Agreements and Terms

Policies and Guidelines

Trademarks and Intellectual Property

Procurement and Suppliers

Data Protection and Privacy
Agreements and Terms

Customer Agreements and User Terms for Products and Services

Data Protection and Privacy

Policies

Product Terms

Free Trial and Beta Services Terms

Privacy Notice

Effective Date:July 28, 2023
Date Last Updated:December 30, 2022
For the prior version of our Privacy Notice, clickhere.
For the prior version of our Zendesk Events Policy, clickhere.

Hello! Zendesk is a service-first CRM company that builds software designed to improve customer relationships. We’ve developed this Privacy Notice (“Notice”) to explain to you how we collect, use, disclose, and store personal data.

This Noticeonly适用于当Zendesk控制亚博器的个人data (example: Zendesk website visitors’ personal data and business-to-business contact data).Zendesk is aProcessor, not a Controller, of personal data that we process on behalf of our Subscribers when they use Zendesk products and Services. For clarity, this means that this Notice doesnotapply to Zendesk products and Services. If you have questions related to how a Zendesk Subscriber utilizes your personal data, please contact them directly. We are not responsible for the privacy or data security practices of our Subscribers. This Notice also does not apply to personal data about current and former Zendesk employees, job candidates, or contractors and agents acting in similar roles.

Table of Contents:

1. Introduction

This Notice applies to Zendesk, Inc. and its relevant Affiliates listed inSection 14(“亚博,” “us,” “we,” or “our”). Capitalized terms that we use but are not defined in the Notice (such as Site, Services, Subscriber, Agent, Agent Contact Information, etc.) have the meaning provided in ourMain Services Agreement. If you are located in the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“U.K.”), please refer toSection 11of this Notice for more information about which specific entity or entities act as a controller of your personal data.

When Does This Notice Apply?This Notice only applies to personal data that Zendesk handles as a Controller (meaning where Zendesk controls how and why your personal data is processed). This includes when you:

Changes: We may update this Notice from time to time. Please check back periodically for updates. If you do not agree with any changes we make, you should stop interacting with us. When required under applicable law, we will notify you of any changes to this Notice by posting an update on our Site or in another appropriate manner.

2. Personal Data We Collect and Disclose

The below table describes what personal data we collect about you and to whom we disclose personal data. California individuals: This table includes the parties we disclose personal data to for a business or commercial purpose, as defined by California law.

In addition to the above disclosures, we may share your personal data to respond to lawful requests by law enforcement or other government authorities, including to meet national security requirements, in accordance with ourGovernment Data Request Policy. We may also de-identify, anonymize, or aggregate personal data to use or share with third parties for any purpose, where legally permitted.

3. How We Process Personal Data

We may process your personal data for the below purposes:

亚博Zendesk将荣誉主体权利扩大的数据nt required by law. You may have the right to access, correct, update, and, in some cases, request deletion of your personal data (subject to exceptions). You may submit a requesthere.

Zendesk uses a limited number of third-party service providers to assist us in processing data for certain purposes. These third-party providers help support certain site features, perform database monitoring and other technical operations, assist with the transmission of data, and provide data storage services. These third parties may process or store personal data while providing their services. Zendesk maintains contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our obligations under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, including the onward transfer provisions, and Zendesk remains liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.

4. Sources of Personal Data

We may combine information that we receive from the various sources described in this Notice, including third-party sources and public sources, and use or disclose it for the purposes identified above.

5. Cookies and Tracking Technologies

We use cookies and other tracking technologies and offer you the option to manage these settings as described in ourCookie Notice. Some tracking technologies enable us to track your device activity over time and across devices and websites. While some browsers have incorporated Do Not Track or DNT preferences, we do not honor such signals from web browsers at this time.

6. Security and Retention

We maintain appropriate security procedures and technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, disclosure, alteration, or use.

Your personal data will be generally retained as long as necessary to fulfill the purposes for which we collected the personal data. Once you and/or your company have terminated the contractual relationship with us or otherwise ended your relationship with us, we may retain your personal data in our systems and records to ensure adequate fulfillment of surviving provisions in terminated contracts or for other legitimate business purposes, such as to evidence our business practices and contractual obligations, to provide you with information about our products and services, or to comply with applicable legal, tax, or accounting requirements. When we have no ongoing legitimate business need nor lawful legal ground to process your personal data, we will delete, anonymize, or aggregate it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. If you want to know more about retention periods applicable to your particular circumstance, please contact us using the details provided inSection 9below.

7. Children’s Privacy

Our Sites and Services are not directed to children under the age of 16, and we do not knowingly collect online personal data directly from children. If you are a parent or guardian of a minor child and believe that the child has disclosed online personal data to us, please contact us using the details provided inSection 9below.

8. External Links

When interacting with us, you may encounter links to external sites or other online services, including those embedded in third-party advertisements. We do not control and are not responsible for privacy and data collection policies for such third-party sites and services. You should consult such third parties and their respective privacy notices for more information or if you have any questions about their practices.

9. Contact Information

If you have questions or complaints regarding this Notice or about the Zendesk Group’s privacy practices, please contact us by email ateuprivacy@zendesk.comorprivacy@zendesk.com, or at:
Zendesk, Inc.
Attn: Privacy Team
989 Market Street
San Francisco, CA 94103, United States

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we commit to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visitherefor more information or to file a complaint. The services of TRUSTe are provided at no cost to you.

10. Supplemental Terms for California Residents

Pursuant to the California Consumer Privacy Act (“CCPA”), this Section 10 applies to certain personal data collected about California individuals where Zendesk controls how and why the personal data is processed (which the CCPA calls a “business”) and supplements the rest of our Notice above. This Section 10 does not apply to current or former employees, applicants, contractors, or agents.

a. Additional Data Processing Disclosures:
The below table provides the categories of personal data we have sold, shared, or disclosed to third parties, as defined by the California Privacy Rights Act. For reference, the table inSection 2provides the categories of personal data collected and our disclosures of personal data.

Although we have not “sold” or “shared” personal data for money in the past 12 months, we engage in routine practices with our Digital Properties involving third parties that could be considered a “sale” or “sharing” as defined under California law. We do not knowingly sell or share any personal data of minors under the age of 16. We do not collect or process “sensitive personal information,” as defined by California law, to infer characteristics about you. Zendesk only uses sensitive personal information consistent with the exceptions to the right to limit sensitive personal information.

Financial Incentives: We may offer a benefit or offering in exchange for you providing personal data, such as a discount or coupon to individuals who respond to a survey. As part of these surveys we may collect personal data, such as your name, contact information, preferences, experiences, beliefs, opinions, and other responses to the survey questions. Participation in surveys is governed by the applicable terms and conditions for the survey, which will describe any financial incentives associated with that survey and how to participate. The value of your data is the value of the offer presented to you. We have calculated such value by using the expense related to the benefit. You may withdraw from any financial incentive at any time by emailing us atprivacy@zendesk.com. If we offer another type of financial incentive, we will share with you the material terms of each offer when we ask you to participate.

b. Your Data Protection Rights:
受法律限制,某些加州residents may have the below rights.

California residents may request to exercise the Right to Know, the Right to Delete, and the Right to Correct by using ourwebformor by emailing us atprivacy@zendesk.com. We will not discriminate against you, in any manner prohibited by applicable law, for exercising these rights.

How to Fully Exercise the Right to Opt Out of Sale or Sharing:In order to fully exercise the Right to Opt Out of Sale or Sharing with respect to any “sale” or “sharing” of information, you must undertake both of the following steps:

If you block cookies, we will be unable to comply with your Right to Opt Out of Sale or Sharing request for device data that we automatically collect and disclose to third parties online using cookies, pixels, and other tracking technologies. If you clear the cookies in your browser, you will need to follow Step 2 above again. To the extent required by California law, we will honor “Do Not Sell or Share” opt-out preference signals sent in a format commonly-used and recognized by businesses at the browser level, such as an HTTP header field or JavaScript object.

Verification:我们处理加州数据保护请求will need to obtain information to locate you in our records or verify your identity, depending on the nature of the request. In most cases, we will request information about you, which may include your name, email address, or other information. If you submit a Right to Know “Specific Pieces Report,” we may also request a signed declaration, under penalty of perjury, that you are who you say you are. We may request alternative information under certain circumstances and/or use third parties to help verify your identity.

Authorized Agents:Authorized agents may exercise California data protection rights on behalf of California individuals, but we reserve the right to verify the individual’s identity directly as described above. Authorized agents must contact us by submitting a request through ourwebformand indicate that they are submitting the request as an agent. We may require the agent to demonstrate authority to act on your behalf by providing signed permission from you. We may also require you to verify your own identity directly with us or to directly confirm with us that you provided the authorized agent permission to submit the request.

Timing:We will process Right to Opt Out of Sale or Sharing requests within fifteen business days from the date we received the request. We will respond to Requests to Delete and Requests to Know within forty-five days unless we need more time, in which case we will notify you, and it may take up to ninety days to respond to your request.

11. Supplemental Information for the EEA, Switzerland, and the U.K.

The following terms supplement the Notice with respect to our processing of EEA (i.e., European Union Member States, Iceland, Liechtenstein, and Norway), Swiss, and U.K. personal data. In the event of any conflict or inconsistency between the other parts of the Notice and the terms of this Section 11, Section 11 shall govern and prevail with regard to the processing of EEA, Swiss, and U.K. Personal Data, to the extent applicable.

Data Controller:The Zendesk entity with which you have a primary relationship (such as the entity that concluded the Services contract with you; the entity that has provided you with marketing materials and promotional communications; or the primary entity in the region where you access our Site) is the controller within the scope of this Notice. In the majority of cases, this will be Zendesk, Inc., unless we specifically inform you otherwise.

a. Legal Basis for Processing:
Please seeSection 3for the legal basis on which we rely for the collection, processing, and use of personal data.

b. Your Data Protection Rights:
Under applicable data protection laws, you may exercise certain rights regarding your personal data:

You may exercise these rights by contacting us using the details provided inSection 9above. Please note that we may refuse to act on requests to exercise data protection rights in certain cases, such as where providing access might infringe someone else’s privacy rights or impact our legal obligations.

c. International Transfers of Personal Data:
Due to the global nature of our operations, some of the recipients mentioned inSection 2of the Notice may be located in countries outside the EEA, Switzerland, or the U.K., which do not provide an adequate level of data protection as defined by data protection laws in the EEA, Switzerland, and the U.K. Transfers within the Zendesk Group or to third parties located in such third countries take place using a valid data transfer mechanism, such as the EU Standard Contractual Clauses and/or the U.K. Addendum to such clauses, approved Binding Corporate Rules, approved codes of conduct and certifications mechanisms, on the basis of permissible statutory derogations, or any other valid data transfer mechanism issued or approved by the EEA, Swiss, or U.K. authorities. More information on (including a copy of) our Binding Corporate Rules is available here, and evidence of our Binding Corporate Rules approval is available on the European Data Protection Board’s website here. Certain third countries have been officially recognized by the EEA, Swiss, and U.K. authorities as providing an adequate level of protection and no further safeguards are necessary. Please reach out to us using the contact information inSection 9above, if you wish to receive further information about how we transfer personal data or, where available, a copy of the relevant data transfer mechanism.

Zendesk, Inc., FutureSimple Inc., and Smooch Technologies US Inc. comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Zendesk, Inc. FutureSimple Inc., and Smooch Technologies US Inc. have certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Zendesk, Inc. FutureSimple Inc., and Smooch Technologies US Inc. have certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visithttps://www.dataprivacyframework.gov/.

The Federal Trade Commission has jurisdiction over Zendesk, Inc., FutureSimple Inc., and Smooch Technologies US Inc. compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Data Protection Officer:The contact details for our data protection officer are as follows: Zendesk, Inc., Attn: Privacy Team and DPO, 989 Market Street, San Francisco, CA 94103, United States,euprivacy@zendesk.com.

12. Supplemental Information for Other Regions

13. English Version Controls

Non-English translations of this notice are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.

14. Zendesk, Inc. Affiliates

亚博Zendesk有限公司;亚博Zendesk巴西软件CorporativoLtda; Zendesk UK Limited; Zendesk International Limited; Zendesk APS; Zendesk Pty., Ltd; Kabushiki Kaisha Zendesk; Zendesk Incorporated; Zendesk GmbH; Zendesk Singapore Pte. Ltd.; We Are Cloud SAS; Base sp. z o. o. (Base spółka z ograniczoną odpowiedzialnością); Zendesk Technologies Private Limited; FutureSimple Inc.; Zendesk Korea LLC; Smooch Technologies ULC; Cleverly, Unipessoal, LDA.; ZD Sub Holdings (U.S.); Zendesk Sweden AB.; Smooch Technologies US Inc. (U.S.); Zendesk S. de R.L. de C.V. (Mexico); Zendesk Technologies Spain S.L. (Spain); Zoro TopCo, LP; Zendesk Netherlands B.V.; Zendesk Italy S.r.l.