Learn how Salesforce is responding to the new SCCs in Salesforce's FAQ about transfers of personal data
Learn about our commitment to privacy
Resources in respect of how we protect our customer's data as a processor
- Global Privacy Resources for Salesforce Products
- Data Processing Addendum
- Data Processing Addendum FAQ
- International Transfers of EU Personal Data to Salesforce's Services
- Salesforce's Notice of Privacy Shield Certification
- Trust and Compliance Documentation
- Salesforce's Notice of APEC PRP Certification
- Salesforce's EU Processor Binding Corporate Rules
- Salesforce's Draft UK Processor Binding Corporate Rules (Pending Approval from the UK ICO)
- Salesforce Group Affiliates for Draft UK Binding Corporate Rules for Processors
Resources in respect of how we protect data as a controller
Privacy Statement Highlights
We collect and process Personal Data for a variety of purposes, including:
- to provide our websites and social media branded pages;
- to display personalized advertisements and content;
- to manage event registrations and attendance (including ensuring the health and safety of our visitors and employees);
- to send communications;
- to handle contact and user support requests;
- to provide, improve and optimize the performance of our services;
- to bill for our services and manage our accounts (including usage and licensing compliance);
- to maintain the security of Salesforce and its services;
- to administer surveys and conduct research; and
- to comply with our legal obligations.
For the list of purposes for which we Process your Personal Data, please see the full Privacy Statement
We only collect and process your Personal Data to the extent it is necessary for fulfilling these purposes and where we can rely on a legal basis for such processing as set out in our full Privacy Statement. Where required, we will ask you for your prior consent to processing.
Please review the "What Personal Data do we collect?" and "Purposes for which we process Personal Data and the legal bases on which we rely" sections in our full Privacy Statement for further details. Also, please review the "How long do we keep your Personal Data?" section to learn how long we store your Personal Data.
We may share Personal Data with various parties, including:
- Our contracted service providers that process Personal Data on our behalf for IT and system administration, credit card processing, research and analytics, marketing, customer support and data enrichment;
- Affiliates within our current or future corporate group that process Personal Data for customer support, marketing, event management, technical operations and account management;
- If you are using our services as an authorized user, with the Salesforce customer responsible for your access to the services for verifying your account, and reviewing compliance with our usage terms and policies;
- Sponsors of events, webinar or contests for which you register;
- Third-party networks and websites so that we can advertise on their platforms;
- Specifically in relation to our AppExchange website, with our third-party partners who may contact you regarding their products or services;
- Professional advisers who provide consultancy, banking, legal, insurance and accounting services; and
- Public and government authorities, to the extent we are compelled to disclose Personal Data to comply with our legal obligations.
Please review the "Who do we share Personal Data with" section in our full Privacy Statement for the full list and more detailed information.
Your Personal Data may be collected, transferred to and stored by us in the United States and by our affiliates and third parties (as disclosed in the full Privacy Statement) in other countries. Therefore, your Personal Data may be processed outside your country or jurisdiction, including in places that may not provide the same level of protection. As described in the "International transfer of Personal Data" section of our full Privacy Statement, we have implemented safeguards to ensure an adequate level of protection where your Personal Data is transferred.
You have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws, these rights may include the right to:
- Access your Personal Data held by us;
- Know more about how we process your Personal Data;
- Rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete;
- Erase or delete your Personal Data;
- Restrict our processing of your Personal Data;
- Transfer your Personal Data to another controller, to the extent possible;
- Object to any processing of your Personal Data;
- Opt out of certain disclosures of your Personal Data to third parties;
- If you’re under the age of 16, or such other applicable age of consent for privacy purposes in relevant individual jurisdictions, opt in to certain disclosures of your Personal Data to third parties;
- Not be discriminated against for exercising your rights described above;
- Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects; and
- Withdraw your consent at any time (to the extent we base processing on consent).
For more details on your rights and choices and how to exercise them, please review the "Your rights relating to your Personal Data" section in our full Privacy Statement.
To exercise your rights relating to your Personal Data, or if you have questions regarding our privacy practices, please fill out this form, email us at firstname.lastname@example.org or email@example.com, call us at 1-844-287-7147 or write to us at:
Salesforce Data Protection Officer (Salesforce Privacy Team) (and in India, a Grievance Officer)
415 Mission St., 3rd Floor
San Francisco, CA 94105, USA
When you contact us, please indicate in which country and/or state you reside.
If you believe that we have not been able to assist with your complaint or concern, and you are located in the EEA or the UK, you have the right to lodge a complaint with the competent supervisory authority. If you work or reside in a country that is a member of the European Union or that is in the EEA, you may find the contact details for your appropriate data protection authority on the following website.