Callidus Software Inc., together with its affiliates, subsidiaries, and parent company SAP (collectively, “CallidusCloud,” “CallidusCloud Group,” “we,” or “us”) provides cloud-based sales, marketing, learning, and customer experience solutions.
CallidusCloud is committed to protecting your privacy and the personal information collected and processed about you.
About this policy
This is the Privacy and Cookies Policy (“Policy”) for the websites operated by or on behalf of CallidusCloud and hosted at https://www.calliduscloud.com/; http://www.clicktools.com/; https://datahug.com/; www.litmos.com; www.bridgefront.com; www.learningseat.com.au; www.litmosheroes.com; www.viewcentral.com; learningseat.com.au; litmos.com/en-au; litmos.com.au; learningseatlms.com; learningseat.com; learnconnect.com.au; learnconnect.net.au; cl-hostingsolutions.com; www.orientdb.com; and www.orientdb.org (“CallidusCloud’s Websites”).
This Policy also describes how we collect information about you, what we do with that information, and also what controls you have over that information in relation to your use of our Site and Services.
By visiting and using CallidusCloud’s website, mobile site, and/or applications (together, the “Site”) or using our Services, you acknowledge you have read and understood this Policy.
For the purposes of European Economic Area data protection law (the “Data Protection Law”), this Policy applies to the information collected by Callidus Software Inc., and any of their respective affiliate entities. The SAP Group’s data protection officer is Mathias Cellarius (email@example.com).
Throughout this Policy we use ‘plain English’ summaries which are intended to give you guidance about what each section is about. Please click the link below to learn more about:
1. How we collect your information
2. How we use your information
4. Sharing your information
5. Public Forums, Refer a Friend, and Customer Testimonials
7. Transfer of information overseas
8. Privacy Shield
10. Your Rights
11. Linked sites and advertisements
13. How you can access and update your information
14. Changes to this Policy
15. How to contact us
This section gives you more information about what information we collect about you and how we collect it, whether we collect it directly from you or other sources.
How we collect and store information depends on the Site you visit, the activities in which you participate, and the Services you use. You can use some of the Services without providing any information, although several categories of information are automatically collected from you when you use the Services via the Site.
When using the Services, we may collect and process the following information about you:
Information provided directly by you
Information that we may collect from you when you use our Site
We may automatically collect certain information about the computer or other devices that you use to access the Site or use the Services, including mobile devices, through commonly-used information-gathering tools, such as cookies and web beacons (see our Cookies section here).
We may also collect information when you access the Site or use our Services such as: (i) location information (as described in the next section below), unique device identifiers and other information about your mobile phone or other mobile device(s) such as your Internet Protocol (“IP”) address, browser types, browser language, operating system, the state or country from which you accessed the Services; and (ii) information related to the ways in which you interact with the Services, such as referring and exit pages and URLs, platform type, the number of clicks, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used the Services, error logs, and other similar information. If you do not want to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device; provided your device allows you to do this.
Information about you collected from third parties
We may process your personal information that we have either obtained from you, or obtained from somewhere else. Personal information which is not collected directly from you may be collected:
If you access the Site or use the Services through a third-party connection or log-in, you authorize CallidusCloud to collect, store, and use, in accordance with this Policy, any and all information available to CallidusCloud through the third-party interface.
Information is collected for the purposes stated in this Policy and will not be further processed in a manner that is incompatible with those purposes.
We will collect and use your information as described in this Policy and as permitted by applicable laws (including, if you are located in Australia, the Privacy Act 1988 and the Australian Privacy Principles), including in circumstances where it is necessary: (i) to provide or fulfil Services requested by or for you; (ii) for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract; (iii) for compliance with a legal obligation to which we are a subject; (iv) to pursue our legitimate interests; or (v) where you have given us your express consent.
We collect and use your information for the following purposes:
We use this information to ensure the proper functioning and security of our Site and Services and to optimize our Site or Services.
How do we collect cookies and other technologies
What types of cookies do we use?
Third party cookies
We also allow other third parties (e.g., ad networks and ad servers) to serve tailored ads to you on the Services, and to access their own cookies or other tracking technologies on your computer, mobile phone, or other device you use to access the Site or use the Services.
Session and persistent cookies
We use both session cookies and persistent cookies. A session cookie is used to identify a particular visit to our site. These cookies expire after a short time, or when you close your web browser after using our Services. We use these cookies to identify you during a single browsing session. A persistent cookie will remain on your devices for a set period of time specified in the cookie. We use these cookies where we need to identify you over a longer period of time. For example, we would use a persistent cookie if you asked that we keep you signed in. Another type of cookies is Flash cookies, which are stored with your Adobe Flash Player files and help in the viewing of content that uses the Adobe Flash player.
We use these cookies and other technologies on the basis that they are necessary for the performance of a contract with you, or because using them is in our legitimate interests (where we have considered that these are not overridden by your rights), and, in some cases, where required by law, where you have consented to their use
Where are cookies and similar technologies used? We use these technologies on the Services, including our Site. We do not release the information collected from our own cookies to any third parties, other than to our service providers who assist us in providing the Services and only in accordance with this Policy.
You may receive tailored advertising on your computer or mobile device through a web browser. If you are interested in more information about tailored browser advertising and how you can generally control cookies, you may visit the Network Advertising Initiative’s Consumer Opt-Out Link, the Digital Advertising Alliance’s Consumer Opt-Out Link, or the European Interactive Digital Advertising Alliance, “Your Online Choices” page to opt out of receiving tailored advertising from companies that participate in those programs. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page. Please note that, to the extent advertising technology is integrated into the Services, you may still receive advertisements even if you opt out of tailored advertising. In that case, the ads will just not be tailored to your interests. Also, we do not control any of the above opt-out links and are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.
You have the right to know who we share your information with.
We may share your information with:
We may provide bulletin boards, blogs, or chat rooms through the Services. Any information you submit in such a forum may be read, collected, or used by others who visit these forums. We are not responsible for the information you choose to submit in these forums. We are not responsible for the privacy policies or the content of such sites.
You may elect to use our referral program to inform friends about the Services. When using the referral program, CallidusCloud requests the friend’s name and email address. CallidusCloud will automatically send the friend a one-time email inviting him or her to visit CallidusCloud’s websites. CallidusCloud does not store this information.
CallidusCloud posts a list of customers and testimonials on CallidusCloud’s websites that contain information such as the names and titles. CallidusCloud obtains the consent of the individuals concerned prior to posting such information or testimonials.
We have appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access and maintain data security of, and to use correctly, the information we collect online. These safeguards vary based on the sensitivity of the information that we collect and store.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using TLS 1.1 or higher. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
You have the right to know if and where your information may be transferred. This section provides information on the existence of transfers of your information by us.
The personal information about you that we collect is sent to and stored on secure servers located as noted below or in the systems of the third parties that we use, where applicable. Such storage is necessary in order to process the information.
CallidusCloud Server locations include:
Sacramento, CA – US
Ashburn, VA – US
Chicago IL – US
Some Personal information may be transferred by us to the third parties mentioned in the circumstances described above (see Sharing your information), which may be situated outside the European Economic Area (EEA) and may be processed by our staff operating outside the EEA.
Standard Contractual Clauses
We will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism which may include by entering into EC approved standard contractual clauses relevant to transfers of personal information (see http://ec.europa.eu/justice/dataprotection/internationaltransfers/transfer/index_en.html) and that it is treated securely and in accordance with this Policy.
CallidusCloud has self-certified under the EU-U.S. Privacy Shield framework set forth by the U.S. Department of Commerce and the European Union regarding the collection, use, and retention of personal information transferred from the European Union to the United States. For more information on the EU–U.S. Privacy Shield, please visit the U.S. Department of Commerce’s Privacy Shield website at please visit https://www.privacyshield.gov/
Adhesion to the Privacy Shield Framework
CallidusCloud has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. We comply with the EU-U.S Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States, respectively.
Accountability for onward transfers
We are responsible and remain liable for the processing of personal information we receive, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal information from the EU, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Right of access
You have a legal right to request the personal information about you held by us. On request, we will provide you with a copy of this information. You also have a right to correct, amend or delete such personal information where it is inaccurate or has been processed in violation of data protection laws and Privacy Shield Principles.
Resolution of Privacy Shield queries and complaint mechanism
In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. If you have any inquiries or complaints regarding our Privacy Shield policy you should first contact us at SAP.CX.Legal-Privacy@sap.com
We have further committed to refer unresolved Privacy Shield complaints to JAMS. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield to file a complaint . The services of JAMS are provided at no cost to you. As further explained in the Privacy Shield Principles, a binding arbitration option may also be made available to you in order to address residual complaints not resolved by any other means.
We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. We may be required to share your personal information, including the disclosure of EU personal information, to public authorities and law enforcement agencies in response to lawful requests, including requests to meet national security and law enforcement requirements.
This section explains how long we will retain your personal information for following termination of our commercial relationship and the reasons for retention.
We will only keep your information as long as it remains necessary for the identified purpose(s) for which it was originally collected and for up to eight (8) years afterwards or otherwise permitted by local laws, or as required for our business operations or by applicable laws.
We may need to retain certain personal information even once a customer account has been closed or deleted to enforce our terms, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping purposes. We may also retain a record of any stated objection by you to receiving our updates for the purpose of ensuring we can continue to respect your wishes and not contact you further. For example, if you request to stop receiving emails from us, we will retain your email address for use on an email “suppression list” to ensure you do not receive further emails, as requested.
All retained information will remain subject to the terms of this Policy. If you request that your name be removed from our databases, it may not be possible to completely delete all your information due to technological and legal constraints.
This section provides details about your rights in relation to your personal information.
You may ask us to:
Please note that we may be required to ask you for further information in order to confirm your identity before we provide the information requested.
If you remain unhappy with a response you receive you can also refer the matter to your data protection supervisory authority (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm) or, if you are located in Australia, to the Office of the Australian Information Commissioner
The Site or Services may contain links to third-party websites. We are not responsible for the privacy practices or the content of those third-party websites. Any information you provide via those services is subject to the applicable third party privacy policies and is not covered by this Policy.
Our Sites and Services do not target and are not intended to attract children under the age of 16. CallidusCloud does not knowingly solicit personal information from children under the age of 16. Should we learn or be notified that we have collected information from users under the age of 16, we will immediately delete such personal information. If you are under 16 in your country of residence, please ask your parent or guardian to provide their information for you.
You may review and update certain user profile information by logging in, as applicable, to the relevant portions of the Site or Services where such information may be updated, or by contacting SAP.CX.Legal-Privacy@sap.com.
CallidusCloud reserves the right to change this Policy from time to time. Please check this page periodically for changes. If we make any material changes to this Policy we will notify you before they take effect either through the Site or by sending you a notification. Any such material changes will only apply to personal information collected after the revised Policy took effect.
Have additional privacy questions or need further info? This section is about how to contact us.
If you have any questions, comments, or concerns regarding this Policy or CallidusCloud’s privacy practices, they may be submitted via email to SAP.CX.Legal-Privacy@sap.com, or in writing by addressing your inquiries to:
Callidus Software Inc.
4140 Dublin Blvd., Suite 400
Dublin, CA 94568
This Policy was last modified on October 29, 2018.