Last Updated: December 1, 2023
Table of Contents
II. Controllers of Your Personal Data
The Informatica entity or entities that determine the purposes and means of the processing of your personal data (“Controller”) depends on your geography. In all geographies, Informatica LLC is a controller. If you are in the European Economic Area, Informatica Ireland EMEA UC and Informatica LLC are co-Controllers. If you are in Brazil, IS INFORMATICA SOFTWARE LTDA and Informatica LLC are co-Controllers.
You can contact these entities and their privacy representatives at the addresses below:
Attn: Legal Head of Global Privacy
Informatica Ireland EMEA UC
IS INFORMATICA SOFTWARE LTDA
Av. Das Nações Unidas, 12901 - 3º.
III. Collection of Information
Information You Provide to Us
We collect information you provide directly to us. For example, we collect information when you create an account (including a product user account), participate in interactive features of the Services, fill out a form, participate in a contest, promotion or survey, register for or attend an event or course, make a purchase, request customer support, or otherwise communicate with us. The types of information you may choose to provide include your name, email address, postal address, phone number, gender, information about your company and current position, and marketing preferences.
If some or all of this information is not collected, the main consequences include that we may not be able to deliver you products, services, or support, we may not be able to communicate with you, and we may not be able to respond to your comments and complaints.
Information We Collect Automatically When You Use the Services
When you access or use our Services, we automatically collect some or all of the following information about you:
- Log Information : We log information about your use of the Services, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our Services.
- Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers and mobile network information.
- Location Information: We derive your approximate location based on your IP address. We also collect your precise location each time you access or use one of our mobile applications. We collect this information in accordance with the permission process established by your mobile device operating system. If you want to later opt out of this collection, see XII. Choices and Means to Control Your Personal Data, below.
- Product Usage Information: When you use our enterprise products and services on behalf of your organization, we collect information about your device and your use of those products and services, including the device IP address, login credentials, time zone, error messages, product interactions and configurations and other similar usage information.
- Inferences: We draw inferences about you from information we collect, such as your interest in particular products or services based on the pages you visit on our website.
We also obtain information from other sources and combine that with information we collect about you. Informatica may receive information about you, the company you may work for and your approximate location from data enrichment service providers, advertising and marketing partners, public databases, and social media platforms. Additionally, Informatica receives information about you from other third parties who you have authorized to disclose your information, or who collect information in connection with co-branded offerings.
Information We Collect at Our Facilities
If you visit our Facilities, the video security cameras we use to help protect our employees, visitors, and property may record digital images of you, and we may collect information from you to enable us to identify you for security purposes.
IV. Use of Information
- To provide the Services: We use your personal data to provide the Services to you, including processing transactions with you, authenticating you when you log in, delivering the products and services you request, and sending you related information, including confirmations and invoices;
- To maintain and improve our Services: In order to make our Services smarter, more secure, and better integrated, we use information and collective learnings (including feedback) about how you use our Services to troubleshoot, to identify trends, usage, activity patterns, and areas for integration, to improve our Services, and to develop new products, features and technologies that benefit our users. In some cases, we apply these learnings across our Services to improve and develop similar or new features, to better integrate the Services you use, or to provide you with insights based on how others use our Services;
- To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and, in most cases, you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings;
- To offer Customer Support: We use your information to send you technical notices, updates, security alerts and support and administrative messages; respond to your comments, questions and requests; and provide customer service;
- To market, promote and drive engagement with the Services: We use information we collect including your contact information and information about how you use the Services to send marketing communications that may be of specific interest to you, including by email, about products, services, offers, promotions, rewards, and events offered by Informatica and others, and to provide news and information we think will be of interest to you. We may also target advertisements to you on third-party platforms and websites (for more information, see XII. Choices and Means to Control Your Personal Data, below). These communications may be informed by audits of interactions (like counting ad impressions) and are aimed at initiating and expanding subscription and adoption of our products and Services and driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new Services, product offers, promotions, and contests. You can control whether you receive these communications as described below.
- To process and deliver contest entries and rewards..
- For safety and security: We use information about you and your Service use to help verify accounts and activity, to help detect, prevent, and respond to potential or actual security incidents, to help monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Service policies, to help detect and help prevent unauthorized access to our Facilities, to secure property and information, to help protect the health and safety of our personnel and visitors, and to help detect and prevent criminal behavior or misconduct;
- To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business. Before doing so, we take the necessary steps to help ensure that your personal data will be given adequate protection as required by applicable law.
We may also use the information we collect to generate de-identified data that cannot reasonably be used to identify you. In some jurisdictions, this data is not treated as personal data. For those jurisdictions, we will maintain and use the data only in a de-identified fashion and will not attempt to re-identify the data.
V. Legal Basis for Processing
When we process this personal data, we will only do so in the following situations:
- Although our contracts are generally with corporate entities and not directly with data subjects, it is conceivable that we may need to use your personal data to enter into and perform our responsibilities under a contract directly with you (including processing payments, providing our Services to you, or providing support) and to protect the security and safety of the Services. We may collect any information that is reasonably necessary to negotiate, enter, and fulfil the contract. The information collected for this purpose may include your business contact information and the order details, as well as information for the implementation of services.
- We have a legitimate interest in processing your personal data. For example, we process the personal data we collect from you to send you marketing communications, to communicate with you about changes to our Services, to enhance the safety and security of our Facilities, and to help provide, secure, and improve our Services.
- If we request your consent to a specific processing activity, and you provide your consent in the manner indicated.
- In some cases, processing will be necessary for compliance with a legal obligation. Legal obligations for which Informatica may process personal data are responding to legal process, processing data subject rights requests, and complying with export and sanctions laws.
If you have consented to our use of your personal data for a specific purpose, you have the right to withdraw your consent, but this will not affect the data processing that has already happened. Where we are using your information because we have a legitimate interest to do so, you have the right to object to that use, but in some cases, this may mean no longer being able to use the Services.
VI. Disclosure of Information
- With your consent or at your direction, including with third parties who participate in an Informatica joint marketing campaign, seminar, marketplace product offering or other joint product, service or event, and/or with distributors and resellers of Informatica products and services or with sellers of products and services complementary to Informatica products and services, for their sales and marketing purposes.
- With professional advisors, including lawyers, auditors, and insurance companies.
- If required by applicable law, regulation or legal process, including in connection with lawful requests by law enforcement, national security, or other public authorities.
- To protect the rights, property and safety of Informatica or others,
- With enterprise customers on whose behalf you use our Services, e.g., as an employee;
- In connection with the merger or sale of all or a portion of our business to another company; and
- We also disclose aggregated or de-identified information, which cannot reasonably be used to identify you.
VII. Advertising and Analytics Services Provided by Others
VIII. Cross-Border Transfer of Information
Informatica processes information in the United States and other countries. Accordingly, we and our service providers may transfer your information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. Informatica generally transfers information to service providers in the European Economic Area (“EEA”) or the United States, although in some cases those service providers may transfer information to their own service providers, or we may transfer information directly to our service providers, in other countries including Australia, Brazil, India, and Singapore. We have implemented safeguards including binding corporate rules and standard contractual clauses to ensure that your personal data receives an adequate level of protection in the jurisdictions in which we process it.
Data transferred from the UK or Switzerland to countries not deemed adequate by the applicable data protection authority, or from the EEA to service providers in countries not deemed adequate by the applicable data protection authority, will be processed pursuant to appropriate safeguards, including the European Commission approved Standard Contractual Clauses, to ensure an adequate level of protection. Copies of the standard Contractual Clauses we use to facilitate these transfers are available at Appendix 2: Informatica Standard Contractual Clauses.
EU-U.S. Data Privacy Framework
Informatica LLC and its U.S. subsidiaries comply with the EU-U.S. Data Privacy Framework Principles (“DPF Principles”) as set forth by the U.S. Department of Commerce regarding collection, use, and retention of personal data transferred from the European Union (collectively, “EU Data”) to the United States in reliance on the DPF Principles. For more information about the Data Privacy Framework and to view our certification, please visit the Department of Commerce’s website https://www.dataprivacyframework.gov/.
Please direct any inquiries or complaints regarding our compliance with the DPF Principles to the point of contact listed in the “Controllers of Your Personal Data” section above. If Informatica does not resolve your complaint, you may submit your complaint free of charge for resolution to JAMS, Informatica’s designated independent Data Privacy Framework dispute resolution provider, at https://www.jamsadr.com/eu-us-data-privacy-framework. Under certain conditions specified by the DPF Principles, you may also be able to invoke binding arbitration to resolve your complaint. Informatica is subject to the investigatory and enforcement powers of the Federal Trade Commission. If Informatica discloses EU Data to a third-party service provider that processes the data solely on Informatica’s behalf, then Informatica may be held liable for that third party’s processing of EU Data in violation of the DPF Principles, unless Informatica can prove that it is not responsible for the event giving rise to the damage.
IX. Your Rights
Access and Other Data Subject Rights Generally
Depending upon your jurisdiction and subject to limits under applicable law, you may be entitled to request a copy of the personal data Informatica holds about you (including in a structured, commonly used, machine-readable format where applicable under the right of data portability), correction of the data, deletion of the data, and/or restriction of the data, as well as request that Informatica transmit your personal data to another controller (where applicable under the right of data portability), object to the processing of your personal data, or opt-out of the sale or sharing of your personal data or its use in targeted advertisements, in accordance with the rights available to you in your jurisdiction. You may submit your request through our online request form, or by emailing us at firstname.lastname@example.org, or by contacting us at the address listed in section II. Controllers of Your Personal Data section. Where Informatica’s processing of your personal data is based on your consent, you may also have the right to withdraw your consent at any time (without affecting the lawfulness of such processing before its withdrawal) by the foregoing methods.
Data Subject Requests for European Residents
If you are in the EEA, Switzerland, or the UK, you have the right to:
- Request a copy of the personal data Informatica holds about you (including in a structured, commonly used, machine-readable format where applicable under the right of data portability),
- Request that Informatica transmit your personal data to another controller (where applicable under the right of data portability),
- Request that Informatica correct your data,
- Request that your data be deleted,
- Withdraw your consent, if you have consented to our use of personal data for a specific purpose,
- Request that your data be restricted, and
- Object to the processing of your personal data
- If you are in the EEA and have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside. Informatica’s lead Data Protection Authority in the EU/EEA is the Irish Data Protection Commission (DPC). For contact details of your local Data Protection Authority, please see: https://edpb.europa.eu/about-edpb/board/members_en. If you are in Switzerland, see the Federal Data Protection and Information Commissioner at https://www.edoeb.admin.ch/edoeb/en/home.html. If you are in the UK, see the Information Commissioner’s Office at https://ico.org.uk/.
For personal data transferred outside of the EEA in accordance with the BCRs, you can review sections V (Data Protection Safeguards) and VI (The Binding Nature of the BCR) of the BCRs available online at https://www.informatica.com/binding-corporate-rules.html for additional information on rights you may have, including any third party beneficiary rights.
Data Subject Requests for Brazil Residents
In addition to the methods of exercising rights outlined above, data subjects may exercise their rights or file a complaint or question by contacting Informatica’s data protection officer for Brazil under the LGPD (email@example.com).
Where Informatica is subject to the requirements of Brazilian General Data Protection Law (LGPD), you may, should you feel it necessary, lodge a complaint with your local data protection authority if you feel your privacy rights have been infringed. You can find details of your local data protection authority here: the National Data Protection Authority (Autoridade Nacional de Proteção de Dados (ANDP)). https://www.gov.br/anpd/pt-br
Québec Data Subjects
For additional information about the processing of your personal data if you are a resident of Quebec, Canada, you can contact the person in charge of the protection of personal information at Informatica Software Ltd. Canada is, by delegation, Informatica’s Chief Privacy Officer (firstname.lastname@example.org)
In some jurisdictions, you have the right to submit an appeal within a reasonable time after you receive from us a refusal to take action on your request. You may submit your appeal through our online request form, or by emailing us at email@example.com, or by contacting us at the address listed in section II. Controllers of Your Personal Data section. Include the word APPEAL in capital letters in the comment to the online request, in the header of the email, or in the subject of your written communication. We will respond to your appeal no later than 60 days after receipt. If you are dissatisfied with our response to your appeal, you may have the right to appeal to a regulator or other government agent. Consumers in Virginia may file a complaint to the attorney general of Virginia.
X. California Residents
Under the California Consumer Privacy Act of 2018 (“CCPA”) as amended, you have specific rights regarding your personal information if you are a California resident (“Consumer”) as further described in the Notice to California Residents.
We store the personal data we collect about you for as long as is necessary for the purposes for which we originally collected it. We may retain certain information for legitimate business purposes, as required by law, or where necessary to preserve it in contemplation of litigation, legal proceedings or an investigation. The storage periods are determined on a case-by-case basis that depends on factors like the nature of the information, why it is collected and processed, relevant legal or operational retention needs, and legal obligations.
XII. Choices and Means to Control Your Personal Data
You may limit use and disclosure of your personal data as described below.
Cookies and Tracking Technologies
You may control the application of, or opt out from the use of, third-party analytics and advertising cookies and technology tracking that may collect personal data by means of the cookie preferences manager available here: https://www.informatica.com/privacy-policy/personal-information.html.
Some of our mobile applications collect precise geolocation information from your mobile device. Prior to collecting such information, you will be asked to consent to the application’s collection of this information. If you initially consent to our collection of location information, you may be able to subsequently stop the collection of this information through your device operating system settings. You may also stop our collection of location information by following the standard uninstall process to remove our mobile applications from your device.
You may opt out of receiving promotional communications from Informatica by following the instructions provided in those communications or at https://now.informatica.com/UnsubscribePage.html, or may manage your email preferences more specifically at https://now.informatica.com/email-preference-center.html. Please note that if you opt out of receiving promotional communications, we may still send you transactional or relationship messages, such as those about your account or our ongoing business relations.
Appendix 1: Use of Personal Data