- December 30, 2019: CCPA compliance included.
- November 22, 2019: Revisions to comply with Google Standards.
- May 29, 2018: Added reference to Clari GDPR web link and clarified policy change notification.
- May 21, 2018: Clarified our disclosure policy to state that information will only be disclosed when required by public authorities or the law.
Sources of Personal Data
We collect Personal Data about you from:
- when you provide such information directly to us, and
- when Personal Data about you is automatically collected in connection with your use of our Services.
- Our subsidiaries and affiliates (together, “Affiliates”), when they provide us with Personal Data about you.
- Third parties, when they provide us with Personal Data about you (“Third Parties”). Third Parties that share your Personal Data with us include:
- Service providers. For example, Clari links to other services, such as Gmail (as described in more detail in the section below titled “Google Services”) and Salesforce. Clari does not access any information from these third-party services without your authorization, or by the authorization of your organization. You grant Clari this authorization when you connect these services to Clari, or when your organization's IT team authorizes these connections on your behalf. To opt out of connecting to these services, contact Clari at firstname.lastname@example.org.
- Advertising partners. We receive information about you from some of our service providers who assist us with marketing or promotional services related to how you interact with our websites, applications, products, services, advertisements or communications.
Clari requires read-only access to your Business Gmail account. By authorizing Clari to connect to your account, you are giving Clari read-only access (gmail.readonly) to all email content in your account as defined by Google’s Gmail API.
Clari collects email and calendar metadata for the sole business-related use of the user and Clari’s Client. The following data is stored:
- Gmail fields (Sender, Recipient, Date, Time, Subject, Attachment Name)
- GCalendar fields (Meeting Organizer, Guests, Date, Time, Meeting Title, Attachment Name)
The data collected is used by Clari to provide you and your business with visibility into sales opportunity activities.
We may also use the data (i) if we reasonably believe such use is required by any law, regulation, or government body or court, (ii) as necessary to help prevent a security threat to the Service, and (iii) to help internally improve the Service.
Clari will not sell your data or use it for serving advertisements.
The data obtained is subject to these additional restrictions:
- Clari will not transfer the data to others unless (i) doing so is necessary to comply with any law, regulation, or government body or court, or (ii) as part of a merger, acquisition, or sale of Clari’s assets.
- Clari will not use this Gmail data for serving advertisements.
- Clari will not sell your data.
- The Service will not allow humans to read this data unless necessary to comply with applicable laws or regulations and for occasional support purposes.
- Clari's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Categories of Personal Data We Collect
Category of Personal Data
Personal Data Collected
What is the source of this Personal Data?
You / Third Parties
Customer records identified by state law (including the California Customer Records statute (Cal. Civ. Code § 1798.80(e)))
You / Third Parties
Internet or other similar network activity information
Interactions with a website, application or advertisement.
You / Affiliates / Third Parties
City, State and Country for purposes of data aggregation.
The following sections provide additional information about how we collect your Personal Data.
Information Collected Automatically
- Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Services. Disabling these Cookies may make certain features and services unavailable.
- Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Services, maintain your preferences over time and recognize you when you return to our Services. These Cookies help us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
- Retargeting/Advertising Cookies.Retargeting/Advertising Cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you. For more information about this, please see the section below titled “Information about Interest-Based Advertisements.”
You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your computer. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some of the Services and functionalities may not work.
To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit https://ico.org.uk/for-the-public/online/cookies/ or http://www.allaboutcookies.org/
Information about Interest-Based Advertisements:
We may serve advertisements, and also allow third-party ad networks, including third-party ad servers, ad agencies, ad technology vendors and research firms, to serve advertisements through the Services. These advertisements may be targeted to users who fit certain general profile categories or display certain preferences or behaviors (“Interest-Based Ads”). Information for Internet-Based Ads (including Personal Data) may be provided to us by you, or derived from the usage patterns of particular users on the Services and/or services of third parties. Such information may be gathered through tracking users’ activities across time and unaffiliated properties, including when you leave the Services. To accomplish this, we or our service providers may deliver Cookies, including a file (known as a “web beacon”) from an ad network to you through the Services. Web beacons allow ad networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers. Web beacons also enable ad networks to serve targeted advertisements to you when you visit other websites. Web beacons allow ad networks to view, edit or set their own Cookies on your browser, just as if you had requested a web page from their site.
We comply with the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles for Online Behavioral Advertising. Through the DAA and Network Advertising Initiative (“NAI”), several media and marketing associations have developed an industry self-regulatory program to give consumers a better understanding of, and greater control over, ads that are customized based a consumer’s online behavior across different websites and properties. To make choices about Interest-Based Ads from participating third parties, including to opt-out of receiving behaviorally targeted advertisements from participating organizations, please visit the DAA’s or NAI’s consumer opt-out pages, which are located at http://www.networkadvertising.org/choices/ or www.aboutads.info/choices. Users in the European Union should visit the European Interactive Digital Advertising Alliance’s user information website http://www.youronlinechoices.eu/.
How We Use Your Personal Data
We process Personal Data to operate, improve, understand and personalize our Services. We use Personal Data for the following purposes:
- To operate and maintain the Service (such as, for the purposes of fixing malfunctions, testing our security systems, etc.).
- To provide you with the features, functions and benefits of the Service.
- To enhance, improve and further develop the Service (such as, creating new features or functions, refining the user experience, increasing Service technical performance, etc.).
- We will use your contact information to provide you with notices related to your use of the Service.
- We will use your contact information (such as, your email address) to provide you with training and emails with relevant product information. You can opt-out of receiving these emails - but in such case you may not receive the full benefit of the Service. Opting-out can be done by clicking the "manage email settings" link at the bottom of every email.
- To help personalize the Service experience for you (such as, remembering your information so you will not have to enter it each time you use the Service).
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- For the other purposes referenced in the "How We Share Your Personal Data" section below.
- And for any other business purpose stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act (the “CCPA”)
We disclose your Personal Data to the following categories of service providers and other parties:
- Service providers (a full list of which can be found here), including:
- Hosting and other technology and communications providers.
- Ad networks.
- Security and fraud prevention companies.
- Analytics providers.
- Staff augmentation and contract personnel.
- Our Affiliates.
- Parties who acquire your Personal Data through an acquisition or other change of control.
- Other parties at your direction.
- Other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorized by you through the Services).
- Third-party business partners who you access through the Services.
- Other parties authorized by you.
Over the past twelve months, we have disclosed the following categories of your Personal Data to service providers or other parties for the business purposes listed above
- A. Personal identifiers.
- B. Customer records identified by state law.
- C. Internet or other similar network activity information.
- D. Geolocation data.
Sales of Personal Data
We have never sold your Personal Data.
Data Security and Retention
Clari takes robust information security measures to protect your Information and to limit the risk that it will be accessed without authorization, including use of certain industry standard technologies and practices. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. That said, we cannot guarantee the security of such Information. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. No security system is perfect - so your use of the Service is at your own risk.
If we learn of a security systems breach, then we may attempt to notify you via email, phone, physical mail, or by a posting on your Service account page - so that you can take appropriate protective steps. Pursuant to our Terms of Service you have consented to receive such notice by electronic means (provided that such consent is void where prohibited by applicable law). To receive a free written notice of a security breach, or if you have any questions about the security of the Service, please contact us at email@example.com
In addition to the security measures referenced above, your Service account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
Personal Data of Children
What You Can Do with Your Personal Data
Editing Your Profile
Upon request, Clari will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information please contact us at firstname.lastname@example.org. If you wish to access, correct, or request deletion of your personal information, please contact us at email@example.com. Clari has no direct relationship with the individuals whose personal data it processes within its Service. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to Clari's Client (the data controller). If the Client requests Clari to remove the data, we will respond to their request within 30 days. If as an individual, you wish to identify the specific Client who is acting as the data controller of your Information, please contact firstname.lastname@example.org and we will provide their contact information subject to Clari receiving approval of release of that information from the data controller.
Deleting Your Account
You can delete your account by sending an email to email@example.com. Subject to the "Limitations on Deletion" section below, when you request us to delete your account for the Service, your data may be permanently deleted from our servers and access to your account will be disabled. We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.
Clari will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. Clari will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Limitations on Deletion
In addition, copies of your information may remain viewable elsewhere to the extent it has been publicly published by you or otherwise shared by you with others (such as your User Submissions).
We may also indefinitely retain and use any aggregated data derived from or incorporating your Information after you update or delete it, but not in a manner that would identify you personally.
We may also retain Information collected by Third Party usage tracking services in aggregate form, for the purposes of maintaining historical information on usage of our services.
We may also retain your Information to the extent required to comply with (or we deem it reasonable in light of) any laws or regulations.
You may sign-up to receive email or newsletter or other communications from us. If you would like to discontinue receiving this information, you may update your email preferences by using the "Unsubscribe" link found in emails we send to you or by contacting us at firstname.lastname@example.org.
We collect information for our Clients, if you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the client that you interact with directly
State-Specific Privacy Rights
California Resident Rights
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at email@example.com.
You have the right to request certain information about our collection and use of your Personal Data over the past 12 months. We will provide you with the following information:
- The categories of Personal Data that we have collected about you.
- The categories of sources from which that Personal Data was collected.
- The business or commercial purpose for collecting or selling your Personal Data.
- The categories of third parties with whom we have shared your Personal Data.
- The specific pieces of Personal Data that we have collected about you.
If we have disclosed your Personal Data for a business purpose over the past 12 months, we will identify the categories of Personal Data shared with each category of third party recipient.
You have the right to request that we delete the Personal Data that we have collected from you. Under the CCPA, this right is subject to certain exceptions: for example, we may need to retain your Personal Data to provide you with the Services or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.
Exercising Your Rights
To exercise the rights described above, you must send us a request that: (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data (for example, providing us your enterprise email address used to register for the Services), and (2) describe your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Data provided in a Valid Request to verify you and complete your request.
We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.
You may submit a Valid Request using the following methods:
- Call us at: (650) 265-2111
- Emailing us at: firstname.lastname@example.org
We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA
We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under the CCPA. However, we may offer different tiers of our Services as allowed by applicable data privacy laws (including the CCPA) with varying prices, rates, or levels of quality of the goods or services you receive related to the value of Personal Data that we receive from you.
Nevada Resident Rights
If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Data to third parties who intend to license or sell that Personal Data. You can exercise this right by contacting us at email@example.com with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account.
European Union Data Subject Rights
If you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”). For more information about Clari’s compliance with GDPR, please visit our page dedicated to GDPR.
Privacy Shield Protections
Clari participates in and has certified its compliance with the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Framework. Clari is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, visit the U.S. Department of Commerce’s Privacy Shield List: https://www.privacyshield.gov.
Clari is responsible for the processing of personal data it receives, under the Privacy Shield Frameworks, and for any subsequent transfers to a third party acting as an agent on its behalf. Clari complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Clari is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Clari may be required to disclose personal data in response to lawful requests by public authorities, including requests to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
1154 Sonora Court, Sunnyvale, CA 94086
Individuals and data protection supervisory authorities in the EU and the UK may contact our data protection representatives according to Articles 27 EU and UK GDPR:
EU: DP-Dock GmbH, Attn: Clari Inc., Ballindamm 39, 20095 Hamburg, Germany
UK: DP Data Protection Services UK Ltd., Attn: Clari Inc., 16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom