In this Privacy Statement (“Statement”), we, Zuora, Inc. (“Zuora”), describe our data collection and usage practices with respect to personal data we collect through
http://www.zuora.com and other publicly-available web pages that directly link to this
Statement (collectively the “Site”).
This Statement describes how Zuora collects, uses, and stores the personal information and other information you provide using the Site. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.
If you are a resident of the European Economic Area (“EEA”) additional terms can be found in our EEA and UK Supplement. If you are a resident of California additional terms can be found in our U.S. State Supplement.
This Statement only covers information collected through the Site and not information that we collect offline, through other websites, or through our subscription services. Zuora will use data loaded by customers into our subscription services in accordance with the contractual agreement(s) between Zuora and that customer.
You may visit the Site without registering or actively submitting personal data to us. If you do not register, then we receive only information that your computer or other device sends to us in connection with access requests and via cookies and other technologies that we use to analyze and enhance your use of our Site.
When you request information about Zuora’s subscription services, we may ask for personal information, such as your name, work email, company, job title, phone number, country, and industry. You can opt out of providing personal information by not entering it when asked.
We may also collect, from you, certain personal information about your referrals such as name and email address, in order to refer our products or services to these referred persons.
When you provide us with personal information about your referred persons we will only use this information for the specific reason for which it is provided to us.
If you believe that one of your business contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at email@example.com.
Technologies such as cookies, beacons or similar technologies are used by Zuora and our partners, affiliates, or analytics or service providers (e.g. marketing partners). These technologies are used in analyzing trends, administering the Site, tracking users’ movements around the Site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit:
As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you.
We use local storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our Site or to display advertising based upon your web browsing activity also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.
We may not recognize or take action in response to Do-Not-Track (DNT) signals from Web browsers. At this time there is not any universally accepted standard for a company’s adoption for how to respond when a DNT signal is detected. In the event a final standard is established, we will determine how to appropriately respond to these signals.
We disclose your personal information only as follows:
Our Site includes social media features, such as the Facebook button and widgets, such as the
Share button or interactive mini-programs that run on our Site. These features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing it.
We may provide links on our Site to certain third-party websites or referrals to certain third-parties’ products or services. If you choose to visit a third party’s website, or use its products or services, the third party’s privacy statement, and not this Statement, will govern your activities and any information you disclose while interacting with the third party.
You can opt out of receiving our newsletter or marketing emails by following the instructions at the bottom of each communication or at any time by e-mailing firstname.lastname@example.org.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, please e-mail email@example.com.
We will retain your information for as long as needed to provide you services and fulfill the purposes described in this Statement. We will retain and use your information as required or permitted by applicable law, including to comply with our legal or business record keeping obligations, resolve disputes, and enforce our agreements.
EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework
Zuora is responsible for the processing of personal data it receives, under the EU-U.S. DPF, the U.K. Extension to the EU-U.S. DPF, the Swiss-U.S. DPF, and subsequently transfers to a third party acting as an agent on its behalf. Zuora complies with the EU-U.S. DPF and Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU, U.K. and Switzerland, including the onward transfer liability provisions.
The Federal Trade Commission has jurisdiction over Zuora’s compliance with the EU-U.S. DPF, the U.K. Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, Zuora may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the EU-U.S. DPF, the U.K. Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Zuora commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the U.K. Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. These dispute resolution services are provided at no cost to you.
For complaints regarding EU-U.S. DPF, the U.K. Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website.
Advisory: For Swiss individuals, please note that we may continue to rely on alternative valid data transfer mechanisms deemed appropriate by the relevant authorities to transfer data collected from Switzerland to the U.S., such as standard contractual clauses, until Switzerland approves the DPF as a valid data transfer mechanism.
If your personally identifiable information changes, or if you no longer desire our Service, you may correct, update, discontinue the use of our Service or delete it by making the change on our member information page or by emailing our Customer Support at firstname.lastname@example.org. We will respond to your request to access within 30 days.
We may update this Statement periodically and without prior notice to you to reflect changes in our relevant practices. If we make material changes to this Statement, we will notify you here, by email, or by means of a notice on our Site prior to the change becoming effective.
You should review the Statement each time you visit our Site to learn of any changes.
If you have questions, concerns or suggestions related to our Statement or our privacy practices you may contact us at:
101 Redwood Shores Pkwy
Redwood City, CA 94065 (650) 779-4993
Date: September 29, 2023