Learn how Salesforce is responding to the new SCCs in Salesforce's FAQ about transfers of personal data
Learn about our commitment to privacy
Resources in respect of how we protect our customer's data as a processor
- Global Privacy Resources for Salesforce Products
- Data Processing Addendum
- Data Processing Addendum FAQ
- International Transfers of EU Personal Data to Salesforce's Services
- Salesforce's Notice of Privacy Shield Certification
- Trust and Compliance Documentation
- Salesforce's Notice of APEC PRP Certification
- Salesforce's EU Processor Binding Corporate Rules
- Salesforce's Draft UK Processor Binding Corporate Rules (Pending Approval from the UK ICO)
- Salesforce Group Affiliates for Draft UK Binding Corporate Rules for Processors
Resources in respect of how we protect data as a controller
Privacy Statement Highlights
We collect and process Personal Data for a variety of purposes, including:
The processing of your name and contact information to provide you with information about our products, manage your registration for and attendance at our events and webinars or for office visits, manage your registration for contests or promotions, provide you with customer support or otherwise communicate with you;
The processing of device and usage data to develop, improve, manage and customize our websites and services, to assess and improve the related user experience, to identify customer opportunities and to guarantee our websites’ and services' security and continued proper functioning;
The processing of your billing information to complete transactions with you when you purchase our products or services;
To provide you with the necessary functionalities required during your use of our websites and services, and to review capacity requirements and compliance with the applicable usage terms;
To display personalized advertisements to you and to send to you marketing communications about us, our products and our services; and
To comply with our legal obligations under applicable laws and cooperate with public and government authorities.
For the full list of purposes for which we Process your Personal Data, please see the full Privacy Statement
We only collect and process your Personal Data to the extent it is necessary for fulfilling these purposes and where we can rely on a legal basis for such processing as set out in our full Privacy Statement. Where required, we will ask you for your prior consent to processing.
Please review the "What Personal Data do we collect?" and "Purposes for which we process Personal Data and the legal bases on which we rely" sections in our full Privacy Statement for further details. Also, please review the "How long do we keep your Personal Data?" section to learn how long we store your Personal Data.
We may share Personal Data with various parties, including:
- Our contracted service providers that process Personal Data on our behalf for IT and system administration and hosting, credit card processing, research and analytics, marketing, customer support and data enrichment;
- Affiliates within our current or future corporate group that process Personal Data for customer support, marketing, event management, technical operations and account management;
- If you are using our services as an authorized user, with the Salesforce customer responsible for your access to the services for verifying your account, investigating suspicious activity and reviewing compliance our usage terms and policies;
- Sponsors of events, webinar or contests for which you register;
- Third-party social media and advertising networks, which usually act as separate controllers, so that we can advertise on their platforms;
- Specifically in relation to our AppExchange website, with our third-party partners who may contact you regarding their products or services;
- In individual instances, professional advisers who provide consultancy, banking, legal, insurance and accounting services, or if we are involved in a merger, reorganization, asset sale or business combination; and
- Public and government authorities, to the extent we are compelled to disclose Personal Data to comply with our legal obligations.
Please review the "Who do we share Personal Data with" section in our full Privacy Statement for more detailed information.
You have certain rights relating to your Personal Data, subject to local data protection laws. These rights may include:
- To access your Personal Data held by us (right to access);
- To rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete (right to rectification);
- To erase/delete your Personal Data, to the extent permitted by applicable data protection laws (right to erasure; right to be forgotten);
- To restrict our processing of your Personal Data to the extent permitted by law (right to restriction of processing);
- To transfer your Personal Data to another controller, to the extent possible (right to data portability);
- To object to any processing of your Personal Data carried out on the basis of our legitimate interests (right to object). Where we process your Personal Data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;
- To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects ("Automated Decision-Making"); Automated Decision-Making currently does not take place on our websites or in our services; and
- To the extent we base the collection, processing and sharing of your Personal Data on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.
For more details on your rights and choices and how to exercise them, please review the "Your rights relating to your Personal Data" section in our full Privacy Statement.
To exercise your rights relating to your Personal Data, or if you have questions regarding our privacy practices, please fill out this form or mail us at:
Salesforce Data Protection Officer (Salesforce Privacy Team)
415 Mission St., 3rd Floor
San Francisco, CA 94105, USA
If you believe that we have not been able to assist with your complaint or concern, and you are located in the EEA, you have the right to lodge a complaint with the competent supervisory authority.