Trust is our #1 value.

Our customers trust us to help them build meaningful relationships with their own customers. Salesforce’s top priority is the security and privacy of the data that we are entrusted to protect.
Take the EU Trail
Take the US trail
 

View Salesforce's response to the Court of Justice of the European Union's decision on transfers of personal data

learn more
 
 

Turn data privacy into an opportunity to enhance customer experiences.

As the #1 CRM platform, Salesforce provides companies like yours with the tools to build trust while enhancing customer experiences. Gain increased transparency and control of your customers’ data, all while harnessing the power of that data to connect with customers in new ways.
 
 

Privacy for every customer

No matter where your customers are located, we care about helping you protect their personal data.
Learn more about privacy laws and related topics in your region

Comprehensive privacy and security standards

We safeguard our customers’ data with a robust, comprehensive, and transparent privacy and security program.
Learn more about our products’ third-party audits and certifications
 

Global privacy support

Salesforce helps our customers operate globally in compliance with applicable privacy laws. We make it easy for companies to protect and respect the privacy of their customers' data.
Check out more privacy resources

Privacy on the world’s #1 CRM

Our trusted cloud makes it possible for global companies to leverage the world’s #1 CRM platform. Salesforce’s cloud services are designed to help customers comply with privacy laws around the world.
Learn more about product functionality
 
 

We have five privacy principles that highlight our commitment to trust.

 
 

Transparency

We are clear about our practices so that you can understand how your data is collected and used.
 

Control

We design our products to ensure you remain in control of your data, at all times.
 

Security

We protect your data at all times, using strong security measures that are regularly verified by internal safeguards and external auditors.
 
 

Compliance

We operate a high standard designed so you can operate around the world, including in regions with strict privacy rules for data handling.
 

Partnership

Safeguarding data is a team effort. We listen to your feedback, and we provide information and customizable security and privacy tools to you.
 
 

What should customers do to build a global privacy program?

 

1. Get buy-in and build a team

  • Raise awareness of the importance of privacy with organization leaders.

  • Obtain executive support for necessary staff resources and financial investments.

  • Choose someone to lead the effort in establishing and maintaining a global privacy program.

  • Build a steering committee of key functional leaders, including people within security, marketing, sales and compliance.

  • Identify privacy champions throughout the organization.

2. Assess the organization

  • Understand in which countries you operate and what data protection laws in those countries apply to your organization.

  • Review existing privacy and security efforts to identify strengths and weaknesses.

  • Identify all the systems where the organization stores personal data and create a data inventory.

  • Create a register of data processing activities and carry out a privacy impact assessment for each high-risk activity.

 

3. Establish controls and processes

  • Confirm privacy notices are accessible wherever personal data is collected.

  • Implement controls to limit the organization’s use of data to the purposes for which data was originally collected.

  • Establish mechanisms to manage individuals’ preferences, such as consent management.

  • Implement appropriate administrative, physical, and technical security measures and processes to detect and respond to security breaches.

  • Establish procedures for responding to individuals’ requests for access, rectification, objection, restriction, portability, deletion (right to be forgotten), and other potentially applicable rights such as to opt out from “sales” or direct marketing.

  • Enter into contracts with affiliates and vendors that collect, receive, or process personal data.

  • Establish a privacy impact assessment process.

  • Train employees and vendors to increase privacy and security awareness training.

4. Document compliance

  • Compile and maintain up-to-date and accurate copies of privacy notices and consent forms, data inventory and register of data processing activities, written policies and procedures, training materials, intracompany data transfer agreements, and vendor contracts.

  • If required, appoint a data protection officer.

  • Conduct periodic risk assessments.

 

“At Salesforce, trust is our #1 value. The protection of our customers’ data is paramount.”

Amy Weaver, Salesforce
President, Legal and General Counsel

Read the blog post
 

Global Privacy Readiness

Build trust and transparency around your data with Salesforce.
Platform | Sales Cloud | Service Cloud | Community Cloud | Marketing Cloud | Commerce Cloud | Pardot

Privacy Resources

 

Documentation

Data Processing Addendum

See the latest

Documentation

Data Processing Addendum FAQ

See the latest

Documentation

Trust and Compliance Documentation

Get the documentation
 

Guidance

Privacy and Ethical Use Principles Guiding our COVID-19 Response

Review the new guidance

White Paper

Work.com Privacy Questions and Answers for Salesforce Customers

Get the white paper

Checklist

Work.com Key Privacy Considerations Checklist

Get the checklist

Salesforce understands better customer experiences start with
data privacy.

Contact us if you have questions, comments, or requests related to Salesforce’s Privacy Statement, our data privacy practices, or how Salesforce embraces privacy and data protection laws.
Contact us