Privacy Statement updated as of 23 March 2023

Certinia Inc. and its subsidiaries (“Certinia”) are committed to privacy and data protection. This Privacy Statement describes Certinia’s privacy practices and how we use personal information we collect from:

  1. When this Privacy Statement applies
  2. Other websites
  3. What personal information we collect
  4. How we use the personal information we collect
  5. How we use cookies and other website navigational information
  6. Public forums and Customer testimonials
  7. How we share your Information
  8. International transfer of information collected
  9. How to access, correct, update and request deletion of your information
  10. Data security and integrity
  11. Mobile applications
  12. Policy towards children
  13. Changes to Privacy Statement
  14. California Consumer Privacy Act (CCPA)
  15. How long do we keep your Personal Data?
  16. Conflicts
  17. How to contact us

1. When this Privacy Statement applies

This Privacy Statement applies to the data collected through the following websites (that link to this Privacy Statement):

These websites are collectively referred to as the “Websites” in this Privacy Statement. Salesforce.com, inc. and its subsidiaries (“Salesforce”) host the online enterprise resource planning and related applications and services that we sell to our Customers (“Services”), as well as some of the systems we use to store and process information we receive from Website Visitors, Attendees, and individuals with whom we interact through email, other messaging systems, or telephone. This means that information submitted to our Services, and some other information Certinia receives from you, is stored and maintained in accordance with Salesforce’s Privacy Statement, which can be viewed here: https://www.salesforce.com/company/privacy/full_privacy/. Our Privacy Statement does not create any obligation on the part of Salesforce.

FinancialForce UK Ltd is an agent of Plaid Financial Ltd., an authorised payment institution regulated by the Financial Conduct Authority under the Payment Services Regulations 2017 (Firm Reference Number: 804718). Plaid provides you with regulated account information services through FinancialForce UK Ltd as its agent.

2. Other websites

Our Websites may contain links to other websites. This Privacy Statement only applies to the Websites referenced above, not to other websites for which our Websites may contain links.

3. What personal information we collect

Certinia collects the following personal information from Visitors, Customers, Attendees and Participants:

We also collect information about you from other sources, including third parties from whom we have purchased personal information, and we combine this information with personal information provided by you. This helps us to update, expand and analyze our records, identify new Customers and create more tailored advertising to provide services that may be of interest to you. In particular, we collect personal information from third party providers of business contact information, including mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses, social media profiles, LinkedIn URLs and custom profiles, for purposes of targeted advertising, and delivering relevant email content and event promotion.

4. How we use the personal information we collect

Certinia uses the personal information we collect as follows:

Web registration information, telephone prospect information, billing information (except credit card information) and email and messaging information

Credit card information

We use credit card information solely to check the financial qualifications of prospective Customers and to collect payment for the Services and events.

Job application information

When you submit your CV or resume to, or apply for a job at, Certinia, we may use the personal information we receive in that process as described in our Job Applicant Privacy Notice.

Website navigational information 

Certinia uses website navigational information to operate and improve our Websites. We may also use website navigational information alone or in combination with information collected through web registrations, telephone prospecting, billing information (other than credit card information) and email and other social media messaging information to provide personalized information about us and our Services. For additional information about the use of website navigational information, please click here.

Customer Community 

When you participate in our Customer Community (for example, by updating your profile or by posting questions, comments, reviews, ideas or recommendations), we may use your personal information as follows:

Displaying personalized advertisements and content

We process your personal information to conduct marketing research, advertise to you, provide personalized information about us on and off our websites, and provide other personalized content based upon your activities and interests, in each case to the extent necessary for our legitimate interest in advertising our products, services and events or, where necessary, to the extent you have provided your prior consent.

Sending marketing communications

We process your personal information to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, and push notifications) about us and our affiliates and partners, including information about our products, services and events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent.

Legitimate interests of Certinia 

When you visit our Websites, or we collect your personal information through other means, your information will be used for the legitimate interests of Certinia unless otherwise stated in this Privacy Statement or as part of a separate notice. Certinia may also aggregate your information with data that you separately provide on social media and third-party websites.

Our legitimate interests include:

Your rights to object and unsubscribe

You have the right to object to our use of your information by contacting [email protected]

You may adjust your preferences or choose to unsubscribe from marketing communications here. Please note that, where you or you company has purchased Services from Certinia and you are designated as a contact, you cannot opt out of receiving transactional emails related to your account or use of the Services.

5. How we use cookies and other website navigational information

Certinia uses cookies to make your interactions on our Websites easy and meaningful. When you access our Websites, our servers send a cookie to your computer. Below is a description of the types of cookies we use and when and how you can control their use.

In addition, if you are a Visitor to our Websites, you can use our cookie settings to opt out of cookies that are not “strictly necessary” to enable core site functionality, such as performance, functional and targeting cookies.

If you do not want to receive cookies, you can also change your browser settings on your computer or other device you are using to access our services. Most browsers also provide functionality that lets you review and erase cookies.

Type of CookieDescriptionManage Settings
Strictly Necessary  CookiesThese cookies are necessary for the website to function. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.Because “Strictly Necessary Cookies” cookies are essential to operate Certinia’s Websites and the Services, you cannot opt out of these cookies.
Performance CookiesThese cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how Visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.You can opt out of “Performance Cookies” using our cookie settings.
Functional CookiesThese cookies enable the Website to provide enhanced functionality and personalisation. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.You can opt out of “Functional Cookies” using our cookie settings.
Targeting cookiesThese cookies may be set through our Website by our advertising partners. They may be used by those companies and by Certinia to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.We may also use other third-party cookies to track and analyze usage and volume statistical information from Website users, Service users, and Attendees, to provide enhanced interactions and more relevant communications, and to track the performance of our advertisements. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after we receive it. Certinia also contracts with third-party advertising networks that collect IP addresses, hashed email address (meaning a one-way method of converting the email address into a hashed value or “hash,” where only the hash is stored), and other information from Web beacons (see below) on our Websites and in our Services, from emails, and from third-party Websites.Ad networks follow your online activities over time and across different sites or other online services by collecting website navigational information through automated means, including through the use of cookies. These technologies may recognize you across the different devices you use, such as a desktop or laptop computer, smartphone or tablet. Third parties use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other Websites or mobile applications on any of your devices. This process also helps us manage and track the effectiveness of our marketing efforts.You can opt out of “Targeting Cookies” using our cookie settings.   In addition, to learn more about advertising networks and your ability to opt out of collection by certain third-parties, please visit the opt-out pages of the Network Advertising InitiativeAbout Ad’s, or Your Online Choices (Europe only).Opting out will not prevent you from seeing ads, but those ads will likely be less relevant because they won’t be tailored to your interests. The ads might, for instance, be randomly generated or based on the web page you are visiting.

Salesforce cookies

Our Services run on the Salesforce platform. Therefore, Salesforce collects website navigational information from you when you use our Services. The website navigational information collected by Salesforce, and how they use it, are described here.

Google Analytics

Certinia engages third parties to track and analyze non-personally identifiable usage and volume statistical information from individuals who visit our Websites, like Google Analytics for website analytics. You may opt-out of third party cookies from Google Analytics through their website.

Web beacons

Certinia uses web beacons alone or with cookies to compile information about your use of our Websites and interaction with our emails. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a Website tied to the web beacon. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to one of our Websites. Certinia uses web beacons to operate and improve our Websites and email communications.

Log data

When you use our Websites, Certinia may receive information (“Log Data”) such as your IP address, browser type, operating system, the referring web page, pages visited, location, mobile carrier, device information (including device and application IDs), search terms, and cookie information. We receive Log Data when you interact with our Websites or our email notifications. We use Log Data to provide and improve our Services, and to improve our Websites and our marketing.

IP addresses

When you visit our Websites, we collect your Internet Protocol (“IP”) addresses to track and aggregate non-personally identifiable information. For example, we use your IP addresses to monitor the geographical regions from which you visit our Websites.

Social media features

Certinia’s Websites may use social media features, such as the Facebook ‘like’ button (“Social Media Features”). These features may collect your IP address and which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities on our Website to a profile page of yours that is provided by a third party social media network in order to share with others within your network. Social Media Features are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features.

Do not track

Currently, various browsers – including Chrome, Internet Explorer, Firefox, and Safari – offer a “do not track” or “DNT” option that relies on a technology known as a DNT header. A DNT header sends a signal to Websites visited by the user about the user’s browser DNT preference setting. You can view your browser’s DNT setting here.

6. Public forums and Customer testimonials

Certinia may provide bulletin boards, blogs, or chat rooms on our Websites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used as described in this Privacy Statement. We are not responsible for the personal information you choose to submit in these forums..

We post a list of Customers and testimonials on our Websites that contain information such as our Customers’ names and titles. We obtain the consent of each Customer prior to posting any information on such a list or posting testimonials.

7. How we share your Information

Certinia does not share, sell, rent, or trade personal information with third parties for their promotional purposes. However, we may share or disclose your personal information under the following circumstances:

Your consent 

We may share or disclose your information at your direction.

Certinia affiliates

Certinia will share the information we collect with our affiliated companies in order to work with them, to manage our relationships with our Customers and prospects, to provide and invoice for the Services, and to provide information to our Customers and prospects about our Services and events.

Salesforce 

Data entered into our Services by our Customers is stored by Salesforce. Salesforce’s use and disclosure of that data is described here. We also provide to Salesforce our Customers’ billing data (but not credit card information) and information about our Services purchased by our Customers, to enable Salesforce to provide and invoice Certinia for the Salesforce platform services underlying the Services, and, if needed, to assist Certinia in providing Customer support.

Other service providers

We share Customers’ billing name and address, and credit card number with payment services providers to process payments; prevent, detect and investigate fraud or other prohibited activities; facilitate dispute resolution such as chargebacks or refunds; and for other purposes associated with the acceptance of credit or debit cards. Certinia may share information about Visitors, Customers, Participants and Attendees with third party social networking and media websites, such as Facebook and LinkedIn, for marketing and advertising on those websites.  

Business partners 

From time to time, Certinia may partner with other companies to offer products or services. If you purchase or specifically express interest in a jointly-offered product or service we jointly offer with another company, we may share data about you collected in connection with your purchase or expression of interest with that other company. We do not control our business partners’ use of your personal information, and their use of the information will be subject to their own privacy policies. If you do not wish your information to be shared in this manner, you must opt not to purchase or specifically express interest in a jointly offered product or service.

Events 

Certinia does not share with our business partners information we receive about you through your registration for or attendance of events unless: (1) you specifically opt in to such sharing via an event registration form; (2) you attend a jointly run event (3) you attend an event and allow Certinia or any of its business partners and/or their designees to scan your attendee badge. If you do not wish your information to be shared in this manner, do not to opt in via event registration forms, do not attend jointly run events and you must not allow your badge to be scanned at our events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements.

Law and harm 

Notwithstanding anything to the contrary in this Privacy Statement, we may preserve or disclose your information if we believe that it is reasonably necessary to comply with a law, regulation or a legal request; to protect the safety of any person; to address fraud, security or technical issues; or to protect our rights or property. However, nothing in this Privacy Statement is intended to limit any legal defenses or objections that you may have to a third party’s request to disclose your information, including a government’s request for the same.

Change of control 

In the event that Certinia is involved in a bankruptcy, merger, acquisition, reorganization or sale of assets, your information may be sold or transferred as part of that transaction. This Privacy Statement will apply to your information as transferred to the new entity.

Third parties 

Certinia does not authorize the collection of personal information by third parties through advertising technologies deployed on our websites, nor do we share personal information collected from our Websites with any third parties, except as provided in this Privacy Statement.

Public and non-personal information

We may share or disclose your non-private, aggregated or otherwise non-personal information, such as your comments or posts to our public forums, including our blogs and bulletin boards or your chat messages in our chat rooms.

Contracts and liability

If you are a resident of the European Economic Area (EEA), United Kingdom or Switzerland, Certinia will not transfer your personal information to any third party except under a contract with the third party that restricts the third party’s access, use and disclosure of personal information in compliance with our obligations, and Certinia may be liable if the third party fails to meet those obligations and we are responsible for the event giving rise to damage.

8. International transfer of information collected

Certinia primarily stores personal information described in this Privacy Statement in the United States. To facilitate our global operations, we may transfer such information to and from and access it from around the world, including other countries in which we have operations. A list of our global offices is available here. Irrespective of which country you reside in or supply information from, you authorize us to use your information in the United States and any other country where we operate. This Privacy Statement shall apply even if we transfer your personal data to other countries.

We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR).

If you have questions or complaints regarding Certinia’s Privacy Statement or associated practices, please contact us at [email protected]

9. How to access, correct, update and request deletion of your information

Retention

Certinia may retain your information for a period of time consistent with the original purpose of collection. For instance, we may retain your information during the time in which you have an account to use our Websites or Services and for a reasonable period of time afterward. We also may retain your information during the period of time needed for Certinia to pursue our legitimate interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.

Access, correcting, updating and deleting

You may request to access, review, correct, modify or delete* any of the personal information that you have previously provided to us through our Websites and Services or that we have otherwise collected about you as described in this Privacy Statement.

If you are a user of our Services, you may generally update your user settings, profile, or organization’s settings by logging into the applicable Service with your username and password and editing your settings or profile (you may require administrator privileges, or may need to contact your administrator, to update some settings). If you are contacting us on behalf of a Certinia Customer and wish to update the Customer’s billing information, discontinue the Customer’s account, and/or request return or deletion of data submitted by or for the Customer to our Services (“Customer Data”), please contact your account representative, your Certinia Customer support contact, or [email protected]

For all other requests to access, review, correct, modify or delete personal information, you may email us at [email protected] or write to us at the address under “How to contact us” below. If your request concerns personal information being processed in Services, you should first send your request to the Customer for which you believe we may be processing your personal information. If you are an employee of a Certinia customer, you should first contact your employer’s Certinia administrator for assistance in correcting or updating your information.

If you are an individual residing in the EEA, United Kingdom, or Switzerland, you have the following rights for personal information processed outside of our Services:

As described above, we may also process Personal Data submitted by or for a Customer to our Services. If not stated otherwise in this Privacy Statement or in a separate disclosure, we process such data in the role of a mere processor or service provider on behalf of a Customer (and/or its affiliates), who is the responsible controller or owner of the Personal Data concerned. We are not responsible for and have no control over the privacy and data security practices of our Customers, which may differ from those set forth in this Privacy Statement. If your data has been submitted to us by or on behalf of a Certinia Customer and you wish to exercise any rights you have under data protection laws, please inquire with the applicable Customer directly. Because we may only access a Customer’s data upon instruction from that Customer, if you wish to make your request directly to us, please provide to us the name of the Certinia Customer who submitted your data to us. We will refer your request to that Customer, and will support them as needed in responding to your request within a reasonable timeframe.

*Where you request us to delete your data, and Certinia complies with such request due to their being no other lawful basis to retain such data, Certinia may retain limited identifying data, such as name, company and email address, in addition to a record of the deletion request, in order to document our compliance with such request, and to prevent future use of such data without another lawful basis.

10. Data security and integrity

General:

We take precautions including technical, organizational and physical measures to help safeguard against the accidental or unlawful destruction, loss, alteration and unauthorized disclosure of, or access to, the personal information we process. However, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions. If you have any questions about the security of our Websites, please contact us at [email protected].

Security of Services:

Certinia uses robust security measures to protect your personal information from unauthorized access, maintain data accuracy, and help ensure the appropriate use of your personal information. Click here for more information about the security of the Services.

We currently store Customer Data in the Salesforce platform. Click here for information about the security of the Salesforce platform. The Salesforce platform is our primary system of record for web registration information, telephone prospect information, billing information (except credit card information), email and messaging information; however, these types of information are also stored in other systems.

Please contact us immediately at [email protected] if you have reason to believe that your interaction with us is no longer secure.

11. Mobile applications

In addition to information gathered through the other media described in this Privacy Statement, Certinia may obtain information through mobile applications that our Customers or their authorized individual users download to, and run on, their mobile devices. Mobile applications we provide may obtain information from, or access data stored on, users’ devices to provide services related to the relevant mobile application. For example, a mobile application may: access a camera on a user’s device to enable the user to upload photographs to our Services; access the call history on a user’s device to enable the user to upload that information to our Services; access calendar information on a user’s device to enable the user to match meeting attendees with contacts submitted by the user to the Services; access the geographic location of a user’s device to enable the user to identify contacts submitted by the user to the Services who are nearby; or access contact information on a user’s device to enable the user to sync contact information between the information that is stored on the user’s device and the information that is submitted to the Services. Information obtained through mobile application services may include information obtained in preparation for anticipated updates to those services. Mobile applications may transmit information to and from devices to provide the mobile application services.

Mobile applications may provide us and salesforce.com with information related to users’ use of the mobile application services, information regarding users’ computer systems, and information regarding users’ interaction with mobile applications, which we and salesforce.com may use to provide and improve the mobile application services. For example, all actions taken in a mobile application may be logged, along with associated information (such as the time of day when each action was taken). We and salesforce.com may also share anonymous data about these actions with third-party providers of analytics services. In addition, if a user downloads a Certinia mobile application after clicking on a third-party mobile advertisement for the mobile application or for us, the third-party advertiser may provide us with information, such as the user’s device identification information, which we may use to track the performance of our advertising campaigns.

Customers may configure our mobile application services, and the information accessed or obtained by the mobile application on a user’s device may be affected by the Customer’s configuration. In addition, if a Customer purchases more than one Service from us, a mobile application may be designed to interoperate with those Services; for instance, to provide a user with access to information from any or all of those Services or to provide information from a user’s device to any or all of those Services. Information accessed or obtained by the mobile application on a user’s device may be accessible to the Customer and its organization, depending on the intended functionality of the mobile application.

Notices and contractual terms related to a particular mobile application may be found in the end user license agreement or relevant terms of service for that application. We encourage you to review the end user license agreement or relevant terms of service related to any mobile applications you download, install, use, or otherwise interact with. The mobile application’s access to information through a user’s device does not cause that information to be “Customer Data” under Certinia’s Master Subscription Agreement with the Customer or under this Privacy Statement, except as follows: To the extent that a user uses a mobile application to submit electronic data and information to a Customer account on our Services pursuant to the Customer’s Master Subscription Agreement with us, that information constitutes “Customer Data” as defined in that agreement, and the provisions of that agreement with respect to privacy and security of that data will apply.

12. Policy towards children

Our Websites, events, training and Services are not directed to persons under the age of 16 and we do not knowingly collect personal information from children under the age of 16. If you become aware that your child has provided Certinia with personal information without your consent, please contact us at [email protected].

13. Changes to Privacy Statement

We may revise this Privacy Statement from time to time. The most current version of the Privacy Statement will govern our use of your information and will always be at https://www.certinia.com/privacy. If we make a change to this Privacy Statement that, in our sole discretion, materially reduces or prejudices your rights or protections, we will notify you via email to the email address associated with your account if you have an account and by posting a prominent notice on our website for the 30 days prior to the effective date of such change. By continuing to access or use our Websites after those changes become effective, you agree to be bound by the revised Privacy Statement.

Archive of Prior Statements

14. California Consumer Privacy Act (CCPA)

Certinia is a business to business (“B2B”) service provider and does not intentionally interact with or collect information about individual consumers outside that context, both in online interactions (such as through our website) and offline interactions. Thus, references to Visitors, Customers, Participants and Attendees described in this Privacy Statement only include individuals interacting with us in connection with our B2B functions, such as due diligence of another business, or providing or receiving goods or services to or from another business. Only consumers acting in such a B2B capacity are permitted to use our Website or provide information to us.

Certinia does not “sell” personal information as defined under the California Consumer Privacy Act.

15. How long do we keep your Personal Data?

We may retain your Personal Data for a period of time consistent with the original purpose of collection. We determine the appropriate retention period for Personal Data on the basis of the amount, nature and sensitivity of your Personal Data processed, the potential risk of harm from unauthorized use or disclosure of your Personal Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).

After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.

For further information on applicable data retention periods, please contact us by using the information in the “How to contact us” section, below.

16. Conflicts

This Privacy Statement may not apply to the extent it conflicts with other controlling terms and conditions (such as, for example, a Master Subscription Agreement for our Services between Certinia and you or your organization) or applicable law or regulation.

This Privacy Statement may not apply to the extent it conflicts with other controlling terms and conditions (such as, for example, a Master Subscription Agreement for our Services between Certinia and you or your organization) or applicable law or regulation.

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the United Kingdom, EEA or Switzerland, you have the right to lodge a complaint with the competent supervisory authority. You can find details of the relevant supervisory authority for members of the EEA or the European Union at this website. Details for the supervisory authority for the United Kingdom can be found here.

17. How to contact us

If you have questions regarding this Privacy Statement or if you wish to exercise your rights of access, rectification, erasure, restriction of processing, data portability, objection to automated decision-making please contact us:

by email at [email protected]

by mail/post to:

US, Canada and ANZ:
Certinia, Inc.
Attn: Privacy Officer
60 South Market Street, Suite 750
San Jose, California 95113
United States of America

EMEA:
FinancialForce UK Limited
Attn: Privacy Officer
2 Cardale Park
Beckwith Head Road,
Harrogate,
North Yorkshire,
HG3 1RY,
United Kingdom

Toll Free Number:
Americas: 1-866-743-2220
UK: 0808 2389791