Privacy & Security

Privacy Statements

Learn about our commitment to privacy protection
Privacy Statement highlights ›

Security

Read about our security practices and technologies
Learn more ›

Vulnerability

Security testing and reporting policies
Learn more ›

 

 

TRUSTe European Safe Harbor certification

Privacy Statement, effective as of March 12, 2014

Salesforce.com, inc. (“salesforce.com” or the “Company”) is committed to protecting the privacy of individuals who visit the Company’s Web sites (“Visitors”), individuals who register to use the Services as defined below (“Customers”), and individuals who register to attend the Company’s corporate events (“Attendees”). This Privacy Statement describes salesforce.com’s privacy practices in relation to the use of the Company’s Web sites and the related applications and services offered by salesforce.com (the “Services”).

Salesforce.com has been awarded TRUSTe's Privacy Seal signifying that this Privacy Statement and associated practices have been reviewed by TRUSTe for compliance with TRUSTe's program requirements including transparency, accountability, and choice regarding the collection and use of your personal information. TRUSTe's mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy trustmark and innovative trust solutions. If you have questions or complaints regarding salesforce.com’s Privacy Statement or associated practices, please contact us here. If you are not satisfied with our response you can contact TRUSTe here. TRUSTe will then serve as a liaison with salesforce.com to resolve your concerns.

Salesforce.com is also a certified licensee of the TRUSTe EU Safe Harbor Seal and abides by the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forthby the U.S. Department of Commerce and the European Union. Salesforce.com has certified that it adheres to the Safe Harbor Principles. For more information on the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework, including the Safe Harbor Principles, and to view the scope of salesforce.com's certification, please visit http://www.export.gov/safeharbor/. As part of our participation in these Safe Harbor Frameworks, we have agreed to dispute resolution by TRUSTe for disputes relating to our compliance. If you have any questions or complaints regarding our compliance with the U.S.-EU Safe Harbor Framework or the U.S.-Swiss Safe Harbor Framework, please contact us here. If contacting us does not resolve the issue, you may raise the issue with TRUSTe here.

The TRUSTe seals only apply to information that is collected, handled, or maintained through the Web sites covered by this Privacy Statement.

 

1. Web sites covered

This Privacy Statement covers the information practices of Web sites that link to this Privacy Statement, including: http://www.salesforce.com; http://www.appexchange.com; http://www.dreamforce.com; http://www.campaignforce.com; http://www.salesforcefoundation.org; and http://www.force.com (collectively referred to as “salesforce.com’s Web sites” or “the Company’s Web sites”).

AppExchange, http://www.appexchange.com, is an online marketplace for on-demand Web applications that run on the Company’s Force.com platform. Applications may be posted by salesforce.com and third parties. When applications are posted by salesforce.com and the application links to this Privacy Statement, this Privacy Statement applies. When applications are posted by third parties, the privacy statement of the third party applies, and this Privacy Statement does not apply.

Force.com Sites and Site.com enable salesforce.com and salesforce.com customers to create Web sites and applications that run natively on the salesforce.com platform. When Force.com Sites or Site.com Web sites are posted by salesforce.com, the site will link to this Privacy Statement, and this Privacy Statement applies. When Force.com Sites or Site.com Web sites are posted by third parties, the privacy statement of the third party applies, and this Privacy Statement does not apply.

Salesforce.com’s Web sites may contain links to other Web sites. The information practices or the content of such other Web sites is governed by the privacy statements of such other Web sites. The Company encourages you to review the privacy statements of other Web sites to understand their information practices.

 

2. Information collected

When expressing an interest in obtaining additional information about the Services or registering to use the Services, salesforce.com requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, salesforce.com may require you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Salesforce.com may also ask you to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information about Customers are referred to collectively as “Data About salesforce.com Customers”, or in the case of Attendees, “Data About salesforce.com Attendees”.

As you navigate the Company’s Web sites, salesforce.com may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web sites (such as the Web pages viewed and the links clicked). For additional information about the collection of Web Site Navigational Information by salesforce.com and others, please click here.

 

3. Use of information collected

The Company uses Data About salesforce.com Customers to perform the services requested. For example, if you fill out a “Contact Me” Web form, the Company will use the information provided to contact you about your interest in the Services.

The Company also uses Data About salesforce.com Attendees to plan and host corporate events, host online forums and social networks in which event attendees may participate, and to populate online profiles for Attendees on the Company’s Web sites. Additional information on the Company’s privacy practices with respect to Data About salesforce.com Attendees may be found in additional privacy statements on the event Web sites, as the case may be. Please see here for more information on bulletin boards, blogs, or chat rooms provided by salesforce.com in connection with its corporate events.

The Company may also use Data About salesforce.com Customers and Data About salesforce.com Attendees for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company, its affiliates, and its partners, such as information about promotions or events.

Salesforce.com uses credit card information solely to check the financial qualifications and collect payment from prospective Customers and Attendees.

Salesforce.com uses Web Site Navigational Information to operate and improve the Company’s Web sites. The Company may also use Web Site Navigational Information alone or in combination with Data About salesforce.com Customers and Data About salesforce.com Attendees to provide personalized information about the Company. For additional information about the use of Web Site Navigational Information, please click here.

 

4. Web Site Navigational Information

Cookies, Web Beacons and IP Addresses
Salesforce.com uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on the Company’s Web sites and how this information may be used.

Cookies
Salesforce.com uses cookies to make interactions with the Company’s Web sites easy and meaningful. When you visit one of the Company’s Web sites, salesforce.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to salesforce.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Me” or a “30 Day Free Trial” Web form), you remain anonymous to the Company.

Salesforce.com uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. Please note that if you disable your Web browser’s ability to accept cookies, you will be able to navigate the Company’s Web sites, but you will not be able to successfully use the Services.

The following sets out how salesforce.com uses different categories of cookies and your options for managing cookies’ settings:

Type of Cookies Description Managing Settings
Required cookies

Required cookies enable you to navigate the Company’s Web sites and use its features, such as accessing secure areas of the Web sites and using salesforce.com Services.

If you have chosen to identify yourself to salesforce.com, the Company uses cookies containing encrypted information to allow the Company to uniquely identify you. Each time you log into the Services, a cookie containing an encrypted, unique identifier that is tied to your account is placed on your browser. These cookies allow the Company to uniquely identify you when you are logged into the Services and to process your online transactions and requests.

Because required cookies are essential to operate the Company’s Web sites and the Services, there is no option to opt out of these cookies.

Performance cookies

These cookies collect information about how Visitors use our Web site, including which pages visitors go to most often and if they receive error messages from certain pages. These cookies do not collect information that individually identifies a Visitor. All information these cookies collect is aggregated and anonymous. It is only used to improve how the Company’s Web site functions and performs.

From time-to-time, salesforce.com engages third parties to track and analyze usage and volume statistical information from individuals who visit the Company’s Web sites. Salesforce.com may also utilize Flash cookies for these purposes.

To learn how to opt out of performance cookies using your browser settings click here.

To learn how to manage privacy and storage settings for Flash cookies click here.

Functionality cookies

Functionality cookies allow the Company’s Web sites to remember information you have entered or choices you make (such as your username, language, or your region) and provide enhanced, more personal features.  These cookies also enable you to optimize your use of salesforce.com’s Services after logging in. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize.

Salesforce.com uses local shared objects, also known as Flash cookies, to store your preferences or display content based upon what you view on our Web sites to personalize your visit.

To learn how to opt out of functionality cookies using your browser settings click here. Note that opting out may impact the functionality you receive when visiting salesforce.com.

To learn how to manage privacy and storage settings for Flash cookies click here.

Targeting or Advertising cookies

From time-to-time, salesforce.com engages third parties to track and analyze usage and volume statistical information from individuals who visit the Company’s Web sites.  Salesforce.com sometimes uses cookies delivered by third parties to track the performance of Company advertisements.  For example, these cookies remember which browsers have visited the Company’s Web sites. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the Company receives it.

Salesforce.com also contracts with third-party advertising networks that collect IP addresses and other information from Web beacons (see below) on the Company’s Web sites, from emails, and on third-party Web sites. Ad networks follow your online activities over time by collecting Web Site Navigational Information through automated means, including through the use of cookies. They use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other Web sites. This process also helps us manage and track the effectiveness of our marketing efforts.

Third parties, with whom the Company partners to provide certain features on our Web sites or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information.  Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored.

To learn more about these and other advertising networks and their opt out instructions, click here and here.

To learn how to manage privacy and storage settings for Flash cookies click here.

Web Beacons
Salesforce.com uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web sites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, salesforce.com may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web sites. Salesforce.com uses Web beacons to operate and improve the Company’s Web sites and email communications.

IP Addresses
When you visit salesforce.com’s Web sites, the Company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, salesforce.com uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Web sites.

Salesforce.com also collects IP addresses from Customers whey they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.

Do Not Track
Currently, various browsers – including Internet Explorer, Firefox, and Safari – offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites' visited by the user about the user's browser DNT preference setting. Salesforce.com does not currently commit to responding to browsers' DNT signals with respect to the Company's Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Salesforce.com takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

 

5. Public forums, refer a friend, and customer testimonials

Salesforce.com may provide bulletin boards, blogs, or chat rooms on the Company’s Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Salesforce.com is not responsible for the personal information you choose to submit in these forums.

Customers and Visitors may elect to use the Company’s referral program to inform friends about the Company’s Web sites. When using the referral program, the Company requests the friend’s name and email address. Salesforce.com will automatically send the friend a one-time email inviting him or her to visit the Company’s Web sites. Salesforce.com does not store this information.

Salesforce.com posts a list of Customers and testimonials on the Company’s Web sites that contain information such as Customer names and titles. Salesforce.com obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.

 

6. Sharing of information collected

Service Providers
Salesforce.com may share Data About salesforce.com Customers and Data About salesforce.com Attendees with the Company's contracted service providers so that these service providers can provide services on our behalf. Without limiting the foregoing, Salesforce.com may also share Data About salesforce.com Customers and Data About salesforce.com Attendees with the Company's service providers to ensure the quality of information provided, and with third-party social networking and media Web sites, such as Facebook, for marketing and advertising on those Web sites. Unless described in this Privacy Statement, salesforce.com does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Salesforce.com Affiliates
The Company may share Data About salesforce.com Customers with other companies in order to work with them, including affiliates of the salesforce.com corporate group.  For example, the Company may need to share Data About salesforce.com Customers for customer relationship management purposes.

Business Partners
From time to time, salesforce.com may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from salesforce.com, the Company may share Data About salesforce.com Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Salesforce.com does not control our business partners’ use of the Data About salesforce.com Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.

Salesforce.com does not share Data About salesforce.com Attendees with business partners unless: (1) you specifically opt in to such sharing via an event registration form; or (2) you attend a Company event and have your attendee badge scanned by a business partner. If you do not wish for your information to be shared in this manner, you may choose not to opt in via event registration forms and elect not to have your badge scanned at Company events.  If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements.

Third Parties
This Privacy Statement sets forth the information salesforce.com collects on the Company’s Web sites and the information we share with third parties. Salesforce.com does not authorize the collection of personal information by third parties through advertising technologies deployed on the Company's Web sites, nor do we share personal information with any third parties collected from the Company's Web sites, except as provided in this Privacy Statement. Section 4 of this Privacy Statement, Web Site Navigational Information, specifically addresses the information we collect through cookies and web beacons, and how you can control cookies through your Web browsers.

Billing
Salesforce.com uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.

Compelled Disclosure
Salesforce.com reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

 

7. International transfer of information collected

The Company primarily stores Data About salesforce.com Customers and Data About salesforce.com Attendees in the United States. To facilitate salesforce.com’s global operations, the Company may transfer and access such information from around the world, including from other countries in which the Company has operations. A list of the Company’s global offices is available here. This Privacy Statement shall apply even if salesforce.com transfers Data About salesforce.com Customers or Data About salesforce.com Attendees to other countries.

 

8. Communications preferences

Salesforce.com offers Visitors, Customers, and Attendees who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may send a request to unsubscribe@salesforce.com.

 

9. Correcting and updating your information

Customers may update or change their registration information by editing their user or organization record. To update a user profile, please login to http://www.salesforce.com with your salesforce.com username and password and click “Setup.” To update an organization’s information, please login to http://www.salesforce.com with your salesforce.com username and password and select “Organization Setup.”  Attendees may update or change their registration information on the event’s Web site after logging in. To update Billing Information or have your registration information deleted, please email support@salesforce.com or call +1 (415) 901-7010. To discontinue your account and to have information you maintained in the Services returned to you, please email support@salesforce.com or call +1 (415) 901-7010.  Requests to access, change, or delete your information will be handled within 30 days.

 

10. Customer Data

Salesforce.com Customers may electronically submit data or information to the Services for hosting and processing purposes (“Customer Data”). Salesforce.com will not review, share, distribute, or reference any such Customer Data except as provided in the salesforce.com Master Subscription Agreement, or as may be required by law. In accordance with the salesforce.com Master Subscription Agreement, salesforce.com may access Customer Data only for the purpose of providing the Services or preventing or addressing service or technical problems or as may be required by law. Additional information about the Company’s privacy and security practices with respect to Customer Data is available here.

 

11. Security

Salesforce.com uses robust security measures to protect Data About salesforce.com Customers and Data About salesforce.com Attendees. Because the Company uses the Services to maintain Data About salesforce.com Customers and Data About salesforce.com Attendees, this information, which is stored in the Services, is secured in the same manner as described here.

 

12. Changes to this Privacy Statement

Salesforce.com reserves the right to change this Privacy Statement. Salesforce.com will provide notification of the material changes to this Privacy Statement through the Company’s Web sites at least thirty (30) business days prior to the change taking effect.

 

13. Contacting us

Questions regarding this Privacy Statement or the information practices of the Company’s Web sites should be directed to salesforce.com Privacy by clicking here or by mailing salesforce.com
Privacy, The Landmark @ One Market Street, Suite 300, San Francisco, CA 94105.

Live Chat