Privacy Notice to individuals for the Sisense Services and Sisense Cloud
What this Privacy Notice coversThis Privacy Notice describes how Sisense collects, uses, processes, protects, and discloses personal information collected through the performance of its Services (as defined below) and its access to personal information on instances of Sisense Cloud.
DefinitionsIn this policy, “you” means any individual whose data is collected by a Sisense Customer and provided to Sisense in the context of a license agreement between the Sisense Customer and Sisense; “we” or “us” means Sisense. In this Privacy Notice, “Sisense” refers to Sisense Ltd., Sisense, Inc; Sisense UK Limited and any other Sisense affiliated companies that are controlled by Sisense Ltd “Sisense Customer” or “Customer” means the individual(s) or organization(s) that have entered into a license agreement with Sisense entitling them to received Services from Sisense or use the Sisense Cloud, including free trial users and OEM partners. “Sisense Cloud” shall mean the managed cloud hosting services as defined in the Sisense Cloud Terms and Conditions. “Personal Information” is information about you that is personally identifiable by name or can be linked to you through a personal identifier like your address, e-mail address, phone number, or location, and which is not otherwise publicly available. This definition is given here for this notice only, and some laws may use a different definition. If you are asserting your rights under law, the applicable legal definition governs your rights. “Services” means any services which may involve granting Sisense access to Sisense Customers’ information or records, such as support services, professional services, business intelligence consulting, and business relations.
Sisense as a Data Processor under GDPRSisense is business analytics software and services company. Customers use the Sisense software to analyze and create dashboards and reports of their data. Sisense related Services to licensees of our software, and we provide the Sisense Cloud to Customers who host their instance of the Sisense software on the could. For the purposes of compliance with the European Union’s General Data Protection Regulation (GDPR), In cases where Sisense has access to Personal Information found in a Customer’s data, the Customer is the Data Controller of that Personal Information. Sisense is the Data Processor carrying out data processing activities and instructions on behalf of each Data Controller.
Sisense as a Data Controller under GDPRFor the purposes of compliance with the GDPR Sisense is a Data Controller of data, including any Personal Information contained in such data, that we use for our business purposes, such as our business records.
Disclosures of information under Sisense Customer controlSisense provides its Services to Customers of its software. Sisense Cloud Customers use the Sisense Cloud to store, process, and distribute data belonging to them (or their customers, licensees, or users) through their IT systems, websites, software applications, bundled products, or other comparable means. As the controllers of Personal Information included in their data, Sisense’s Customers are responsible for maintaining the privacy of Personal Information included in their data. Sisense is not responsible for disclosures of information made by Sisense Customers through the Sisense Cloud or using the Sisense software on a Customer’s system. When we have access or process your Personal Information on behalf of our Customer, it is that Customer’ responsibility to protect your privacy. If you are concerned about your privacy while interacting with products and services provided by a Sisense Customer, you should address requests and inquiries relating to your Personal Information directly to that Customer. If you contact us regarding information belonging to our Customer, we may forward your requests or inquiries to the relevant Customer.
When does Sisense have access to your Personal Information?When a Customer requests Services from Sisense, Sisense may have access to their data. If a Customer’s data includes your Personal Information, Sisense may have limited access or exposure to Personal Information. Examples of situations where Sisense may have access or exposure to Customer data include:
- When a Customer shares a screen showing their data on a business consulting call to help it evaluate or use the Sisense Software, your Personal Information may be revealed to us.
- When a Customer submits a file containing its data to our support help desk to resolve a Software issue, your data may be included in such data.
- We have ongoing access to the Sisense Cloud environments on which our Customers run the Sisense software to host and process their data. If you are an authorized user of the Sisense software on the Sisense Cloud, the software stores your user ID and password on the Sisense Cloud environment.
- If you interact with us as a Customer or on behalf of a Customer, we may have your name, contact information, billing address, and any other information you provided us.
How we use your Personal InformationIf we have access to your Personal Information as described above, we may only use it for the following purposes:
- To provide the Services and Sisense Cloud functions requested by our Customer.
- Managing the business relationship with our Customer, such as providing service notices and billing.
- We use the Customer’s contact and billing address to send the Customer offers and promotional information.
Service provider access to informationWe rely on certain trusted third party service providers to provide part of the services and functions that make up the Services and the Sisense Cloud. For example, we host Sisense Cloud environments on third-party cloud platforms, and the Sisense Narratives natural language package is powered by a third-party service. We may also use outsourced personnel to perform technical and support functions that may involve access to customer data. Sisense does not disclose your Personal Information to any third parties (other than our services providers) except in the limited circumstances detailed below. Our service providers do not have permission to use your Personal Information for any purpose other than to provide us the services we require to serve our Customers.
Disclosure of Personal Information to third partiesWe do not disclose your Personal Information to third parties (except our service providers, as stated above), under the following circumstances and for the following purposes:
- When we have the Customers’ permission, to provide the Customer with Services it requests.
- When required by law to respond to subpoenas, court orders, or legal process by public authorities, including disclosures required by national security or law enforcement agencies.
- When we need to establish or exercise our legal rights, or to defend against legal claims, or when we believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, data breaches, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law.
- If Sisense is acquired by or merged with another company, Sisense will come under the control of a new entity any rights and permission that Sisense has to access your Personal Information may be assigned to the new entity.