Certinia.com, inc. and its subsidiaries (“Certinia”) are committed to protecting the privacy of individuals who visit our websites, who use our online enterprise resource planning and related applications and services (the “Services”), who register to attend our events, and from whom we collect personal information through other means. This Privacy Statement describes Certinia’s privacy practices in relation to the use of our websites and Services, and personal information we collect through the other means described below, as well as individuals’ choices regarding use, access and correction of personal information.

Certinia complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Certinia has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Certinia’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.

If you have questions or complaints regarding Certinia’s Privacy Statement or associated practices, please contact us at [email protected]. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.  Certinia will cooperate with JAMS pursuant to the JAMS International Mediation Rules, which are accessible on the JAMS website at https://www.jamsadr.com/rules-international.  If neither Certinia nor our third-party dispute resolution process resolves your complaint, you may have the possibility to engage in binding arbitration through the Privacy Shield Panel.

When you visit our websites, or provide personal information to us through other means, you consent to the use of your information as described in this Privacy Statement.

1. Websites covered

This Privacy Statement covers the information practices of websites that link to this Privacy Statement. These currently include websites containing the domain “financialforce.com” (including, for example www.financialforce.com and help.financialforce.com), the Certinia Customer Community websites containing the domain erp.force.com/communityerpfrankencloud.com and saleslovesfinance.com. These websites are collectively referred to as the “Certinia websites” or “our websites” in this Privacy Statement.

Salesforce.com, inc. and its subsidiaries (“Salesforce”) host our Services, as well as some of the systems we use to store and process information we receive from website visitors, event attendees, job applicants and individuals with whom we interact through email, other messaging systems, or telephone. This means that information submitted to our Services, and some other information Certinia receives from you, is stored and maintained in accordance with Salesforce’s Privacy Statement, which can be viewed here: http://www.salesforce.com/company/updated_privacy.jsp. Our Privacy Statement does not create any obligation on the part of Salesforce.

Our websites may contain links to other websites. The information practices or the content of such other websites is governed by the privacy statements of such other websites. We encourage you to review the privacy statements of other websites to understand their information practices.

2. Personal information collected

Certinia collects the following personal information.

Web registration information. When you use our website to request information about us or our Services, register for a demonstration of our Services, register to attend an event, apply to join our partner program, or request access to restricted areas of our website (such as, for example, Xtra or our Customer Community), we collect personal information that may include your name, company name, business address, phone number, job title, email address, whether you use Salesforce services, information about your business needs, the number of users of our Services you require, and how you heard about us. In the case of event attendees, personal information may also include your travel information, and in the case of partners, it may include a description of the benefits you can bring to our customers.

Telephone prospect information. If we telephone you, or you telephone us, to discuss our Services or events, we may collect personal information from you, including your name, company name, business address, phone number, job title, email address, whether you use Salesforce services, information about your business needs, the number of users of our Services you require, and, if you telephoned us, how you heard about us, and any other information you choose to share with us by telephone.

Billing information. When you purchase Services, Certinia may require you to provide us with financial qualification and billing information, such as billing name and address, credit card number, and the number of your employees who you expect to use our Services.

Email and messaging information. If you email us or contact us via a messaging service (such as, for example, Skype), we may keep your message, email address or user name, and contact information.

Job applicant information. If you apply for employment with us on our website or through other channels, we will collect personal information from you, including your name, address, telephone number, email address, information about your eligibility to work, prior employment and education information, compensation information, names and contact information of references, and criminal convictions, and may also collect work-related information about you from references. If you apply for a job with us, we may also collect from you information needed to conduct a background check, such as government issued identification numbers (for example, a Social Security Number and driver’s license number) and places where you have lived. As part of a background check, we may collect information about your prior education and employment, and any criminal history or appearance on lists of persons subject to government sanctions, such as export-control and government contract debarment lists.

Website navigational information. As you navigate our websites, Certinia may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“website navigational information”). Website navigational information includes standard information from your web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on our websites (such as the web pages viewed and the links clicked). For additional information about the collection of Website navigational information by Certinia and others, please click here.

3. Use of information collected

Certinia uses the personal information we collect as follows:

Web registration information, telephone prospect information, billing information (except credit card information) and email and messaging information.

Credit card information. We use credit card information solely to check the financial qualifications of prospective customers and to collect payment for the Services and events.

Email and messaging information. We may use your contact information from email and other types of messages to respond to your requests and to send you information about our Services and events. You may unsubscribe by following the instructions contained within the notification or by sending an email to [email protected]. You cannot opt out of receiving transactional emails related to your account or use of the Services.

Job application information. We use job applicant information to evaluate and communicate applicants as candidates for open positions at Certinia, and if applicable, in our hiring process.

Website navigational information. Certinia uses website navigational information to operate and improve our websites. We may also use website navigational information alone or in combination with web registration information, telephone prospect information, billing information (other than credit card information) and email and messaging information to provide personalized information about us and our Services. For additional information about the use of website navigational information, please click here.

4. Website navigational information

Links. Certinia may keep track of how you interact with links in our websites and email messages, and with links to our websites in other companies’ websites and email messages. We do this to help improve our websites and Services, target our marketing efforts, and provide more relevant information to prospective customers.

Cookies and Web Beacons. As you navigate our websites, we may collect information, such as browser type and browser language, your Internet Protocol (“IP”) address, and the actions you take on websites, such as the web pages viewed and the links clicked. We do this using common information-gathering tools, such as cookies and web beacons. Our Cookies and Do Not Track web page lists all local and some third-party cookies that we use on our websites, and enables you to opt out of certain types of cookies.

Log Data. When you use our websites, Certinia may receive information (“Log Data”) such as your IP address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device information (including device and application IDs), search terms, and cookie information. We receive Log Data when you interact with our websites or our email notifications. We use Log Data to provide, understand, and improve our Services, and to improve our other websites and our marketing.

IP Addresses. When you visit Certinia’s websites, we collect your Internet Protocol (“IP”) addresses to track and aggregate non-personally identifiable information. For example, we use your IP addresses to monitor the geographical regions from which you navigate our websites.

Social Media Features. Certinia’s websites may use social media features, such as the Facebook ‘like’ button (“Social Media Features“). These features may collect your IP address and which page you are visiting on our website, and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities on our website to a profile page of yours that is provided by a third party social media network in order to share with others within your network. Social Media Features are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features.

Do Not Track. Currently, various browsers – including Chrome, Internet Explorer, Firefox, and Safari – offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user’s browser DNT preference setting. You can view your browser’s Do Not Track setting on our Cookies and Do Not Track web page. If our website detects your browser’s Do Not Track setting as “On,” you will be opted out of third-party cookies on our websites wherever possible.

5. Public forums and customer testimonials

Certinia may provide bulletin boards, blogs, or chat rooms on our websites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums.

We post a list of customers and testimonials on our websites that contain information such as our customers’ names and titles. We obtain the consent of each customer prior to posting any information on such a list or posting testimonials.

6. Information sharing and disclosure

Certinia does not share, sell, rent, or trade personally identifiable information with third parties for their promotional purposes. However, we may share or disclose your information under the following circumstances:

Your Consent. We may share or disclose your information at your direction.

Certinia Affiliates. Certinia may share Web registration information, telephone prospect information, billing information (except credit card information), email and messaging information, job applicant information and website navigational information with other our affiliated companies in order to work with them. For example, the Company may need to share such information as part of a sales cycle with an international customer, or to provide account management for an international customer, or to evaluate a job candidate for a role with an international scope.

Salesforce. Data entered into our Services by our customers is stored by Salesforce. Salesforce’s use and disclosure of that data is described here. We also provide to Salesforce our customers’ billing data (but not credit card information) and information about our Services purchased by our customers, to enable Salesforce to provide the Services and, if needed, customer support.

Other Service Providers. We engage service providers in addition to Salesforce to perform functions and provide services to us in the United States and abroad. We may share your private personal information with such service providers subject to confidentiality obligations consistent with this Privacy Statement, and on the condition that the third parties use your private personal data only on our behalf and pursuant to our instructions. We share your billing name and address, and credit card number with payment services providers to process payments; prevent, detect and investigate fraud or other prohibited activities; facilitate dispute resolution such as chargebacks or refunds; and for other purposes associated with the acceptance of credit or debit cards.

Business Partners. From time to time, Certinia may partner with other companies to offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from us, we may share data about you collected in connection with your purchase or expression of interest with our joint promotion partners. We do not control our business partners’ use of your personal information, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.

Events. Certinia does not share with our business partners information we receive about you through your registration for or attendance of events unless: (1) you specifically opt in to such sharing via an event registration form; or (2) you attend an event and allow Certinia or any of its designees to scan your attendee badge. If you do not wish for your information to be shared in this manner, you may choose not to opt in via event registration forms and elect not to have your badge scanned at our events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements.

Law and Harm. Notwithstanding anything to the contrary in this Privacy Statement, we may preserve or disclose your information if we believe that it is reasonably necessary to comply with a law, regulation or a legal request; to protect the safety of any person; to address fraud, security or technical issues; or to protect our rights or property. However, nothing in this Privacy Statement is intended to limit any legal defenses or objections that you may have to a third party’s request to disclose your information, including a government’s request for the same.

Change of Control and Affiliates. In the event that Certinia is involved in a bankruptcy, merger, acquisition, reorganization or sale of assets, your information may be sold or transferred as part of that transaction. This Privacy Statement will apply to your information as transferred to the new entity. We may also disclose information about you to our corporate affiliates in order to help provide, understand, and improve our Services and improve our websites and marketing.

Third Parties. Certinia does not authorize the collection of personal information by third parties through advertising technologies deployed on our websites, nor do we share personal information collected from our websites with any third parties, except as provided in this Privacy Statement.

Public and Non-personal Information. We may share or disclose your non-private, aggregated or otherwise non-personal information, such as your comments or posts to our public forums, including our blogs and bulletin boards or your chat messages in our chat rooms.

Contracts and Liability.  If you are a resident of the EU or Switzerland, Certinia will not transfer your personal information to any third party except under a contract with the third party that restricts the third party’s access, use and disclosure of personal information in compliance with our Privacy Shield obligations, and Certinia may be liable if the third party fails to meet those obligations and we are responsible for the event giving rise to damage. 

7. International transfer of information collected

Certinia primarily stores personal information described in this Privacy Statement in the United States. To facilitate our global operations, we may transfer and access such information from around the world, including from other countries in which we have operations. A list of our global offices is available here. Irrespective of which country you reside in or supply information from, you authorize us to use your information in the United States and any other country where we operate. This Privacy Statement shall apply even if we transfer your personal data to other countries.

8. Customer data

Certinia customers may use the Services to host their own data, which may include personal information of their customers (“Customer Data”). Certinia acts only as the processor of Customer Data and will not review, share, distribute, or reference Customer Data except as provided in an applicable Certinia Master Subscription Agreement, or as may be required by law. We only view or access individual records of Customer Data for the purpose of providing our customers with support for the Services or as may be required by law.

9. Accessing, correcting and updating your information

Certinia may retain your information for a period of time consistent with the original purpose of collection. For instance, we may retain your information during the time in which you have an account to use our websites or Services and for a reasonable period of time afterward. We also may retain your information during the period of time needed for Certinia to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.

You may request to review, correct, delete or otherwise modify any of the personal information that you have previously provided to us through our websites and Services.  If you are a user of our Services, you may generally update your user settings, profile, or organization’s settings by logging into the applicable Service with your username and password and editing your settings or profile (you may require administrator privileges to update some settings).  If you are contacting us on behalf of a Certinia customer and wish to update the customer’s billing information, discontinue the customer’s account, and/or request return or deletion of the Customer Data associated with the account, please contact your account representative, your Certinia customer support contact, or [email protected].  For other requests to access, correct, modify or delete personal information, you may email us at [email protected] or at the address under “Contacting Us” below.  If your request concerns personal information being processed in Services, you may also wish to send your request to the customers for which you believe we may be processing your personal information.  If you are an employee of a Certinia customer, you may wish to contact your employer’s Certinia administrator for assistance in correcting or updating your information.

If you are an individual residing in the EU or Switzerland, you have the following rights for personal information processed outside of our Services: 

If you are an individual residing in the EU or Switzerland, you have the following rights for personal information processed in our Services.  Please note that personal information processed in our Services is considered Customer Data (see the “Customer Data” section above), and that we process it for our customers.  Our contracts with our customers restrict us from accessing Customer Data, including personal information, in our Services.  If you believe Certinia may be processing personal information relating to you in our Services: 

10. Data security and integrity

Certinia uses robust security measures to protect your personal information and Customer Data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of your personal information. When the Services are accessed using Chrome, Internet Explorer version 6.0 or later, Firefox version 2.0 or later, or Safari version 3.0 or later, Secure Socket Layer (“SSL”) technology protects your data using both server authentication and data encryption. These technologies help ensure that your personal information is safe, secure, and only available to you and those to whom you have granted access. We host our websites in a secure server environment that uses firewalls and other advanced technology to prevent interference or access from outside intruders. Certinia also offers enhanced security features within our Force.com platform-based Services that permit you to configure security settings to the level you deem necessary.

We currently store Customer Data in Salesforce’s Force.com platform. Click here for information about the security of the Force.com platform. The Force.com platform is our primary system of record for Web registration information, telephone prospect information, billing information (except credit card information), email and messaging information and job applicant information; however, these types of information are also stored in other systems.

Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. Please contact us immediately [email protected] if you have reason to believe that your interaction with us is no longer secure.

11. Mobile applications

In addition to information gathered through the other media described in this Privacy Statement, Certinia may obtain information through mobile applications that our customers or their authorized individual users download to, and run on, their mobile devices. Mobile applications we provide may obtain information from, or access data stored on, users’ devices to provide services related to the relevant mobile application. For example, a mobile application may: access a camera on a user’s device to enable the user to upload photographs to our Services; access the call history on a user’s device to enable the user to upload that information to our Services; access calendar information on a user’s device to enable the user to match meeting attendees with contacts submitted by the user to the Services; access the geographic location of a user’s device to enable the user to identify contacts submitted by the user to the Services who are nearby; or access contact information on a user’s device to enable the user to sync contact information between the information that is stored on the user’s device and the information that is submitted to the Services. Information obtained to provide mobile application services may include information obtained in preparation for anticipated updates to those services. Mobile applications may transmit information to and from devices to provide the mobile application services.

Mobile applications may provide us and salesforce.com with information related to users’ use of the mobile application services, information regarding users’ computer systems, and information regarding users’ interaction with mobile applications, which we and salesforce.com may use to provide and improve the mobile application services. For example, all actions taken in a mobile application may be logged, along with associated information (such as the time of day when each action was taken). We and salesforce.com may also share anonymous data about these actions with third party providers of analytics services. In addition, if a user downloads a Certinia mobile application after clicking on a third-party mobile advertisement for the mobile application or for us, the third-party advertiser may provide us with certain information, such as the user’s device identification information, which we may use to track the performance of our advertising campaigns.

Customers may configure our mobile application services, and the information accessed or obtained by the mobile application on a user’s device may be affected by the customer’s configuration. In addition, if a customer purchases more than one Service from us, a mobile application may be designed to interoperate with those Services; for instance, to provide a user with access to information from any or all of those Services or to provide information from a user’s device to any or all of those Services. Information accessed or obtained by the mobile application on a user’s device may be accessible to the customer and its organization, depending on the intended functionality of the mobile application.

Notices and contractual terms related to a particular mobile application may be found in the end user license agreement or relevant terms of service for that application. We encourage you to review the end user license agreement or relevant terms of service related to any mobile applications you download, install, use, or otherwise interact with. The mobile application’s access to information through a user’s device does not cause that information to be “Customer Data” under Certinia’s Master Subscription Agreement with the customer or under this Privacy Statement, except as follows: To the extent that a user uses a mobile application to submit electronic data and information to a customer account on our Services pursuant to the customer’s Master Subscription Agreement with us (or a similar agreement that governs the customer’s subscriptions to our Services), that information constitutes “Customer Data” as defined in that agreement, and the provisions of that agreement with respect to privacy and security of that data will apply.

12. Policy towards children

Our Services are not directed to persons under age 13, and we do not knowingly collect personal information from children under the age of 13.  If you become aware that your child has provided Certinia with personal information without your consent, please contact us at [email protected].

13. Changes to Privacy Statement

We may revise this Privacy Statement from time to time. The most current version of the Privacy Statement will govern our use of your information and will always be at https://certinia.com/legal/. If we make a change to this Privacy Statement that, in our sole discretion, is material, we will notify you via email to the email address associated with your account and by posting a prominent notice on our website for the 30 days prior to the effective date of such change. By continuing to access or use our websites after those changes become effective, you agree to be bound by the revised Privacy Statement.

Archive of Prior Statements

14. Conflicts

This Privacy Statement may not apply to the extent it conflicts with other controlling terms and conditions (such as, for example, a Master Subscription Agreement for our Services between Certinia and you or your organization) or applicable law or regulation.

15. Contacting us

If you have questions regarding this Privacy Statement or Certinia’s data handling practices, please reach out to us by email at [email protected] or by mail to:

Attn: Privacy Officer
595 Market Street, Suite 2700
San Francisco, California 94105
United States of America