Previous Version, No Longer in Effect as of November 1, 2016
See our Help Center article for information on the recent European Court of Justice ruling on Safe Harbor.
For the purposes of this Policy, our “Services” refer to the on-demand customer service solution made available by Zendesk, Inc. (the, “Zendesk Service”) and the hosted online communication service made available by Zopim Technologies Pte Ltd online (the, “Zopim Service”), as more completely described in our Terms of Service. Each Service shall also include Deployed Associated Services.
If there are any material changes to this Policy, you will be notified by email, through the Service, or by posting a prominent notice on our Websites prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of our Services or Websites constitutes your agreement to be bound by such changes to this Policy. Your only remedy, if you do not accept the terms of this Policy, is to discontinue use of our Service and our Websites.
Information Covered By This Policy
We respect and protect the privacy of visitors to our Websites and users of our Services. This Policy explains the what, how and why of the personal information that we collect when you visit our Websites or when you use our Services.
The personal information collected and used by Zendesk, Inc., and its subsidiaries and affiliates, including its subsidiary Zopim Technologies PTE LTD (collectively, the “Zendesk Group” or “we” or “us” or “our”) is limited to the purpose for which our subscribers engage any member of the Zendesk Group and other purposes expressly described in this Policy.
What this Policy Covers:
- The websites that link to this Policy, including: https://www.zendesk.com; https://www.zopim.com; and https://www.zendesk.com/apps/ (collectively referred to as “Websites”).
- The Zendesk Developer Portal, https://developer.zendesk.com, which enables Subscribers to create web applications and other integrations with the Zendesk Service platform.
- The Services to which you have subscribed or registered.
What Do We Mean by Personal Information?
In this Policy, personal information means information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Except as described in this Policy, the Zendesk Group will not give, sell, rent or loan any personal information to any third party.
Personal Information That You Provide to Us or That We Collect
When you register for a Service, we ask for personal information such as your name, address, phone number, e-mail address, instant messaging ID, and credit card information, as well as certain related information like your company name and website name. We also collect personal information such as an email address and a name or alias from any individual authorized to use the Service through your Account as an Agent and/or administrator or an End-User that you authorize to log into and utilize the Service in connection with your Account. If you sign-up for a free trial account, you are not required to enter your credit card information unless and until you decide to continue with a paid subscription to the Service. A third-party intermediary is used to manage credit card processing. This intermediary is not permitted to store, retain, or use your billing information for any purpose except for credit card processing on our behalf. We refer to any information described above as “Account Information” for purposes of this Policy.
By voluntarily providing us with Account Information, you hereby represent that you are the owner of such personal information or are otherwise authorized to provide it to us.
We collect and store information that is created, inputted, submitted, posted, transmitted, stored or displayed by you, your Agents and End-Users in the process of using our Services. Such information may include personal information or other sensitive information that you, your Agents or End-Users choose to include. We refer to any information described above as “Service Data” for purposes of this Policy. All Service Data is subject to our technical safeguards as more fully subscribed in our Terms of Service.
Cookies / Tracking Technologies From Your Use of Our Websites and Service:
Web beacons, tags and scripts may be used in our Websites, Services or in emails. These assist us in delivering cookies, counting visits to our Websites, understanding usage and campaign effectiveness and determining whether an email has been opened and acted upon. We may receive reports based on the use of these technologies by our service providers on an individual and aggregated basis.
We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Various browsers may offer their own management tools for removing HTML5 LSOs. Third parties with whom we partner to provide certain features on our Websites or to display advertising based upon your Web browsing activity use LSOs such as HTML5 and Flash to collect and store information. For further information on how to manage Flash LSOs please click here.
Log Files From Your Use of Our Websites and Services:
As is true with most websites and services, we gather certain information automatically and store it in log files. This information includes internet protocol addresses, browser, internet service provider, referring/exit pages, operating system, date/time stamp, and click stream data as well as certain personal information such as user name, user email address and other information that may be included in open textual fields. Our application log files are subject to the same strict data security policies and procedures as apply to the application databases for our Services. We may combine this automatically collected log information with other information we collect about you. We do this to improve the Services that we offer you, to improve marketing, analytics, or Website functionality.
Analytics Information from Your Use Of Our Websites and Service:
We collect analytics information when you use our Websites and Service to help us improve them.
We partner with a third party to either display advertising on our Websites or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on our Websites and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here). Please note this does not opt you out of being served ads and you will continue to receive generic ads.
In our Services, analytics information may consist of the feature and function of the Service being used, the associated domain name, the username and IP address of your Agent or End-User (which may include personal information if the personal information was incorporated into the username) and additional information required to detail the operation of the function and which parts of a Service are being affected. The analytics information we collect may include elements of Service Data related to the function the Agent or End-User is performing. As such, the analytics information we collect may include personal information or sensitive business information.
Communications With Us:
When you send an email or other communication to us, including support requests for our Services, we may collect the personal information that you provide us and may use it in order to process your inquiries, respond to your requests and improve our Services.
You and your Agents may receive occasional marketing communications regarding our products and services. You can opt-out of receiving marketing communications from us please contact us at email@example.com or follow the unsubscribe instructions included in our marketing communications.
Blogs and Public Forums:
Our Websites and Services offer publicly accessible blogs or community forums. You should be aware that any information provided in these areas might be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
The blog related to our Zopim Service is managed by a third party application that may require you to register to post a comment. We do not have access or control of the information posted to this blog. You will need to contact or login into the third party application if you want your personal information that was posted to the comments section removed. To learn how the third party application uses your information, please review their privacy statement.
From time to time, we post subscriber testimonials on our Websites that may contain personal information. We obtain the subscriber’s consent to post their names along with their testimonials. If subscribers wish to update or delete their testimonial, they can contact us at email@example.com.
We regularly aggregate information related to the use of the Services and publish this information, as segmented by industry, geography and other metrics to provide qualitative insight on customer support metrics and other relevant insights through the Zendesk Benchmark. You have the choice whether to participate by enabling this benchmarking from within the settings in the Services. If you do not want to participate then you should not enable the benchmarking. At any time, you can change the settings in the Services so that benchmarking is not enabled.
If you choose to use our referral service to tell a friend about our Services, we will ask you for your friend’s name and email address. We will automatically send your friend an email inviting him or her to visit the Website and will store this information for sending this initial email, the tracking the success of our referral program and other marketing activities. Your friend may contact us at firstname.lastname@example.org to request that we remove his/her information from our database.
We collect other information, including personal information, that you submit to our Websites or as you participate in certain interactive features of our Services, participate in a survey, contest, promotion, sweepstakes, activity or event, apply for a job, request customer support, communicate with us via third party social media sites or otherwise communicate with us. Any information, including personal information that you submit through our Websites could be visible to the public unless submitted to a secure area in the Websites.
Social Media Widgets:
Our Websites include Social Media Features, such as the Facebook Like button, and Widgets, such as the Share This button or interactive mini-programs that run on our Websites. These Features may collect your Internet protocol address, which page you are visiting on our Websites, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Websites. Your interactions with these features are governed by the privacy statement of the company providing it.
Personal Information From Third Party Services:
We also obtain other information, including personal information, from third parties and combine that with information we collect through our Websites and Services. For example, we may have access to certain information from a third party social media or authentication service if you log into our Services through the service or otherwise provide us with access to information from the service. Any access that we may have to such information from a third party social or authentication service is in accordance with the authorization procedures determined by that service. By authorizing us to connect with a third party service, you authorize us to access and store your name, email address(es), current city, profile picture URL, and other personal information that the third party service makes available to us, and to use and disclose it in accordance with this Policy. You should check your privacy settings on these third party services to understand and change the information sent to us through these services. For example, you can log in to our Websites and Service using sign-in services such as Facebook Connect or an Open ID provider. These third-party services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Facebook Connect (and other similar services) give you the option to post information about your activities on our Websites to your profile page to share with others within your network.
You can log into the Zendesk Service using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity, provide you the option to share certain personal information (such as your name and email address) with us, and pre-populate our sign up form. Services like Facebook Connect give you the option to post information about your activities on the Zendesk Service to your profile page to share with others within your network.
Other Information That You Provide Us or We Collect
In addition to personal information, we collect data and other information from visitors to our Websites and the users of our Services. This includes, among other things, anonymized information or aggregated data that the Zendesk Group may collect about a group or category of Services, features or users while you visit our Website or access the Services. We define this information as Usage Data. Usage Data helps us understand trends in usage of the Services so that we can better consider new features or otherwise tailor our Services. In addition to collecting and using Usage Data ourselves, the Zendesk Group may share Usage Data with third parties, including our subscribers, partners and service providers, for various purposes, including to help us better understand our subscribers’ needs and improve our Services as well as for advertising and marketing purposes. We may also publish Usage Data to provide relevant information about and to market the Services.
How We Use Personal Information
We use the personal information that we collect for a variety of purposes including to:
- Provide, operate, maintain, analyze, improve and promote our Services and tailor our Services to our subscribers’ needs;
- Enable you and your Agents and End Users to access and use our Services;
- Process and complete transactions, and send you related information, including purchase confirmations and invoices;
- Communicate with you, including responding to your comments, questions, and requests; providing customer service and support;
- Provide you with information about services, features, surveys, newsletters, offers, promotions, contests and events;
- Provide other news or information about us and our select partners; and sending you technical notices, updates, security alerts, and support and administrative messages;
- Monitor and analyze trends, usage, and activities in connection with our Services and for marketing or advertising purposes;
- Investigate and prevent fraudulent transactions, unauthorized access to our Services, and other illegal activities; and
- For other purposes about which we notify you.
Analysis of our Websites and Services:
As indicated above, we use the information we collect (including log and configuration data) to understand how our Websites and Services are being configured and used, how they can be improved, and to develop new services, features and functionality.
Sharing Personal Information
Third-party service providers:
We share information, including personal information, with our third-party service providers (such as credit card processors, managed hosting providers, sub-processors of Service Data, and technology partners)) to provide the necessary hardware, software, networking, storage, and other services that we use to operate our Services and maintain a high quality user experience. We do not permit our service providers to use the personal information that we share with them for their marketing purposes or for any other purpose than in connection with the services they provide to us.
You may choose to make use of Other Services in conjunction with our Services. Other Services are third party products, applications, services, software, products, networks, systems, directories, websites, databases and information which our Service links to, or which You may connect to or enable in conjunction with the Services, including, without limitation, Other Services which may be integrated directly into your Account to which you grant access privileges to your Account. When access is granted, certain information in your Account is shared with the third party, including personal information. The Zendesk Group does not control the policies and procedures of these Other Services even though the Other Services may be available through our Service. This Policy does not cover the collection or use of information, including personal information, by Other Services, and we urge you to consider the privacy policies governing these Other Services.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights:
We disclose personal information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
Zendesk Group Sharing:
We may share information, including personal information, with any member of the Zendesk Group for the purposes stated in this Policy.
We may share your personal information with third parties when we have your consent to do so.
If you are a subscriber to the Services or authorized as an Agent under a subscriber’s account to the Services and would like to opt-out of getting marketing communications from us please contact us at email@example.com or follow the unsubscribe instructions included in each marketing email.
We process and store Service Data on behalf of our subscribers. We have no direct relationship with the individuals with whom our subscribers may interact using the Services. If you are an individual interacting with a subscriber of our Service and would no longer like to be contacted by that subscriber, please contact that subscriber directly.
Accessing and Updating Your Information
Subscribers may access, update or change Account Information they have provided by logging into the Service and providing such additional information where applicable. If you are a subscriber and would like to gain access to, or request deletion of information that the Zendesk Group has collected as “data controllers,” please contact us at firstname.lastname@example.org. We will respond to such queries within thirty (30) business days.
Individuals seeking access to, or who would like to correct, amend, or delete Service Data should direct their queries to the applicable subscriber of the Service acting as the “data controller” for such information. If requested to remove individual’s data by our subscribers, we will respond within thirty (30) business days. Technical limitations may restrict or eliminate our ability to remove or delete certain Service Data from all systems.
English Version Controls
Non-English translations of this Policy are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.
Compliance and Safeguarding Your Information
TRUSTe. To view our relationship with TRUSTe please visit the validation page visible by clicking on the TRUSTe seal. The TRUSTe certification covers our collection, use and disclosure of information we collect through our Websites: www.zendesk.com and www.zopim.com and our Services. The use of information collected through our Services shall be limited to the purpose of providing the Services for which the subscriber has engaged us or as otherwise disclosed in this Policy.
We self-certify compliance with:
European Safe Harbors.
We provide our Services to subscribers located within the European Economic Area ("EEA") and Switzerland and, in so doing, process their Service Data, which may include personal information. We process Service Data in accordance with our subscribers’ instructions; and, we only access this information where reasonably necessary to provide our Services (for example, to respond to support requests), as authorized by our subscribers, as disclosed in this Policy, or where we believe necessary for compliance with law. In legal terms, this means we are a data "processor" with respect to Service Data and our EEA and Swiss subscribers are the data “controllers”. As the data controllers, our subscribers are responsible for complying with applicable EEA and Swiss data protection laws and must assist their customers and End-Users to exercise their data protection rights. As a data processor, we process this information in accordance with our subscribers’ instructions and have implemented security measures to protect against unauthorized and unlawful processing. Zendesk, Inc. complies with the U.S.-EU and US-Swiss Safe Harbor Frameworks developed by the U.S. Department of Commerce regarding the collection, use and retention of personal information from EU member countries and Switzerland. We have certified, and TRUSTe has verified, that we adhere to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. View our certification on the U.S. Department of Commerce’s Safe Harbor website.
If you have questions or complaints regarding our Policy or practices, please contact us at email@example.com. If you are not satisfied with our response or we do not respond to your query within thirty (30) days, you can contact TRUSTe here.
Protection of Information
We are committed to ensuring the security of your personal information. We utilize robust precautions to protect the confidentiality and security of the personal information within our Service, by employing technological, physical and administrative security safeguards, such as firewalls and carefully developed security procedures. For example, when you enter confidential information (such as login credentials or information submitted from within the Service). We encrypt the transmission of that information using secure socket layer technology (SSL). These technologies, procedures and other measures are used in an effort to ensure that your Service Data is safe, secure, and only available to you and to those you authorized to access your Service Data. However, no internet, e-mail or other electronic transmission is ever fully secure or error free, so you should take care in deciding what information you send to us in this way.
Data Hosting, Transfer, and Retention
Unless we expressly agree otherwise, the Zendesk Group may host and process Service Data, including personal information, in the United States and in other countries through the Zendesk Group and third parties that we use to operate and manage our Service. Whenever we process personal information outside of the European Economic Area on behalf of our subscribers located in the EEA or Switzerland, we will continue to afford it adequate protection in accordance with the requirements of the European Data Protection Directive 95/46/EC.
We will retain Service Data that is processed on behalf of our subscribers in accordance with the instructions received from our subscribers for as long as needed to provide our Services to our subscribers, subject to compliance with this Policy. We may retain and use other personal information, including personal information we collect as a “data controller,” as necessary to comply with our legal obligations, maintain accurate accounting, financial and other operational records, resolve disputes, and enforce our agreements as described above. Our policy for the deletion of Service Data following termination or cancellation of a subscriber’s subscription to the Service can be found here or obtained by request to firstname.lastname@example.org.
Children’s Personal Information
The Zendesk Group does not knowingly collect any personal information from children under the age of 13. If you are under the age of 13, please do not submit any personal information through our Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide personal information through our Services without their permission. If you have reason to believe that a child under the age of 13 has provided personal information to us through our Services, please contact us, and we will use commercially reasonable efforts to delete that information. Subscribers are responsible for establishing policies for and compliance with applicable laws for the collection of personal information in connection with the use of our Services.
The Zendesk Group may assign or transfer this Policy, and your Account and related information and data, including any personal information, to any person or entity that acquires all of our or substantially all of our business, stock or assets of, or with whom we merge.
If you have questions regarding this Policy or about the privacy practices of the Zendesk Group, please contact us by email at email@example.com, or at:
Attn: Privacy Officer
1019 Market Street
San Francisco, CA 94103
Additional information for Japanese users:
You agree that you are responsible for notifying your customers using our Services about how the Zendesk Group may use your customers’ personal information as described in this Policy and obtaining prior consent from your customers to disclose their personal information to us.
Additional information for Brazilian users:
The personal information collected, stored, used and/or processed by the Zendesk Group, as described in this Policy, are collected, stored, used and/or processed in accordance with Brazilian Law No. 12,965/2014. By using our Services you expressly consent to the collection, use, storage and processing of your personal information by us as described.
Additional information for Australian users:
The personal information collected, stored, used and/or processed by the Zendesk Group, as described in this Policy, are collected, stored, used and/or processed in compliance with the Australian Privacy Act 1988 (Commonwealth) and the Australia Privacy Principles as we further detail here: https://www.zendesk.com/company/anz-privacy.
If you are dissatisfied with our handling of your complaint or do not agree with the resolution proposed by us, you may make a complaint to the Office of the Australian Information Commissioner (OAIC) by contacting the OAIC using the methods listed on their website at http://www.oaic.gov.au. Alternatively, you may request that we pass on the details of your complaint to the OAIC directly.
Additional information for New Zealand users:
The personal information collected, stored, used and/or processed by the Zendesk Group, as described in this Policy, are collected, stored, used and/or processed in compliance with the New Zealand’s Privacy Act (1993) and its 12 Information Privacy Principles (NZ IPPs) as we further detail here: https://www.zendesk.com/company/anz-privacy.
Additional information for Singapore users:
The personal information collected, stored, used and/or processed by the Zendesk Group, as described in this Policy, is collected, stored, used and/or processed in compliance with the Zendesk Group’s obligations under the Personal Data Protection Act 2012 of Singapore (“PDPA”) as we further detail here.