Privacy Policy and Privacy Shield Statement

Workfront Inc. (“Workfront”) takes the protection of our customer’s privacy seriously. This privacy policy (the “Privacy Policy”) informs you of our policies regarding the collection, use, and disclosure of all personally identifiable information (“Personal Data) and other data that is provided to us through use of each of our web sites and mobile applications on which a link to this Privacy Policy is displayed and all products and services made available through those web sites, including, without limitation our SaaS offerings (collectively, the “Service”).

Privacy Shield Compliance

Workfront complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Workfront has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
In compliance with the Privacy Shield Principles, Workfront commits to resolve complaints about our collection or use of your Personal Data. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Workfront at: privacy@workfront.com

Workfront has chosen to cooperate with EU data protection authorities (DPAs) and comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints (as further described in the Privacy Shield Principles). Please contact us to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. Workfront is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Information Collection

Personal Data: The following Personal Data may be collected in the course of using the Service or visiting our web sites:

  • Family and Given names
  • Email address
  • IP Address
  • Company information, including title and contact information for each user

Personal Data Usage

Personal Data could be used for the following purposes:

  • Administer the Service
  • Personalize the Services for you
  • Enable your access to and use of the Service
  • Supply you access to the services that you purchase
  • Send you statements and invoices
  • Marketing communications, with an opt-out option for users who wish to exercise their choice to decline to participate in these communications

Data Security

We take reasonable and appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. These measures are appropriate to the risks involved and the nature of the Personal Data. Although Workfront seeks to protect the privacy of others who use our Service, there is inherent risk in internet based activities so there is no 100% guarantee of absolute security.

Passively Collected Information

When you interact with us through the Service, we and third parties that provide functionality on the Service, may engage, receive, collect and store certain types of information through automatic data collection tools including cookies, encrypted authentication tokens and similar technology. Such information, which is collected passively using various technologies, may include but is not limited to information about your device, referring/exit pages and URLs and number of clicks. Workfront may store such information itself or such information may be included in databases owned and maintained by Workfront affiliates, agents or third party service providers. The Service may use such information and pool it with other information to track, for example, the total number of visitors to our Service, the number of visitors to each page of our Service, and the domain names of our visitors’ Internet service providers. Such information that we collect will allow Workfront to make decisions on how to provide better products and better services for our users.

Cookies

In operating the Service, we may use cookies. Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.

 

Like many sites, we use “cookies” to collect some of the information detailed above. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

We may use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to help us analyze how users use our Service. Google will use this information it collects for the purpose of evaluating your use of our Service, compiling reports on Service activity and providing other related services. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

Do Not Track

We may (and we may allow third party service providers to) use cookies or similar technologies to collect information about your browsing activities over time and across different websites following your use of our Service. Our Service currently does not respond to “Do Not Track” (DNT) signals and operate as described in this Privacy Policy whether or not a DNT signal is received. If we do so in the future, we will describe how we do so in this Privacy Policy.

Children

Workfront does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through the Service. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Service without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to Workfront, please contact us, and we will delete that information.

Links to Other Web Sites

This Privacy Policy applies only to the Service. The Service may contain links to other web sites and/or services not operated or controlled by Workfront (the “Third Party Sites”). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Site do not imply that we endorse or have reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies.

Personal Data Sharing

There are certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:

Business Transfers: As we develop our business, we might decide to sell or buy businesses or assets. In connection with any potential or actual corporate sale, merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, dissolution or similar event or transaction, Personal Data may be disclosed to third parties as it may be part of the assets potentially transferred or otherwise relevant to the transaction.

Agents, Consultants and Third Parties: Like many businesses, Workfront sometimes hires other companies to perform certain business-related functions, including to help us understand and improve the use of our Service. We may share any information we receive with vendors and service providers retained in connection with the operation of our business. With respect to Personal Data that is subject to our Privacy Shield registration, before disclosing Personal Data to a subcontractor or third-party agent, Workfront will obtain assurances from the recipient that it will: (a) use the Personal Data only to assist Workfront in providing the Service; (b) provide at least the same level of protection for Personal Data as required by the Privacy Shield Principles; and (c) notify Workfront if the recipient is no longer able to provide the required protections. Upon notice, Workfront will act promptly to stop and remediate unauthorized processing of Personal Date by a recipient. Workfront will remain liable for onward transfers to its subcontractors and third-party agents.

Legal Requirements: Workfront may disclose your Personal Data if requested, subpoenaed and/or if we are required to do so by law, regulation, legal process, or by any court of competent jurisdiction or any inquiry or investigation by any governmental, official or regulatory body which is lawfully entitled to require any such disclosure, or otherwise in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Workfront or a third party, (iii) act in urgent circumstances to protect the personal safety of users of the Service or the public, or (iv) protect Workfront against potential legal liability.

Communications

Workfront may use the Personal Data collected to occasionally provide newsletters, marketing or promotional materials, and other information that is relevant to the users and administrators of our Service. You have the choice to elect not to participate in these communications. An “Opt Out” option is available via link in all email communications.

Access to Personal Data; Contacting Us

To keep your Personal Data accurate, current, and complete, please contact us as specified below. Upon receipt of verifiable request, we will update or correct Personal Data in our possession that you have previously submitted via the Service. Please also feel free to contact us if you have any questions about our Privacy Policy or the information practices of the Service. You may contact us as follows: privacy@workfront.com

Changes/Updates

The Service and our business may change from time to time. As a result, at times it may be necessary for Workfront to make changes to this Privacy Policy. We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your use of the Service after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

Effective Date: November 6, 2017

EU Data Privacy

General Data Protection Regulation (GDPR)

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. Workfront is compliant many areas and will be compliant in all areas before May 25, 2018 when GDPR becomes enforceable.
Questions regarding Workfront’s Privacy Program can be submitted here

Privacy Shield

Workfront complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Workfront has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/