Sisense Products and Services Privacy Notice

We collect personal information, including information that can be used to identify an individual (“Personal Information”), directly from our customers and their end users (collectively “Product Users” or “you” or “your“) in connection with your use of the Products and Services.

Our data processing activities fall into the following general categories. Sisense reserves the right to provide additional disclosures or information regarding our collection and processing of Personal Information which may supplement this Privacy Notice or further clarify Sisense’s processing practices.

A. Information That You Provide Voluntarily

The following are instances in which you may provide Personal Information to us. The provision of Personal Information by you in these instances is voluntary and may include your user name, user ID, password, system role, email address, company name, feedback and responses to surveys in relation to your use of the Products and Services and other information you provide to us in connection with the provision of the Products and Services, such as:

• When you interact with us for the purpose of opening an account;
• When you create a user account in connection with your use of our Products and Services; and
• When you correspond with us or submit information to us in connection with our provision of the Products and Services. (such as through our support channels).
  When you register for certain paid Products and/or Services, we may ask you to provide your payment and billing information, such as credit card details, your billing representative, tax return details, etc.

B. Information That We Obtain from Third Party Sources

From time to time, we may receive Personal Information about you from third party sources (including, among others, from our customers or resellers or third parties on their behalf), but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your Personal Information to us.

The types of information we collect from third parties may include your name, email address, system role and other user authentication information. We use the information we receive from these third parties to create and operate your applicable Product user account.

C. Information That We Collect Automatically

Below is information that Sisense may collect from Product Users when they use the Products and Services. This information, collectively referred to herein as “Systems Operations Data”, may include limited individually identifiable information such as a Product User’s email address, but is generally technical information such as:

• Feature Usage Data: Feature usage data relates to how a Product User uses the Product. Examples include details about which Product features a Product User uses, the frequency of such use and metrics regarding user interface activity;
• Performance Data: Performance data relates to how the Products are performing. Examples include metrics regarding the performance and scale of the Products;
• Configuration Data: Technical data relates to the data about how a customer organization has configured the Products and Services. Examples include Product environment information and Product settings;
• Service Logs Data: Service logs are automatically generated by the Product and typically relate to recorded system events and information regarding the operation of the Product in a semi-structured or unstructured form; and
• Support Data: Support data relates to information that has been provided by a Product User to Sisense or is otherwise processed in connection with support activities, such as inputting support tickets, or requesting and receiving professional services.

Systems Operations Data is used for Sisense’s own analytics and product improvement purposes including:

• To facilitate the delivery of the Products and Services: Sisense may use Systems Operations Data for provisioning the Products and Services and for controlling access to the Product;
• To conduct account administration and similar Services-related activities: Sisense may use Systems Operations Data to manage customers’ accounts. This may include managing Product updates and fixes and sending other administrative, account-related or Service-related communications;
• To provide support: While contacting Sisense via one of our support channels, Product Users may need to send us copies of affected files, logs or other information to enable us to assist with the support request. In those instances, Sisense may use such information and the Systems Operations Data for the purposes of responding to, troubleshooting and otherwise resolving the support request. We may also use such information to understand our customer’s Product configuration;
• To maintain the security of our infrastructure and Products: Sisense may use Systems Operations Data to maintain the security and operational integrity of our Products, including for security monitoring and incident management, monitoring the performance and stability of the Product, and addressing technical issues;
• To confirm customer contractual obligations are met: Sisense may use Systems Operations Data to confirm compliance with license restrictions and other contractual obligations in our agreements in connection with customer’s purchase of the relevant Products and Services;
• To make recommendations to our customers: Sisense may use Systems Operations Data to provide recommendations to our customers and users regarding their use of the Products and Services;
• For quality control and training: Sisense may use Systems Operations Data for the purposes of quality control and staff training;
• To improve the Products and Services: Sisense may use the Systems Operations Data to improve the Products and Services that we offer to our customers. For example, we may use the Systems Operations Data to: (i) help us prioritize future products and features for our customers; (ii) conduct testing of Product or Service features; (iii) prioritize the order in which certain configurations or features of our Products should be tested; (iv) improve capacity forecasting for the features of our Products; (v) improve our resolution of support requests; and (vi) make pricing and packaging decisions;
• To provide us with customer insights: Sisense may use Systems Operations Data to gain insights into our customers and their use of the Products, as well as to (i) create enriched customer profiles and analyze customer interactions with Sisense in order to improve customer engagement; (ii) create advanced analytical models and produce aggregate business intelligence reports and dashboards; and (iii) benchmark or assess our Products and Services across customers and specific industries.;
• To support business to business marketing and sales: Sisense may use Systems Operations Data to market additional Products and Services to our customers, where permitted by law and to inform sales conversations;
• To comply with legal obligations: Sisense may use the Systems Operations Data to comply with applicable laws and regulations and to operate our business, including to comply with disclosure or other legal process requests, for finance, accounting, or insurance purposes, dispute resolution or in the context of mergers and acquisitions (including fundraising and an IPO); and
• For other legitimate business purposes: Sisense may use Systems Operations Data when it is necessary for other legitimate business purposes such as to protect Sisense’s proprietary information.

Sisense ensures that Product Users’ Personal Information will only be accessed by individuals who have a need to access such information in order to perform their job duties or other tasks on behalf of Sisense. Sisense shares Product Users’ Personal Information only with third parties who have a legitimate business purpose for accessing it, and only after ensuring that such third parties provide substantially the same level of protection of such Personal Information that we provide.

We may disclose a Product Users’ Personal Information with the following categories of recipients:

• to our group companies (companies owned or operated by us);
• to third party service providers and partners who need to have access to the information for the purpose of providing services to us only (and not for such third parties’ commercial use in any way);
• to any competent law enforcement body, regulatory or government agency, court or other third party if the information is required to be provided by law or in response to legal process, court orders, subpoenas, or to establish or exercise our legal rights or defend against legal claims;
• to any other person if we have your permission to do so;
• to an actual or potential buyer (including its agents and advisers) in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets or other corporate change, including, during the course of any due diligence process (provided that we inform the buyer that it must use your Personal Information only for the purposes set forth in this Privacy Notice); or
• to any other recipient for any other purpose with your consent.

Our legal basis for processing your Personal Information is our legitimate interest in performing, improving, maintaining and securing our Services, and operating our business in an efficient and appropriate manner. Personal Information may also be processed to comply with legal obligations.

We do not knowingly collect Personal Information from children under the age of 16. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without his or her consent, he or she should contact us at [email protected]. If we become aware that a child under the age of 16 has provided us with Personal Information, we will delete such information from our files.

Sisense may update this Privacy Notice at any time in response to changing legal, technical or business developments. When we update this Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

This Privacy Notice was last changed on the date set forth at the top of this Privacy Notice.

Where Sisense acts as a controller, and to the extent provided under applicable laws, users may have the following rights:

• If you wish to access, correct, update or request deletion of your Personal Information, please contact us using the details below.
• Similarly, if we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
• If you are a resident in the UK or the EEA, you may also have additional data protection rights that allow you to: object to processing of your Personal Information, restrict processing of your Personal Information, request portability of your Personal Information and complain to a data protection authority. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the US and Canada) are available here and in the UK here. If you live in the US states of California, Colorado, Connecticut, Virginia or Utah, please read our ‘Supplemental Privacy Notice for U.S. Residents’ for more information about your privacy rights.

In order to submit a data subject request in relation to your data protection or privacy rights, please click here. To protect your privacy and security, we may take reasonable steps to verify your identity before granting access or making corrections.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

Where Sisense acts as a processor, i.e., when the Services are used by Sisense’s customers to process personal information about you, you should direct your data subject requests to the applicable Sisense customer, which is the controller.

We retain Personal Information we collect from you as long as is needed to fulfill the purposes outlined in this Privacy Notice, where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested) and/or where required by law.

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

Your Personal Information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Information we may process it in any of these countries.

However, we have taken appropriate safeguards to require that your Personal Information will remain protected in accordance with this Privacy Notice. These include, among others, implementing the European Commission’s Standard Contractual Clauses for transfers of Personal Information between our group companies, which require all group companies to protect Personal Information they process from the EEA in accordance with European Union data protection law. Our Standard Contractual Clauses can be provided on request. We have implemented similar appropriate safeguards with our third party service providers and partners and further details can be provided upon request.

If you have any questions or concerns about our use of your Personal Information, please contact us using our e-mail address: [email protected] or using the contact form located at the bottom of our Privacy and Data Protection Center.

If you are located in the EU, you may contact our appointed Article 27 Representative, Lionheart Squared (Europe) Ltd. They can be contacted at [email protected]

The controller of your Personal Information will be one of the Sisense group companies. Depending on your interaction with us this may vary.