpose for which it was collected, for legitimate business purposes, or to comply with our legal obligations. You may request deletion of your Personal Information through the mechanism referenced in the section of this Notice called “Your Rights and Choices,” below. 

In accordance with applicable data protection laws, you may exercise certain rights over your Personal Information, which may include a right to obtain a copy of the Personal Information held about you, to request deletion and limit the use or disclosure of your Personal Information, and/or to withdraw consent for processing (where relevant). To exercise your rights, you can submit a request on our Security & Privacy request page or by emailing us at privacy@sprinklr.com. You also have the right to opt out of future marketing emails by using the “unsubscribe” link at the bottom of Sprinklr marketing email communications.

There are instances where we may ask for Personal Information to enhance your user experience or provide you with the most relevant content. Where Personal Information is not required and your provision of it is optional, you can choose not to share it, but it may mean that certain features on our Products or Websites may not be available to you. There are other instances, however, where we require Personal Information in order to enable access to certain Products and their features, or provide other services you have requested. For example, to create, authenticate, and log into your Sprinklr account, we will need your email address. You can decline to provide Personal Information if you’d prefer not to, or request deletion of that data, but that may mean we cannot have a relationship with you or you can’t use some of Sprinklr’s services, including our Products and Websites. We are happy to discuss this with you and find a solution, if possible. 

In addition to the rights and choices listed above, you may also have the right to lodge a complaint with a supervisory authority in your state or country of residence. In the United States, Sprinklr is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and, depending on your state of residence, you may also be able to submit complaints with your state Attorney General’s office. If you reside in the EU, you can lodge a complaint with the supervisory authority in your country of residence. United Kingdom residents may direct their complaints to the Information Commissioner's Office, Switzerland residents may file their complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC), and Brazil residents may contact the Autoridade Nacional de Protecaio de Dados. If you reside in a different country and need information about exercising your rights, please email privacy@sprinklr.com and we will do our best to help. 

In providing our Websites and Products, the Personal Information that we collect may be processed, stored, and used in the United States and other jurisdictions. These transfers are necessary so that we can operate and provide our Websites and Products, and so that we can fix, analyze, and improve our Websites and Products. You can find more information on the categories of third parties with whom we share data here.

The data protection laws of the countries to which we send Personal Information may vary from those in your country of residence. When we transfer Personal Information outside of your country of residence, where required by law, we carry out transfer impact assessments and ensure that there is an adequate transfer mechanism in place, such as standard contractual clauses. We also make sure that recipients of your Personal Information, especially third-party recipients, have an adequate transfer mechanism in place as well. This is to ensure an equivalent level of protection of your Personal is provided in those countries.

Sprinklr, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Sprinklr, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Sprinklr, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit dataprivacyframework.gov.

The Federal Trade Commission (FTC) has jurisdiction over Sprinklr, Inc.'s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). As noted in the section above regarding Your Rights and Choices, if you have a complaint that Sprinklr cannot resolve, Sprinklr cooperates with the relevant Data Protection Authorities for resolving disputes and binding arbitration is available to address residual complaints.

Sprinklr does not direct any of our business practices, Products, or Websites, directly or indirectly, towards children. We are committed to respecting the privacy of children online and ensuring that Sprinklr is compliant with the Children’s Online Privacy Protection Act (COPPA) and other all applicable laws. If we discover that we have collected and stored Personal Information from a child under the age of thirteen on our platform, we will promptly delete that information or notify the relevant Customer.

Sprinklr uses cookies (small text files containing a string of alphanumeric characters that we put on your computer or device) and other similar tracking technologies (like web beacons, pixels, tags, and scripts) to uniquely identify your browser and to gather information about how you interact with the Websites (collectively, “Cookies”).

Which Cookies Does Sprinklr Use?

We use Cookies to provide, protect, and improve our Websites. For example, we may use the cookies on your browser to recognize you from a prior visit to our Websites or to provide you with offers that may be of interest to you. Alternatively, we may use cookies or other technologies, like pixels which are embedded on Websites and content, to track user interactions, and to improve and develop our marketing and advertising efforts. Specifically, Sprinklr uses:

• Strictly Necessary Cookies, which are essential for our Websites to work as intended. Without these cookies, we would not be able to provide you with the Websites, like enabling content based on your device or remembering your language choices.

• Functional Cookies, which monitor performance of our Websites and are used to enhance your browsing experience. For example, our functional Cookies enable you to communicate with us via live chat.

• Marketing and Analytics Cookies, which help us understand user behavior on our Websites so that we can provide you with a more relevant or personalized experience with our Website content. For example, we may collect information about which pages you visit so we can present you with more relevant information. 

• Advertising Cookies, which help personalize and measure advertising on our Websites and other third party websites. For example, we may use our advertising cookies after you visit our Websites to serve you with a personalized ad based on the pages you visited. 

Some of these Cookies belong to Sprinklr, but other third parties also use Cookies on Sprinklr’s Websites to provide and service our Websites, marketing activities, and advertisements. For example, third-party Cookies can help us tailor ads from our Websites or measure the effectiveness of advertising and marketing campaigns.

Your Cookie preferences are based on your consent. You can manage your Cookie preferences in the following ways: 

• Make changes by clicking “Cookie Preferences” at the bottom of all of Sprinklr Websites; 

• Control Cookies on your browser, which you can learn about here; 

• Opt out of receipt of future email newsletters; and/or 

• Manage your Cookie preferences directly with third-party partners. 

Note that if you use multiple browsers on your device, you will need to instruct each browser separately on your Cookie preferences. Limiting Cookies is subject to each browser's settings and limitations, and some features of our Websites may not work if you decline the use of Cookies.  

You can find more information about the Cookies and similar technologies we use, by clicking “Cookie Preferences” in the footer of any Sprinklr Website. 

Sprinklr’s Products are intended for our Customers to consolidate listening and insights, social media management, campaign lifecycle management and customer service in one unified platform.  

For example, in order to provide our Products, Sprinklr allows our Customers and their users to:

• Add, upload, create or store Personal Information, including images, about their employees, purchasers, customers, contacts, or users in our Products;

• Integrate various social media networks, accounts, or other third party services through our Products in order to post content, including videos and images, and assess engagement, measure the success of campaigns, or respond to comments and messages, including direct messages made via social media platforms;

• Instruct Sprinklr to collect, analyze, and aggregate information, which may include Personal Information, from publicly available social media sites, blogs, forums, or other websites or Personal Information uploaded by the Customer or its users, so that Customers can, for example, monitor trends, assess public sentiment of their brand, and manage campaigns; or

• Use Sprinklr’s Products to collect Personal Information directly from you or your users, agents, and employees, by, for example:

  • Leveraging Sprinklr’s Products for their customer care functions in order to receive, manage, and respond to support tickets, inquiries, or questions; or

  • Deploying Sprinklr features throughout their social media accounts or websites (e.g., Link in Bio feature on Instagram; website chatbots; content publishing, etc.)

In all these instances, Sprinklr’s Customers are controllers of the Personal Information because they decide how and why your Personal Information is processed. Sprinklr is engaged as a service provider and processor to provide the Products and help our Customers achieve their objectives. When our Customers process Personal Information through our Products, they are responsible for ensuring that they do so in compliance with the law, including providing their customers and users with transparent notices. Our Customers are also responsible for validating any integrations they enable through our Products, as well as ensuring that their use of publicly available personal information complies with the terms of the social media networks or websites the personal information is obtained from.

Where Sprinklr is a service provider and processor for our Customers, our Customer’s privacy policies, rather than this one, will be applicable to the Personal Information processed, and we direct individuals to review those policies if they have any questions around how their data is obtained or processed within the Sprinklr Products or wish to exercise their rights (if any) with respect to that Personal Information.

Sprinklr’s processing activity as a service provider and processor is governed by the contracts we have with our Customers, including our Master Services Agreement and Data Processing Addendum (DPA) which includes limits on our processing and defines how we secure and protect the Personal Information we process for our Customers. Under the terms of those agreements, we will direct any data subject request you make to Sprinklr for Personal Information that we process as a processor under this section to our Customers. When we engage a third party to support with the services we’re providing to you, we accept liability for the acts and omissions of those third parties subject to the limitations of liability agreed with you in our Master Services Agreement.

If you have any questions about how the businesses you engage with processes your Personal Information, you should contact them directly. You can also refer to the privacy policies of the social media networks and websites that you interact with or where you post content to learn more about the privacy practices of those networks and sites.

This Privacy Notice is for Users in the European Economic Area (EEA) and UK (the “EEA/UK Notice”) and supplements the information included in our main Privacy Notice and applies to visitors, users, and individuals from the EEA and UK. The EEA/UK Notice provides you with more information on the types of Personal Information we collect and the purposes for which we use that data. All terms used in this EEA/UK Notice have the same meaning as set out in the EU General Data Protection Regulation and the UK General Data Protection Regulation (collectively, the “GDPR”).

Legal Basis and Purpose for Processing

Sprinklr is committed to the fair, transparent and lawful processing of your Personal Information and relies on a variety of legal bases for collecting and using Personal Information, including:

• As necessary to perform our contractual obligations to you, or take steps at your request before we enter into a contract with you;

• Where the processing is in our legitimate interest and is not overridden by your rights and freedoms;

• Where we have obtained your consent to do so. When we rely on consent, you may withdraw your consent at any time; or

• Where we have a legal obligation to process Personal Information.

Where we rely on legitimate interests to process your Personal Information, those interests are generally to maintain our relationships with you, operate our business and platform, to provide you with the Sprinklr Websites, Products, and services, to communicate with you, to respond to your questions or inquiries, to improve our platform, Websites, and Products, and to detect or prevent illegal activities.

Purpose of Processing: Providing and Improving Our Services

• Types of Personal Information: Contact Information, Commercial Records, Employment

  Information, Communication Preferences and Data, Location and Geographic Information, Usage Information, Device Information, Information Collected Via Cookies or Similar Technologies, Social Media Information, Information from Third Party Applications, Information from a Merger or Acquisition, Public Information

• Legal Basis: Contractual Necessity; Legitimate Interests to operate, maintain, and provide our services

Purpose of Processing: Analyzing Your Use of the Services

• Types of Personal Information: Location and Geographic Information, Usage Information, Device Information, Information Collected Via Cookies or Similar Technologies, Social Media Information, Information from Third Party Applications, Information from a Merger or Acquisition, Public Information

• Legal Basis: Legitimate Interests to operate, maintain, and provide our services, Consent

Purpose of Processing: Communicating With You In Relation to Sprinklr’s Products

• Types of Personal Information: Contact Information, Commercial Records, Employment

  Information, Communication Preferences and Data

• Legal Basis: Contractual Necessity; Legitimate Interests to respond to your requests for information; Consent; Compliance with Legal Obligations

Purpose of Processing: Communicating With You Through Marketing Communications

• Types of Personal Information: Contact Information, Commercial Records, Employment

  Information, Communication Preferences and Data

• Legal Basis: Legitimate Interests to respond to your requests for information; Consent 

Purpose of Processing: Promoting the Safety and Security of our Services

• Types of Personal Information: Contact Information, Commercial Records, Communication Preferences and Data, Location Information, Usage Information, Information Collected Via Cookies or Similar Technologies

• Legal Basis: Legitimate Interests to ensure the safety of our Products, Websites, and services; Compliance with Legal Obligations

Exercising Your Rights

Under applicable laws, you may have the right to access, rectify, port, or erase your Personal Information, as well as the right to restrict or object to certain processing of your Personal Information. To exercise your rights, you can either:

• Submit a request on our Security & Privacy request page; or

• Email us at privacy@sprinklr.com

You also have the right to opt out of marketing communications at any time by clicking the ‘unsubscribe’ link in the marketing emails you receive. You can exercise your options with respect to cookies through the “Cookie Preferences” link on the banner at the bottom of our Websites. We respond to all requests we receive in accordance with applicable data protection law.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Sprinklr commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

EU and UK Representatives

The GDPR requires non-EU entities to have an EU Representative when offering goods and services in the EU, or processing Personal Information of individuals in the EU:

• Sprinklr’s EU Representative: Sprinklr Germany, GmbH, c/o Office. One, Am Sandtorkai 27, 4th Floor, 20457 Hamburg, Germany. 

• Sprinklr’s UK Representative: Sprinklr UK Ltd., 123 Victoria St, Westminster, London SW1E 6RA, UK.   

Both can be contacted by email at privacy@sprinklr.com.

This Privacy Notice for California Residents (the “CA Notice”) supplements the information included in our main Notice and applies solely to visitors, users, and individuals who reside in the State of California. All terms used in this CA Notice have the same meaning as set out in the California Consumer Privacy Act of 2018 (CCPA) and California Privacy Rights Act (CPRA).

This section describes how we collect, use, disclose and share Personal Information of California residents in our capacity as a “business” under the CCPA and their rights with respect to that Personal Information. For purposes of this section, the term “Personal Information” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA. In some cases, we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section.

Your California Privacy Rights and Choices

California residents have specific rights listed below under the CCPA. These rights, however, are not absolute and in certain cases, we may decline your request as permitted by law.

• Information: You may request the following Information about how we have collected and used your Personal Information

  • The categories of Personal Information that we collected, including, under certain circumstances, in a portable format;

  • The categories of sources from which we collected Personal Information;

  • The business or commercial purpose for collecting, sharing, and/or selling Personal Information;

  • The categories of Personal Information that we sold or disclosed for a business purpose; and/or

  • The categories of third parties to whom the Personal Information was sold, shared, or disclosed for a business purpose.

• Access: You may request a copy of certain Personal Information that we have collected about you.

• Correction: You may ask us to correct inaccurate Personal Information that we have collected about you.

• Deletion: You may ask us to delete certain Personal Information that we have collected about you

• Opt-out:

  • Opt-out of certain processing for targeted advertising purposes. You may opt-out of certain processing of Personal Information for targeted advertising purposes.

  • Opt-out of the “sale” or “sharing” of personal data. We do not transfer your personal data to third parties in exchange for payment or other consideration. However, we may provide data to third party partners, such as advertising partners, analytics providers, and social networks, who assist us in advertising our products and services to you. Because these third parties may use this data for their own purposes, Sprinklr’s provision of data to these parties may be considered a data “sale” or “sharing” as those terms are defined under the CCPA and other applicable US privacy laws. You can opt out of targeted advertising and any related data “sales” or “sharing” here. 

• Non-discrimination: you are entitled to exercise the rights described above free from discrimination as prohibited by the CCPA.

Exercising Your Rights

To exercise your right to information, access, correction, and deletion, you can:

• Submit a request on our Security & Privacy request page;

• Email us at privacy@sprinklr.com; or

• Call us toll free at (917-933-7800)

Identity Verification & Authorized Agents

To process your information, access, correction, or deletion request, we may need to verify your identity and retain the right to confirm your California residency. To verify your identity, we may require government identification, a declaration under penalty of perjury, or other information, where permitted by law. The information you provide in a consumer request will only be used to verify your identity and promptly deleted. We commit to responding to all requests in accordance with California’s prescribed timeline.

If you choose to be represented by an authorized agent, they may submit a request on your behalf. However, we may need to verify your agent’s identity and their authority to act on your behalf, which might require documentation of a valid power of attorney pursuant to applicable state law. If you have not granted power of attorney to your agent, we may require you to take additional steps, as permitted by law, to verify your agent’s authorization. You may be required to provide your agent with written and signed consent to exercise your California privacy rights, provide us with the requested information to verify your identity and confirm that you have authorized your agent to submit the request. 

Sprinklr’s Data Processing Procedures

To provide you with access to our Websites and Products, it is necessary for us to process specific information about you, which may include Personal Information as defined by the CCPA. The table below outlines the Personal Information we may collect and share with third parties. It is important to note that any information you willingly provide through unstructured web forums may contain additional categories of Personal Information not identified below. You can learn more about what kind of information we collect and how we use it in our main Privacy Notice above

Categories of Personal Information 

• Identifiers;

• Commercial Information;

• Internet or Other Electronic Network Activity Information;

• Location Related Information;

• Audio or Visual information;

• Professional or Employment Information;

• Education Information;

• Financial Information; and

• Information Derived From Other Personal Information.

Personal Information (“PI”) we collect: Contact information

• CCPA statutory category: Identifiers, Commercial information, California customer records

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: Relationship management information

• CCPA statutory category: Commercial information, California consumer records, Financial information

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: Employment information

• CCPA statutory category: Professional or employment information

• Categories of third parties to whom we “sell” or “share” PI: None

Personal Information (“PI”) we collect: Commercial records

• CCPA statutory category: Commercial information, California consumer records, Financial information

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: General geographic location data

• CCPA statutory category: Identifiers, Location related information

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: Communication preferences

• CCPA statutory category: Identifiers, Commercial information, California customer records, Internet or network Information

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: Communication data

• CCPA statutory category: Identifiers, Commercial information, California customer records, Internet or network Information

• Categories of third parties to whom we “sell” or “share” PI: None

Personal Information (“PI”) we collect: Device data

• CCPA statutory category: Identifiers, Commercial information, California customer records, Internet or network Information

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: Online activity data

• CCPA statutory category: Identifiers, Commercial information, Internet or network Information

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: Data derived from the above

• CCPA statutory category: Inferences

• Categories of third parties to whom we “sell” or “share” PI: Advertising partners (to facilitate online advertising)

Personal Information (“PI”) we collect: Other sensitive personal information

• CCPA statutory category: Protected classification characteristics

• Categories of third parties to whom we “sell” or “share” PI: None

Parties with Whom the Categories of Personal Information May Be Shared

• Sprinklr Affiliates;

• Sprinklr Customers;

• Service Providers;

• New Owners in the event of a change of ownership or control of all or part of our Products or assets; and

• Law Enforcement or other third parties in connection with legal requests, as needed to comply with applicable law, or to prevent harm.

Notice Regarding Sensitive Personal Information

We do not use or disclose Sensitive Personal Information for purposes that California residents have a right to limit under the CCPA.

This Privacy Notice is for Brazil Residents (the “Brazil Notice”) and supplements the information provided in our main Privacy Notice as required Brazil’s data privacy law, Lei Geral de Proteção de Dados (LGPD). The Brazil Notice provides you with more information on the types of Personal Information we collect and the purposes for which we use that data. All terms used in this Brazil Notice have the same meaning as set out in LGPD.

Purpose and Duration of Processing

We are committed to processing your Personal Information in a lawful, transparent, and fair manner, relying on different legal bases for collecting and using this data, including the following:

• When it's necessary to fulfill our contractual obligations to you or take pre-contractual steps at your request.

• When processing aligns with our legitimate interests, and your rights and freedoms are not compromised.

• When we have your explicit consent for specific processing activities. You can withdraw consent at any time.

• When we're obligated by law to process your Personal Information.

For cases where our legitimate interests guide the processing, these interests generally involve maintaining relationships, business operations, providing Websites, Products, and services, communication, response to inquiries, enhancing our platform, Products, and Websites, and identifying and preventing illegal activities.

Sprinklr only stores your Personal Information until it is no longer necessary for the purpose for which it was collected, for legitimate business purposes, or to comply with our legal obligations.

Controller Information

For information regarding the controller’s identity and contact information, the information shared by the controller and the purpose, please refer to Sprinklr as a Service Provider or Processor in our main Privacy Notice above.

Data Subject Rights

Brazilian residents have the following rights identified in Article 18 of LGPD:

• Confirmation as to whether your information is being processed;

• Correct data if it is incomplete, inaccurate, or out of date;

• Anonymization, blocking, or deletion of unnecessary data or data handled contrary to LPGD regulations;

• Data portability;

• Deletion of processed personal data with the user’s consent (subject to exceptions under Article 16 of LGPD);

• Information about the public or private entities that the controller has shared data;

• Information about the option to decline consent and its implications; and

• Withdrawal of consent

Exercising Your Rights

Under applicable laws, you may have the right to access, rectify, port, or erase your Personal Information, as well as the right to restrict processing or object to certain processing of your Personal Information. To exercise your rights, you can:

• Submit a request on our Security & Privacy request page; or

• Email us at privacy@sprinklr.com

You also have the right to opt out of marketing communications at any time by clicking the ‘unsubscribe’ link in the marketing emails you receive. You can exercise your options with respect to cookies through the “Cookie Preferences” link on the banner at the bottom of our Websites. We respond to all requests we receive in accordance with applicable data protection laws.

Users from Brazil also have the right to complain to a data protection authority about our collection and use of your Personal Information through Autoridade Nacionalde Protecaiode Dados. Sprinklr's Data Protection Officer can be contacted at VeraSafe, 100 M Street S.E., Suite 600, Washington, D.C. 20003, USA, or at privacy@sprinklr.com.

We may update this Notice from time to time. Where appropriate or required by law, we will notify you about the new Notice by posting appropriate notice on our website. We encourage you to periodically review this Notice to stay informed about our Personal Information processing practices. We will revise the date at the top of this Notice when such changes are made so you know when the Notice was last modified.