Last Updated: December 11, 2024
Table of Contents
I. About Our Privacy Policy
II. Controllers of Your Personal Data
III. Collection of Information
IV. Use of Information
V. Legal Basis for Processing
VI. Disclosure of Information
VII. Advertising and Analytics Services Provided by Others
VIII. Cross-Border Transfer of Information
IX. Your Rights
X. California Residents
XI. Data Retention
XII. Choices and Means to Control Your Personal Data
Appendix 1: Use of Personal Data
Appendix 2: Informatica Standard Contractual Clauses
I. About Our Privacy Policy
This Privacy Policy explains how Informatica collects, uses and discloses your personal data. This Privacy Policy applies to information we collect when you use our websites, mobile applications, social media pages, and other online products and services (collectively, the “Services”) or when you otherwise interact with us, including when you attend events hosted or sponsored by Informatica, contact us for customer support, visit our premises, facilities or offices (collectively, our “Facilities”), or interact with us in the context of other online or offline sales and marketing activities.
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of the policy and, in some cases, we may provide you with additional notice (such as by adding a statement to our website homepages or sending you an email notification) or otherwise seek additional consent in accordance with applicable law. We encourage you to review the Privacy Policy whenever you access the Services to stay informed about our information practices and the ways you can manage your privacy.
This Privacy Policy does not apply to the information processed by Informatica about its employees or job applicants, which is governed by a separate personnel privacy notice, or to information processed by Informatica on behalf of its customers via the Services, as further described in Informatica’s Data Processing Agreement and Processor Binding Corporate Rules available on our Legal page. You can email privacy@informatica.com to communicate with Informatica about its information processing on behalf of its customers.
II. Controllers of Your Personal Data
The Informatica entity or entities that determine the purposes and means of the processing of your personal data (“Controller”) depends on your geography. In all geographies, Informatica LLC is a controller. If you are in the European Economic Area, Informatica Ireland EMEA UC and Informatica LLC are co-Controllers. If you are in Brazil, IS INFORMATICA SOFTWARE LTDA and Informatica LLC are co-Controllers.
You can contact these entities and their privacy representatives at the addresses below:
Informatica LLC Attn: Legal Head of Global Privacy |
Informatica Ireland EMEA UC (Fifth Floor)
|
IS INFORMATICA SOFTWARE LTDA Av. Das Nações Unidas, 12901 - 3º. |
III. Collection of Information
Information You Provide to Us
We collect information you provide directly to us. For example, we collect information when you create an account (including a product user account), participate in interactive features of the Services, fill out a form, participate in a contest, promotion or survey, register for or attend an event or course, make a purchase, request customer support, or otherwise communicate with us. The types of information you may choose to provide include your name, email address, postal address, phone number, gender, information about your company and current position, and marketing preferences.
If some or all of this information is not collected, the main consequences include that we may not be able to deliver you products, services, or support, we may not be able to communicate with you, and we may not be able to respond to your comments and complaints.
Information We Collect Automatically When You Use the Services
When you access or use our Services, we automatically collect some or all of the following information about you:
- Log Information : We log information about your use of the Services, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our Services.
- Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers and mobile network information.
- Location Information: We derive your approximate location based on your IP address. We also collect your precise location each time you access or use one of our mobile applications. We collect this information in accordance with the permission process established by your mobile device operating system. If you want to later opt out of this collection, see XII. Choices and Means to Control Your Personal Data, below.
- Product Usage Information: When you use our enterprise products and services on behalf of your organization, we collect information about your device and your use of those products and services, including the device IP address, login credentials, time zone, error messages, product interactions and configurations and other similar usage information.
- Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information, including session replays of your navigation within our websites, and this includes sending cookies to your computer or mobile device. For more information about cookies, and how to disable them, please see our Cookie Policy.
- Inferences: We draw inferences about you from information we collect, such as your interest in particular products or services based on the pages you visit on our website.
Information We Collect from Other Sources
We also obtain information from other sources and combine that with information we collect about you. Informatica may receive information about you, the company you may work for and your approximate location from data enrichment service providers, advertising and marketing partners, public databases, and social media platforms. Additionally, Informatica receives information about you from other third parties who you have authorized to disclose your information, or who collect information in connection with co-branded offerings.
Information We Collect at Our Facilities
If you visit our Facilities, the video security cameras we use to help protect our employees, visitors, and property may record digital images of you, and we may collect information from you to enable us to identify you for security purposes.
IV. Use of Information
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. We use your personal data for the following purposes (for further details, see Appendix 1: Use of Personal Data to this Privacy Policy):
- To provide the Services: We use your personal data to provide the Services to you, including processing transactions with you, authenticating you when you log in, delivering the products and services you request, and sending you related information, including confirmations and invoices;
- To maintain and improve our Services: In order to make our Services smarter, more secure, and better integrated, we use information and collective learnings (including feedback) about how you use our Services to troubleshoot, to identify trends, usage, activity patterns, and areas for integration, to improve our Services, and to develop new products, features and technologies that benefit our users. In some cases, we apply these learnings across our Services to improve and develop similar or new features, to better integrate the Services you use, or to provide you with insights based on how others use our Services;
- To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and, in most cases, you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings;
- To offer Customer Support: We use your information to send you technical notices, updates, security alerts and support and administrative messages; respond to your comments, questions and requests; and provide customer service;
- To market, promote and drive engagement with the Services: We use information we collect including your contact information and information about how you use the Services to send marketing communications that may be of specific interest to you, including by email, about products, services, offers, promotions, rewards, and events offered by Informatica and others, and to provide news and information we think will be of interest to you. We may also target advertisements to you on third-party platforms and websites (for more information, see XII. Choices and Means to Control Your Personal Data, below). These communications may be informed by audits of interactions (like counting ad impressions) and are aimed at initiating and expanding subscription and adoption of our products and Services and driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new Services, product offers, promotions, and contests. You can control whether you receive these communications as described below.
- To process and deliver contest entries and rewards.
- For safety and security: We use information about you and your Service use to help verify accounts and activity, to help detect, prevent, and respond to potential or actual security incidents, to help monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Service policies, to help detect and help prevent unauthorized access to our Facilities, to secure property and information, to help protect the health and safety of our personnel and visitors, and to help detect and prevent criminal behavior or misconduct;
- To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business. Before doing so, we take the necessary steps to help ensure that your personal data will be given adequate protection as required by applicable law.
We may also use the information we collect to generate de-identified data that cannot reasonably be used to identify you. In some jurisdictions, this data is not treated as personal data. For those jurisdictions, we will maintain and use the data only in a de-identified fashion and will not attempt to re-identify the data.
V. Legal Basis for Processing
When we process this personal data, we will only do so in the following situations:
- Although our contracts are generally with corporate entities and not directly with data subjects, it is conceivable that we may need to use your personal data to enter into and perform our responsibilities under a contract directly with you (including processing payments, providing our Services to you, or providing support) and to protect the security and safety of the Services. We may collect any information that is reasonably necessary to negotiate, enter, and fulfil the contract. The information collected for this purpose may include your business contact information and the order details, as well as information for the implementation of services.
- We have a legitimate interest in processing your personal data. For example, we process the personal data we collect from you to send you marketing communications, to communicate with you about changes to our Services, to enhance the safety and security of our Facilities, and to help provide, secure, and improve our Services.
- If we request your consent to a specific processing activity, and you provide your consent in the manner indicated.
- In some cases, processing will be necessary for compliance with a legal obligation. Legal obligations for which Informatica may process personal data are responding to legal process, processing data subject rights requests, and complying with export and sanctions laws.
If you have consented to our use of your personal data for a specific purpose, you have the right to withdraw your consent, but this will not affect the data processing that has already happened. Where we are using your information because we have a legitimate interest to do so, you have the right to object to that use, but in some cases, this may mean no longer being able to use the Services.
VI. Disclosure of Information
We may disclose your personal data as follows or as otherwise described in this Privacy Policy.
- With your consent or at your direction, including with third parties who participate in an Informatica joint marketing campaign, seminar, marketplace product offering or other joint product, service or event, and/or with distributors and resellers of Informatica products and services or with sellers of products and services complementary to Informatica products and services, for their sales and marketing purposes.
- With vendors, consultants and other service providers to perform services for us, including payment processors (which assist us in issuing and receiving payments with counterparties), data enrichment service providers (which provide information on you to help us correct errors and ensure that our records are complete and up to date) session replay service providers (which can replay your visit to our website to enable us to understand how visitors use our Services) and analytics service providers (which assist us in determining which advertisements are shown to you - please see further detail at VII. Advertising and Analytics Services Provided by Others). Google Analytics, one such analytics service provider used in some geographies, processes data as described at https://policies.google.com/technologies/partner-sites; some Services are protected by reCAPTCHA, for which the Google Privacy Policy and Terms of Service at https://policies.google.com/ apply.
- With professional advisors, including lawyers, auditors, and insurance companies.
- If required by applicable law, regulation or legal process, including in connection with lawful requests by law enforcement, national security, or other public authorities.
- To protect the rights, property and safety of Informatica or others,
- With enterprise customers on whose behalf you use our Services, e.g., as an employee;
- In connection with the merger or sale of all or a portion of our business to another company; and
- We also disclose aggregated or de-identified information, which cannot reasonably be used to identify you.
VII. Advertising and Analytics Services Provided by Others
We allow others to serve advertisements on our behalf across the Internet and to provide analytics services on our behalf. These entities use cookies, web beacons and other technologies to collect information about your use of the Services and other websites, including your IP address, web browser, pages viewed, time spent on pages, links clicked and conversion information. This information is used by Informatica and these entities to analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our Services and other websites, and better understand your online activity.
You may control the application of third-party analytics and advertising cookies, web beacons, session replay technology, and other tracking technologies through the cookie preferences manager available here. For more information about cookies, including how you may be able to opt out of interest-based ads, please see our Cookie Policy at https://www.informatica.com/legal/cookie-policy.html.
VIII. Cross-Border Transfer of Information
Informatica processes information in the United States and other countries. Accordingly, we and our service providers may transfer your information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. Informatica generally transfers information to affiliates and service providers in the the United States, UK, India or Canada, although in some cases those service providers may transfer information to their own service providers. We have implemented safeguards including binding corporate rules and standard contractual clauses to ensure that your personal data receives an adequate level of protection in the jurisdictions in which it is processed.
Data transferred from the European Economic Area (“EEA”) to Informatica and between Informatica affiliates outside the EEA will be processed pursuant to the Informatica Controller Binding Corporate Rules, a copy of which is available at https://www.informatica.com/binding-corporate-rules.html (the “BCRs”). The BCRs are incorporated by reference into this Privacy Policy and enforceable by you against Informatica. We encourage you to review the BCRs, in particular sections V (Data Protection Safeguards) and VI (The Binding Nature of the BCR), to learn more about our processing activities under the BCRs and the rights you may have under the BCRs.
Data transferred from the EEA to service providers in countries not deemed adequate by the European Commission, will be processed pursuant to appropriate safeguards, including the European Commission approved Standard Contractual Clauses, to ensure an adequate level of protection. Copies of the standard Contractual Clauses we use to facilitate these transfers are available at Appendix 2: Informatica Standard Contractual Clauses. Data transferred from other jurisdictions with applicable data transfer laws, including Brazil, Switzerland, and the UK, to service providers in countries not deemed adequate by the applicable data protection authority, will also be processed pursuant to appropriate safeguards including the applicable standard contractual clauses.
EU-U.S. Data Privacy Framework and UK Extension
Informatica LLC and its U.S. subsidiaries comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. Informatica LLC and its U.S. subsidiaries have certified to the U.S. Department of Commerce that they adhere to the EU-U.S. Data Privacy Framework Principles (“DPF Principles”) with regard to the processing of personal data received from the European Union and the United Kingdom (collectively, “EU and UK Data”) in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. To learn more about the Data Privacy Framework and to view our certification, please visit the Department of Commerce’s website https://www.dataprivacyframework.gov/.
Please direct any inquiries or complaints regarding our compliance with the DPF Principles to the point of contact listed in the “Controllers of Your Personal Data” section above. If Informatica does not resolve your complaint, you may submit your complaint free of charge for resolution to JAMS, Informatica’s designated independent Data Privacy Framework dispute resolution provider, at https://www.jamsadr.com/eu-us-data-privacy-framework. Under certain conditions specified by the DPF Principles, you may also be able to invoke binding arbitration to resolve your complaint. Informatica is subject to the investigatory and enforcement powers of the Federal Trade Commission. If Informatica discloses EU Data to a third-party service provider that processes the data solely on Informatica’s behalf, then Informatica may be held liable for that third party’s processing of EU Data in violation of the DPF Principles, unless Informatica can prove that it is not responsible for the event giving rise to the damage.
IX. Your Rights
Access and Other Data Subject Rights Generally
Depending upon your jurisdiction and subject to limits under applicable law, you may be entitled to request a copy of the personal data Informatica holds about you (including in a structured, commonly used, machine-readable format where applicable under the right of data portability), correction of the data, deletion of the data, and/or restriction of the data, as well as request that Informatica transmit your personal data to another controller (where applicable under the right of data portability), object to the processing of your personal data, or opt-out of the sale or sharing of your personal data or its use in targeted advertisements, in accordance with the rights available to you in your jurisdiction. You may submit your request through one of our online request forms (this request form to opt out of sale or sharing as described above, this request form for all other requests), or by emailing us at privacy@informatica.com, or by contacting us at the address listed in section II. Controllers of Your Personal Data section. Where Informatica’s processing of your personal data is based on your consent, you may also have the right to withdraw your consent at any time (without affecting the lawfulness of such processing before its withdrawal) by the foregoing methods.
Data Subject Requests for European Residents
If you are in the EEA, Switzerland, or the UK, you have the right to:
- Request a copy of the personal data Informatica holds about you (including in a structured, commonly used, machine-readable format where applicable under the right of data portability),
- Request that Informatica transmit your personal data to another controller (where applicable under the right of data portability),
- Request that Informatica correct your data,
- Request that your data be deleted,
- Withdraw your consent, if you have consented to our use of personal data for a specific purpose,
- Request that your data be restricted, and
- Object to the processing of your personal data
- If you are in the EEA and have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside. Informatica’s lead Data Protection Authority in the EU/EEA is the Irish Data Protection Commission (DPC). For contact details of your local Data Protection Authority, please see: https://edpb.europa.eu/about-edpb/board/members_en. If you are in Switzerland, see the Federal Data Protection and Information Commissioner at https://www.edoeb.admin.ch/edoeb/en/home.html. If you are in the UK, see the Information Commissioner’s Office at https://ico.org.uk/.
For personal data transferred outside of the EEA in accordance with the BCRs, you can review sections V (Data Protection Safeguards) and VI (The Binding Nature of the BCR) of the BCRs available online at https://www.informatica.com/binding-corporate-rules.html for additional information on rights you may have, including any third party beneficiary rights.
Data Subject Requests for Brazil Residents
In addition to the methods of exercising rights outlined above, data subjects may exercise their rights or file a complaint or question by contacting Informatica’s data protection officer for Brazil under the LGPD (infalatam@informatica.com).
For information on the personal data collected and how that data is collected, used and disclosed, see the III. Collection of Information , IV. Use of Information , and VI. Disclosure of Information sections above. Any agents to whom the data are disclosed are contractually bound to use the data to perform the obligations and provide the services and/or deliverables under their agreement with Informatica and to implement, maintain and monitor appropriate administrative, technical and organizational safeguards for that data consistent with the requirements of LGPD. Transfer of data subjects’ personal data outside Brazil is performed in accordance with this Privacy Policy and the LGPD.
Where Informatica is subject to the requirements of Brazilian General Data Protection Law (LGPD), you may, should you feel it necessary, lodge a complaint with your local data protection authority if you feel your privacy rights have been infringed. You can find details of your local data protection authority here: the National Data Protection Authority (Autoridade Nacional de Proteção de Dados (ANDP)). https://www.gov.br/anpd/pt-br
Québec Data Subjects
For additional information about the processing of your personal data if you are a resident of Quebec, Canada, you can contact the person in charge of the protection of personal information at Informatica Software Ltd. Canada is, by delegation, Informatica’s Chief Privacy Officer (privacy@informatica.com).
Right to Appeal
In some jurisdictions, you have the right to submit an appeal within a reasonable time after you receive from us a refusal to take action on your request. You may submit your appeal through our online request form, or by emailing us at privacy@informatica.com, or by contacting us at the address listed in section II. Controllers of Your Personal Data section. Include the word APPEAL in capital letters in the comment to the online request, in the header of the email, or in the subject of your written communication. We will respond to your appeal no later than 60 days after receipt. If you are dissatisfied with our response to your appeal, you may have the right to appeal to a regulator or other government agent. Consumers in Virginia may file a complaint to the attorney general of Virginia.
X. California Residents
Under the California Consumer Privacy Act of 2018 (“CCPA”) as amended, you have specific rights regarding your personal information if you are a California resident (“Consumer”) as further described in the Notice to California Residents.
XI. Data Retention
We store the personal data we collect about you for as long as is necessary for the purposes for which we originally collected it. We may retain certain information for legitimate business purposes, as required by law, or where necessary to preserve it in contemplation of litigation, legal proceedings or an investigation. The storage periods are determined on a case-by-case basis that depends on factors like the nature of the information, why it is collected and processed, relevant legal or operational retention needs, and legal obligations.
XII. Choices and Means to Control Your Personal Data
You may limit use and disclosure of your personal data as described below.
Cookies and Tracking Technologies
You may control the application of, or opt out from the use of, third-party analytics and advertising cookies and technology tracking that may collect personal data by means of the cookie preferences manager available here.
Account Information
If you have registered for an account via our Services, you may update, correct or delete your account information by logging into your online account.
Location Information
Some of our mobile applications collect precise geolocation information from your mobile device. Prior to collecting such information, you will be asked to consent to the application’s collection of this information. If you initially consent to our collection of location information, you may be able to subsequently stop the collection of this information through your device operating system settings. You may also stop our collection of location information by following the standard uninstall process to remove our mobile applications from your device.
Promotional Communications
You may opt out of receiving promotional communications from Informatica by following the instructions provided in those communications or at https://now.informatica.com/UnsubscribePage.html, or may manage your email preferences more specifically at https://now.informatica.com/email-preference-center.html. Please note that if you opt out of receiving promotional communications, we may still send you transactional or relationship messages, such as those about your account or our ongoing business relations.
Appendix 1: Use of Personal Data
Retention of personal information
We primarily host personal information collected pursuant to this Privacy Policy in the USA, UK, India and Canada. We retain transferred categories of personal information above for a period consistent with the purpose of the transfer necessary for processing by the importer and to meet our legal and regulatory obligations.
Appendix 2: Informatica Standard Contractual Clauses