SALESFORCE.ORG
Privacy Statement, effective as of November 15, 2015

Salesforce.org (“Salesforce.org”) is committed to protecting the privacy of individuals who visit the Salesforce.org’s Web site (“Visitors”), individuals who register to use the Services as defined below (“Customers”), and individuals who register to attend the Salesforce.org’s corporate events (“Attendees”). This Privacy Statement describes Salesforce.org’s privacy practices in relation to the use of the Salesforce.org’s Web site (as defined below) and the related salesforce.com, inc. (“SFDC”) applications and services (the “Services”) made available by Salesforce.org as an authorized reseller of SFDC.

If you have questions or complaints regarding Salesforce.org’s Privacy Statement or associated practices, please contact us at SFDOLegal@salesforce.com.

1. Web sites covered

This Privacy Statement covers the information practices of Web sites that link to this Privacy Statement, including: http://www.salesforce.org (referred to as “Salesforce.org’s Web site”).

Salesforce.org’s Web site may contain links to other Web sites. The information practices or the content of such other Web sites is governed by the privacy statements of such other Web sites. Salesforce.org encourages you to review the privacy statements of other Web sites to understand their information practices.

2. Information collected

When expressing an interest in obtaining additional information about the Services or registering to use the Services, Salesforce.org requires you to provide Salesforce.org with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Salesforce.org may require you to provide Salesforce.org with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Salesforce.org may also ask you to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information about Visitors or Customers are referred to collectively as “Data About Salesforce.org Customers”, or in the case of Attendees, “Data About Salesforce.org Attendees”.

As you navigate Salesforce.org’s Web site, Salesforce.org may also collect information through the use of commonly-used information-gathering tools, such as cookies (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on Salesforce.org’s Web site (such as the Web pages viewed and the links clicked). For additional information about the collection of Web Site Navigational Information by Salesforce.org and others, please click here.

3. Use of information collected

Salesforce.org uses Data About Salesforce.org Customers to perform the services requested. For example, if you fill out a “Contact Me” Web form, Salesforce.org will use the information provided to contact you about your interest in the Services.

Salesforce.org also uses Data About Salesforce.org Attendees to plan and host corporate events, host online forums and social networks in which event attendees may participate, and to populate online profiles for Attendees on Salesforce.org’s Web site. Additional information on Salesforce.org’s privacy practices with respect to Data About Salesforce.org Attendees may be found in additional privacy statements on the event Web sites, as the case may be. Please see here for more information on bulletin boards, blogs, or chat rooms provided by Salesforce.org in connection with its events.

Salesforce.org may also use Data About Salesforce.org Customers and Data About Salesforce.org Attendees for marketing purposes. For example, Salesforce.org may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding Salesforce.org, its affiliates, and its partners, such as information about promotions or events.

Salesforce.org uses credit card information solely to check the financial qualifications and collect payment from prospective Customers and Attendees.

Salesforce.org uses Web Site Navigational Information to operate and improve Salesforce.org’s Web site. Salesforce.org may also use Web Site Navigational Information alone or in combination with Data About Salesforce.org Customers and Data About Salesforce.org Attendees to provide personalized information about Salesforce.org. For additional information about the use of Web Site Navigational Information, please click here.

4. Web Site Navigational Information

Cookies, Web Beacons and IP Addresses
Salesforce.org uses commonly-used information-gathering tools, such as cookies, to collect information as you navigate Salesforce.org’s Web site (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on Salesforce.org’s Web site and how this information may be used.

Cookies
Salesforce.org uses cookies to make interactions with Salesforce.org’s Web site easy and meaningful. When you visit one of Salesforce.org’s Web site, a cookie may be sent to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to Salesforce.org, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Me” or a “30 Day Free Trial” Web form), you remain anonymous to Salesforce.org.

Salesforce.org uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. Please note that if you disable your Web browser’s ability to accept cookies, you will be able to navigate Salesforce.org’s Web site, but you will not be able to successfully use the Services.

The following sets out how Salesforce.org uses different categories of cookies and your options for managing cookies’ settings:

Type of Cookies Description Managing Settings
Required cookies Required cookies enable you to navigate Salesforce.org’s Web site and use its features, such as accessing secure areas of the Web sites. Because required cookies are essential to operate Salesforce.org’s Web site, there is no option to opt out of these cookies.
Performance cookies These cookies collect information about how Visitors use our Web site, including which pages Visitors go to most often and if they receive error messages from certain pages. These cookies do not collect information that individually identifies a Visitor. All information these cookies collect is aggregated and anonymous. It is only used to improve how Salesforce.org’s Web site functions and performs.

From time-to-time, Salesforce.org engages third parties to track and analyze usage and volume statistical information from individuals who visit Salesforce.org’s Web site. Salesforce.org may also utilize Flash cookies for these purposes.

To learn how to opt out of performance cookies using your browser settings click here.

To learn how to manage privacy and storage settings for Flash cookies click here.

Functionality cookies Functionality cookies allow Salesforce.org’s Web site to remember information you have entered or choices you make (such as your username, language, or your region) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize.

Salesforce.org uses local shared objects, also known as Flash cookies, to store your preferences or display content based upon what you view on our Web sites to personalize your visit.

To learn how to opt out of functionality cookies using your browser settings click here. Note that opting out may impact the functionality you receive when visiting Salesforce.org.

To learn how to manage privacy and storage settings for Flash cookies click here.

Targeting or Advertising cookies From time-to-time, Salesforce.org engages third parties to track and analyze usage and volume statistical information from individuals who visit Salesforce.org’s Web site. Salesforce.org sometimes uses cookies delivered by third parties to track the performance of Company advertisements. For example, these cookies remember which browsers have visited Salesforce.org’s Web site. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after Salesforce.org receives it.

Salesforce.org also contracts with third-party advertising networks that collect IP addresses and other information from Web Beacons (see below) on Salesforce.org’s Web site, from emails, and on third-party Web sites. Ad networks follow your online activities over time by collecting Web Site Navigational Information through automated means, including through the use of cookies. They use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other Web sites. This process also helps us manage and track the effectiveness of our marketing efforts.

Third parties, with whom Salesforce.org partners to provide certain features on our Web sites or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored.

To learn more about these and other advertising networks and their opt out instructions, click here and here.

To learn how to manage privacy and storage settings for Flash cookies click here.

Web Beacons
Salesforce.org uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of Salesforce.org’s Web site and interaction with emails from Salesforce.org. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Salesforce.org may place Web beacons in marketing emails that notify Salesforce.org when you click on a link in the email that directs you to one of Salesforce.org’s Web site. Salesforce.org uses Web beacons to operate and improve Salesforce.org’s Web site and email communications.

IP Addresses
When you visit Salesforce.org’s Web site, Salesforce.org collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Salesforce.org uses IP addresses to monitor the regions from which Customers and Visitors navigate Salesforce.org’s Web site.

Social Media Features
Salesforce.org’s Web site may use social media features, such as the Facebook ‘like’ button (“Social Media Features”). These features may collect your IP address and which page you are visiting on Salesforce.org’s Web site, and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities on Salesforce.org’s Web site to a profile page of yours that is provided by a third party Social Media network in order to share with others within your network. Social Media Features are either hosted by a third party or hosted directly on Salesforce.org’s Web site. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features.

Do Not Track
Currently, various browsers – including Internet Explorer, Firefox, and Safari – offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user’s browser DNT preference setting. Salesforce.org does not currently commit to responding to browsers’ DNT signals with respect to Salesforce.org’s Web site, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Salesforce.org takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

5. Public forums, refer a friend, and customer testimonials

Salesforce.org may provide bulletin boards, blogs, or chat rooms on Salesforce.org’s Web site, including Salesforce.org’s Power of Us Hub. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Salesforce.org is not responsible for the personal information you choose to submit in these forums.

Customers and Visitors may elect to use Salesforce.org’s referral program to inform friends about Salesforce.org’s Web site. When using the referral program, Salesforce.org requests the friend’s name and email address. Salesforce.org will automatically send the friend a one-time email inviting him or her to visit Salesforce.org’s Web site. Salesforce.org does not store this information.

Salesforce.org posts a list of Customers and testimonials on Salesforce.org’s Web site that contain information such as Customer names and titles. Salesforce.org obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.

6. Sharing of information collected

Service Providers
Salesforce.org may share Data About Salesforce.org Customers and Data About Salesforce.org Attendees with Salesforce.org’s contracted service providers so that these service providers can provide services on our behalf. Without limiting the foregoing, Salesforce.org may also share Data About Salesforce.org Customers and Data About Salesforce.org Attendees with Salesforce.org’s service providers to ensure the quality of information provided, and with third-party social networking and media Web sites, such as Facebook, for marketing and advertising on those Web sites. Unless described in this Privacy Statement, Salesforce.org does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Salesforce.org Affiliates
Salesforce.org may share Data About Salesforce.org Customers with other companies in order to work with them, including affiliates of Salesforce.org. For example, Salesforce.org may need to share Data About Salesforce.org Customers for customer relationship management purposes.

Business Partners
From time to time, Salesforce.org may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Salesforce.org, Salesforce.org may share Data About Salesforce.org Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Salesforce.org does not control our business partners’ use of the Data About Salesforce.org Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.

Salesforce.org does not share Data About Salesforce.org Attendees with its business partners unless: (1) you specifically opt in to such sharing via an event registration form; or (2) you attend a Salesforce.org event and allow Salesforce.org or any of its designees to scan your attendee badge. If you do not wish for your information to be shared in this manner, you may choose not to opt in via event registration forms and elect not to have your badge scanned at Salesforce.org events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements.

Third Parties
This Privacy Statement sets forth the information Salesforce.org collects on Salesforce.org’s Web site and the information we share with third parties. Salesforce.org does not authorize the collection of personal information by third parties through advertising technologies deployed on Salesforce.org’s Web site, nor do we share personal information with any third parties collected from Salesforce.org’s Web site, except as provided in this Privacy Statement. Section 4 of this Privacy Statement, Web Site Navigational Information, specifically addresses the information we collect through cookies and web beacons, and how you can control cookies through your Web browsers.

Billing
Salesforce.org uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on Salesforce.org’s behalf.

Compelled Disclosure
Salesforce.org reserves the right to use or disclose information provided if required by law or if Salesforce.org reasonably believes that use or disclosure is necessary to protect Salesforce.org’s rights and/or to comply with a judicial proceeding, court order, or legal process.

7. International transfer of information collected

Salesforce.org primarily stores Data About Salesforce.org Customers and Data About Salesforce.org Attendees in the United States. To facilitate Salesforce.org’s global operations, Salesforce.org may transfer and access such information from around the world, including from other countries in which Salesforce.org has operations. This Privacy Statement shall apply even if Salesforce.org transfers Data About Salesforce.org Customers or Data About Salesforce.org Attendees to other countries.

8. Communications preferences

Salesforce.org offers Visitors, Customers, and Attendees who provide contact information a means to choose how Salesforce.org uses the information provided. If you provide Salesforce.org with contact information, you can manage how Salesforce.org uses your information by accessing our Preference Center. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of Salesforce.org’s marketing emails.

9. Correcting and updating your information

Customers may update or change their registration information by editing their user or organization record. To update a user profile, please login to http://www.salesforce.com with your SFDC username and password and click “Setup.” To update an organization’s information, please login to http://www.salesforce.com with your SFDC username and password and select “Company Profile.” Attendees may update or change their registration information on the event’s Web site after logging in. To update Billing Information or have your registration information deleted, please email support@salesforce.com or call +1 (415) 901-7010. To discontinue your account and to have information you maintained in the Services returned to you, please email support@salesforce.com or call +1 (415) 901-7010. Requests to access, change, or delete your information will be handled within 30 days.

10. Security

Robust security measures are in place to protect Data About Salesforce.org Customers and Data About Salesforce.org Attendees. Because Salesforce.org uses SFDC’s Services to maintain Data About Salesforce.org Customers and Data About Salesforce.org Attendees, this information, which is stored in SFDC’s Services, is secured in the same manner as described in SFDC’s Documentation, located online via help.salesforce.com or by logging in to the applicable Service.

The Customer and Visitors agree that Data About Salesforce.org Customers and Data about Salesforce.org Attendees data may be disclosed or otherwise exchanged between Salesforce.org, as an authorized reseller of Services, and SFDC, as the Services provider, and such communications are not a violation of this policy. Data will be exchanged to enable Salesforce.org to perform under this policy, including to facilitate the sale or provisioning of Services or other services delivered by Salesforce or other third party providers or provide information that may be of interest to you. By way of example only, and without limitation, if You enter your data into Salesforce.org’s Web site to learn more about a SFDC offering, and Salesforce.org does not resell that offering, Salesforce.org may share your data with SFDC to enable SFDC to provide the information to you.

11. Mobile applications

Without limiting the generality of this Privacy Statement, in addition to information gathered through its Web sites or submitted to its Services, Salesforce.org and SFDC may obtain information through SFDC mobile applications (“Mobile Applications”) that Customers or their authorized individuals (“Users”) download to, and run on, their mobile devices (“Devices”). Mobile Applications provided by Salesforce.org may obtain information from, or access data stored on, Users’ Devices to provide services related to the relevant Mobile Application. For example, a Mobile Application may: access a camera on a User’s Device to enable the User to upload photographs to the Services; access the call history on a User’s Device to enable the User to upload that information to the Services; access calendar information on a User’s Device to enable the User to match meeting attendees with contacts submitted by the User to the Services; access the geographic location of a User’s Device to enable the User to identify contacts submitted by the User to the Services who are nearby; or access contact information on a User’s Device to enable the User to sync contact information between the information that is stored on the User’s Device and the information that is submitted to the Services. Information obtained to provide Mobile Application services may include information obtained in preparation for anticipated updates to those services. Mobile Applications may transmit information to and from Devices to provide the Mobile Application services.

Mobile Applications may provide Salesforce.org and SFDC with information related to Users’ use of the Mobile Application services, information regarding Users’ computer systems, and information regarding Users’ interaction with Mobile Applications, which Salesforce.org and SFDC may use to provide and improve the Mobile Application services. For example, all actions taken in a Mobile Application may be logged, along with associated information (such as the time of day when each action was taken). Salesforce.org and SFDC may also share anonymous data about these actions with third party providers of analytics services. In addition, if a User downloads a Mobile Application after clicking on a third-party mobile advertisement for the Mobile Application or for SFDC, the third-party advertiser may provide Salesforce.org with certain information, such as the User’s Device identification information, which Salesforce.org may use to track the performance of its advertising campaigns.

Customers may configure Mobile Application services, and the information accessed or obtained by the Mobile Application on a User’s Device may be affected by the Customer’s configuration. In addition, if a Customer purchases more than one Service from Salesforce.org and its affiliates, a Mobile Application may be designed to interoperate with those Services; for instance, to provide a User with access to information from any or all of those Services or to provide information from a User’s Device to any or all of those Services. Information accessed or obtained by the Mobile Application on a User’s Device may be accessible to the Customer and its organization, depending on the intended functionality of the Mobile Application.

In addition to Mobile Applications offered by SFDC, Salesforce.org may offer platforms for the creation of third-party Mobile Applications, including but not limited to the Salesforce1 platform. Third parties may obtain information from, or access data stored on, Users’ Devices to provide services associated with any third-party Mobile Applications that Users download, install, use, or otherwise interact with over a SFDC platform. SFDC’s Mobile Applications may also contain links or integrations to other Mobile Applications provided by third parties. Third parties’ use of information collected through third-party Mobile Applications is governed by the privacy statements of such third parties. Salesforce.org encourages you to review the privacy statements of third-party providers of Mobile Applications to understand their information practices.

Notices and contractual terms related to a particular Mobile Application may be found in the End User License Agreement or relevant terms of service for that application. Salesforce.org encourages you to review the End User License Agreement or relevant terms of service related to any Mobile Applications you download, install, use, or otherwise interact with to understand that Mobile Application’s information practices. The Mobile Application’s access to information through a User’s Device does not cause that information to be “Customer Data” under SFDC’s Master Subscription Agreement with the Customer or under this Privacy Statement, except as follows: To the extent that a User uses a Mobile Application to submit electronic data and information to a Customer account on our Services pursuant to the Customer’s Master Subscription Agreement with SFDC (or a similar agreement that governs the Customer’s subscription(s) to SFDC’s Services), that information constitutes “Customer Data” as defined in such agreement, and the provisions of that agreement with respect to privacy and security of such data will apply. Additional information about privacy and security practices with respect to Customer Data and the Services is available in SFDC’s Documentation, located online via help.salesforce.com or by logging in to the applicable Service.

12. Changes to this Privacy Statement

Salesforce.org reserves the right to change this Privacy Statement. Salesforce.org will provide notification of the material changes to this Privacy Statement through Salesforce.org’s Web site at least thirty (30) business days prior to the change taking effect.

13. Contacting us

Questions regarding this Privacy Statement or the information practices of Salesforce.org’s Web site should be directed to Salesforce.org Legal team by emailing SFDOLegal@salesforce.com or by mailing Salesforce.org
General Counsel, 50 Fremont Street, Suite 300, San Francisco, CA 94105.