Flexera Privacy Notice

This document was last updated April 14, 2022

We appreciate your interest in our offered services and products and our websites (www.flexera.com, www.flexerasoftware.com, www.revenera.com, www.flexera.de, www.flexerasoftware.de, www.revenera.de, https://store.flexerasoftware.com, http://consumer.installshield.com, https://community.flexera.com/t5/Flexera-Community/ct-p/Flexera_Community, https://community.flexera.com/t5/Flexera-Software-Community/ct-p/Flexera_Software_Community, www.flexnetoperations.com, www.flexnetmanager.com, www.flexnetmanager.eu, www.brainwaregroup.com, https://app.secunia.com/, https://app.flexerasoftware.com/, https://csi7.secunia.com/csi/, https://portal.technopedia.com/login, https://login.rightscale.com/, https://my.metasaas.com/login, https://www.riscnetworks.com, https://portal.riscnetworks.com/, https://analytics.revulytics.com/), online communities and service platforms owned and operated by Flexera (collectively, our “Websites” and together with our services and products, our “Services”). Privacy protection is very important to us, and we are committed to protecting and respecting your privacy. This privacy notice sets out information about how we collect, store, transfer, use and otherwise process personal information.

A. General Provisions

  1. Who we are.

    Flexera Software LLC, 300 Park Blvd, Suite 400, Itasca, IL 60143, (“Flexera Software LLC”) is generally responsible for and controls the processing of your personal information collected through the Services.

    However, if you retain Services directly from a local Flexera group company (i.e., when you have concluded a contract with one of the local Flexera group companies) or otherwise do business with that Flexera group company and share personal information with that company, that company is the data controller in relation to all personal information obtained, used and otherwise processed in relation to such Services.

    The expressions “Flexera,” “we” and “our” include Flexera Software LLC and any other Flexera group company from whom you retain Services. For the contact details of all Flexera group companies see: https://www.flexera.com/about-us/contact-us/office-locations.

    Any Services where a Flexera group company processes personal information based on a data processing agreement entered with you or your employer (or other similarly situated entity) are not covered by this privacy notice. Transfers to subsequent third parties are covered by the service agreements with our customers.


  2. Global applicability and region-specific disclosures.

    This privacy notice is designed to apply to our Website visitors, users of our Services and other companies and users on a global basis. Therefore, section A applies to any processing of personal information worldwide.

    We may choose or be required by law to provide different or additional disclosures relating to the processing of personal information about residents of certain countries, regions or states. Please refer below for disclosures that may be applicable to you:

    Europe
    The processing covered by the Europe-specific privacy disclosures contained in section B include our processing of personal information (i) relating to individuals in the European Union, the UK, Switzerland, Liechtenstein, Norway and Iceland - all of which will, for the purpose of this privacy notice, be defined as “Europe” - if we either offer goods or services to such individuals or monitor their activities in Europe, or (ii) where the processing is undertaken by or on behalf of a Flexera group company located in Europe. Please click here for additional Europe-specific privacy disclosures.

    California
    If you are a resident of the State of California in the United States, please click here for additional California-specific privacy disclosures in section C containing information about the processing of your personal information and the rights granted to you by California law.


  3. What is personal information?

    When we use the term “personal information” in this privacy notice, we mean information that identifies, relates to, describes, is capable of being associated with or could reasonably be linked, directly or indirectly, to you. It does not include aggregated information that is maintained in a form that is not capable of being associated with or reasonably linked to you.


  4. What personal information do we collect?

    In the context of rendering our Services, we may collect personal information about you. This personal information regularly includes the following:

    • If you order any Service from us or ask for a quote (via our Websites or via phone, email or letter): This in particular includes: Your name, company name, company address, billing contact, billing address, company email address, company phone number, job title, job function, industry, price and Service information and customer ID. If you render services as our customers, we may in particular also process the following personal information: Log-in ID, password, employee ID, employment status, manager, your corporate unit and cost center, account name, IP address, computer and device information (such as MAC address, computer/device name, host name, calculated user, hardware dongleID, UUID and FQDN). But we also may process information we need to contact you or otherwise communicate with you, information for order fulfilment and delivery of requested materials or services as well as maintenance and training associated with our Services, information to manage your account, information to enable the download or usage of Services, information on defects or erroneous Services, your feedback and complaints, quotes we offer you and information for invoicing and payment follow-up.
    • If you register on our Websites: Name, company name, company address, company email address, company phone number, job title, job function, industry and your interest(s) in Flexera and/or its Services.
    • If you post on our blogs or forums: You also may provide information to be published or displayed (hereinafter, "posted") on public areas of the Websites, such as forums or blogs, for example, our community forum (https://community.flexera.com/t5/Flexera-Community/ct-p/Flexera_Community) (collectively, "User Contributions"). We may collect any of your User Contributions, your username, your name, company name, company email address as well as your IP address. Please note that we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed or processed by other persons.
    • If you contact us (via our Websites or via phone, email or letter), e.g., for a support request: Name, company name, company address, company email address, company phone number and information on our communication with you, your interest(s) in Flexera and/or its Services and any additional information you provide us with.
    • If you merely use our Websites: IP address, browser data, device type, Uniform Resource Locators (URL), operating system, site preferences and information on your usage of our Websites.
    • If you participate in our events, such as webinars, and trade fair booth events, or if you download our white papers: Name, company name, email address, phone number, address, position/job title, job function, job level and any information on the event or download.
    • If you are in our email marketing campaigns: Name, company name, email address, phone number, address, position/job title, job function, information about whether you are already a customer, marketing campaign information such as the newsletter option you have selected and your reaction to our marketing and your interest in our products.

  5. How do we collect your personal information?

    The personal information is collected in many ways and may include:

    • Personal information you provide to us. Most of the personal information we receive comes to us voluntarily from our users in the course of using our Services, communicating with us in the procurement of or in the process of requesting our Services, registering to attend a seminar or participate in a survey, interacting with us at trade shows or conventions or other industry events or asking to be included in an email or other communication list, or other product promotions.

      You are free to choose which personal information you want to provide to us or whether you want to provide us with any personal information at all. However, some personal information, such as your name, address, payment information and information on your requested Services may be necessary for the performance of our contractual obligations. Without providing this personal information, you will not be able to order certain Services or enter into a contract with us.

    • Personal information collected via technology. As you use our Services, we may collect information automatically, such as log information and through the use of cookies or other tracking technologies. Please see our section “How do we use cookies and other Tracking Technology?” below for more information.
    • Personal information we receive from others. We may receive personal information about users from publicly available databases or third parties from whom we have purchased data, third parties such as social media sites, law enforcement agencies, providers of denied party screening and marketing consultants and partners. We may also receive personal information, such as contact details, including name, position, phone or email address from our partners and customers.

  6. Why we collect and use your personal information?

    The reasons for using your personal information may differ depending on the purpose of the collection. Regularly, we use your personal information for the following purposes:

    • Providing our Services. If you order Services from Flexera or if you contact us to request our Services, we use your personal information to provide you with these Services.
    • Pursue our business interests. The usage of your personal information may also be necessary for our own business interests. For example, we may use some of your personal information to evaluate and review our business performance, create financial statements, improve our Services, provide advertising or to identify potential cyber security threats. We may use your personal information for marketing purposes, for example, to send you relevant product updates and/or share your contact information such as name, email address or phone number with reseller partners for them to directly contact, qualify and manage the customer relationship. In the case that a reseller partner uses your contact details for own marketing purposes, we or the reseller will do so only if you have granted a respective separate consent. If necessary, we may also use your personal information to pursue or defend ourselves against legal claims.
    • Purpose for which consent has been provided. In some cases, we may ask you to grant us separate consent to use your personal information.

      We often work on the basis of consent in relation to sales and marketing campaigns. For example, if you sign up to our email newsletter, you allow us to send marketing communication to you, or when our marketing partners provide us with your email address, we will process your data to the extent covered by your consent. If you want to learn about your options regarding withdrawing your consent to receive marketing communication, please see our section “E-Mail Settings and Preferences.” If you want to learn more about your options to avoid Tracking Technology, please see our section “How do we use cookies and other Tracking Technology?”.

      If you have granted us consent to use your information, we will use it only for the purposes for which you have granted your consent. You are free to deny your consent and the denial will have no negative consequences for you. You are also free to withdraw your consent at any time with effect for the future.

    • Comply with legal obligations. We are obligated to retain certain information because of legal requirements, for example, tax or commercial laws, or we may be required by law enforcement to provide personal information on request.

  7. With whom do we share your personal information?

    As required in accordance with how we use it, we will share your personal information with the following third parties:

    • Flexera group companies. To support our sales and marketing efforts, as well as in the performance of the Services, your personal information may be disclosed to Flexera group companies. Further information regarding the Flexera group companies can be obtained here.
    • Service providers and advisors. We may use third party vendors and other service providers to perform services on our behalf. Such services may include marketing campaign services, providing mailing or email services, tax and accounting services, product fulfilment, payment processing, conducting surveys or contests, performing customer service, performing data enhancement services, performing fraud prevention services, performing web hosting services or providing analytic services. These third parties, whose services Flexera Software LLC regularly uses include, in particular: Eloqua, SalesForce.com, Lithium, Gainsight, Melissa Data and Snowflake. Any such service providers will by appropriate data processing agreements be bound to only process the data on Flexera’s behalf and under its instructions, unless such service providers act as their own controllers (e.g., in the case we seek advice from lawyers and tax consultants).
    • Promotional partners. Third parties with whom we partner to provide promotional activities, which will be identified by name in the context of these activities. We may, for example, share contact details with reseller partners.
    • Purchasers and third parties in connection with a business transaction. Third parties in connection with a Flexera-related transaction, such as a merger, sale of Flexera assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business, or in the event of a bankruptcy or similar proceedings.
    • Law enforcement, regulators, and other parties for legal reasons. Third parties as required by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our legal claims or to protect the security or integrity of our Services; and/or (c) to exercise or protect the rights, property or personal safety of Flexera employees, our visitors or others.
    • The public, when posted in certain public spaces. Remember, our Websites allow you to connect and interact with others. Your profile information or information that you post in a forum or on a blog, including personal information, will be available publicly to other members of the Websites by default when you create a profile, post in a blog or forum or interact with others on the Websites in public groups and post content to public spaces.
    • Otherwise with consent. We may disclose an individual’s personal information to certain other third parties with that individual’s consent.

  8. How do we safeguard your personal information when there is an international transfer?

    As Flexera Software LLC is located in the USA, any information you provide will be processed and stored in the USA.

    Furthermore, some other Flexera group companies who may process your personal information depending on the Services you are using are also located outside Europe. Our Flexera group companies are, for example, located in Japan, Australia, India, and China. Further information regarding the Flexera group companies can be obtained here.

    This may mean that your personal information will be stored in a jurisdiction that offers a level of protection that may, in certain instances, be less protective of your personal information than the jurisdiction you are typically a resident in.

    Further Europe-specific information regarding the safeguards we have in place can be obtained here.


  9. How do we use cookies and other Tracking Technology?

    When using our Services, we and our third-party partners may automatically collect certain types of usage information. For this purpose, we often rely on tracking technologies, including cookies, web beacons, embedded scripts and similar technology (collectively, “Tracking Technologies”) in accordance with this notice. Where legally required, we will inform you about the use of such tracking technologies using so-called cookie-banners and/or obtain your consent to use such Tracking Technology.

    • How do these Tracking Technologies work? Cookies are pieces of code that allow for personalization of the Services experience by saving your personal information such as user ID and other preferences. A cookie is a small data file that we transfer to your device's hard disk (such as your computer or smartphone) for record-keeping purposes. Cookies store certain settings and data for exchange with our system via your browser. A cookie usually contains the name of the domain from which the cookie has been placed, as well as information about the age of the cookie and a random alphanumeric identifier, the so-called cookie-ID. They help to recognize the device and make any pre-settings immediately available. Web beacons are small graphical images that may be included on our Sites and typically work in conjunction with cookies to identify our users and user behaviour. An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on. The code is temporarily downloaded onto your computer or device from our web server or a third-party service provider, is active only while you are connected to the Site and is deactivated or deleted thereafter. Flash cookies are pieces of data that websites which use Adobe Flash may store on a user's computer or device. Third parties with whom we partner to provide certain features on our Sites or to display advertising based upon your web browsing activity often use flash cookies.
    • What information do these Tracking Technologies collect? These tracking technologies collect information about your browser and online usage patterns (e.g., IP address, pages you view, the links you click and other actions you take on the Services such as opening an email, log files, browser type, browser language, referring/exit pages and URLs, etc.), and information about the device(s) you use to access the Services (e.g., unique identification numbers associated with your device or our mobile application (including, for example, a UDID, Unique ID for Advertisers (IDFA), Google AdID or Windows Advertising ID), device type, model and manufacturer, operating system brand and model and, depending on your mobile device settings, your geographical location data). We, or our third party partners, may link your various devices so that content you see on one device can result in relevant advertising and content displayed on another device so that we may recognize and contact you on the various devices you may use.
    • What are Cookies and other Tracking Technologies used for? Tracking Technologies do lots of different jobs, like helping us understand how our Websites are being used, helping us analyse trends, administering the Websites, tracking users’ movements around the Websites, gathering demographic information about our user base as a whole, letting you navigate between pages efficiently, remembering your preferences and generally improving your browsing experience. Tracking Technology can also help ensure that you see marketing content that is more relevant to you and your interests. Therefore, generally speaking, we use the data collected through tracking technologies to: (a) remember information so that you will not have to re-enter it during your visit or the next time you visit the Website(s); (b) provide custom, personalized content and information, including targeted content and advertising; (c) recognize and contact you across multiple devices; (d) provide and monitor the effectiveness of our Services; (e) monitor aggregate metrics such as total number of visitors, traffic, usage and demographic patterns on our Websites; (f) diagnose or fix technology problems; and (g) otherwise plan for and enhance our Services.
    • What types of cookies are used by Flexera? The types of cookies used on our site can generally be put into one of the following categories: Necessary; functional and advertising. You can find out more about each of the cookie categories in the table below.
      • Necessary Cookies. These cookies are essential to make our Websites work. They enable you to move around the Websites and use their features. Without these cookies, services that are necessary for you to fully use our Websites may not be available, such as accessing certain areas of the Websites.
      • Functional Cookies. These cookies allow us to recognize you and tailor our Websites to provide enhanced features and content to you. For example, these cookies can be used to remember your IP address, language choice, country selection and requested Services.
      • Advertising Cookies. These cookies are used to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and may track you on other websites. This information may be shared with other organizations such as advertising partners.
    • How long will cookies stay on your browsing device? The length of time a cookie will stay on your browsing device depends on whether it is a "persistent" or "session" cookie. Session cookies will only stay on your device until you stop browsing the website that has set the cookie. Persistent cookies stay on your browsing device after you have finished browsing a particular website, until they are deleted or until they expire. The actual period of validity of each persistent cookie depends on each cookie. However, they generally expire within 3 months. You can amend your cookie settings using your internet browser’s settings.
    • Cookies by third parties. Some cookies belong to us, and we place them on your device. Other cookies are placed on your browsing device by third parties when you visit our Websites. Third parties setting cookies from our Websites will be providing a service to us or a function of the website, but we do not always control how third-party cookies are used. Some third parties may use advertising cookies to help gather information about your browsing activity so that they can deliver website advertising to you that is relevant to your interests. You should check the third party's website for more information about how they use cookies. The third-party tracking technologies on our Websites include Adobe Audience Manager, Adobe Test & Target, Google AdWords, Twitter Advertising, LinkedIn Marketing Solutions, Eloqua, Facebook Customer Audience, Google Analytics, LinkedIn Analytics, Visual Website Optimizer, Kenshoo and Demandbase. You can, for example, also download the Ghostery browser extension to find out the most current tracking technologies running on our Websites.
    • Interest-based advertising. We participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your online browsing history and your interests. To do this, we or our advertising partners may collect information about how you use or connect to our Services, or the types of other websites, social media services, content and ads that you (or others using your device) visit or view or connect to our Services. Typically, this information is collected through cookies and similar tracking technologies. Where legally required, we will obtain your consent.

      If you only want to limit third-party advertising cookies, you can turn such cookies off by visiting the following links (please bear in mind that there are many more companies listed on these sites than those that drop cookies via our website):

      To manage the Tracking Technologies, you may also follow the steps as described below:

    • How can you manage cookies from our Websites? The cookies we use are designed to help you get the most from our Services, but if you do not wish to receive cookies, most browsers allow you to: (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies. You can also avoid Tracking Technology by not consenting to the use of Tracking Technology when asked for consent in cookie banners. Please check your browser and browser settings to determine where cookies are stored and whether and how they may be deleted. The help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie or how to disable most cookies altogether. Depending on your mobile device and operating system, you may not be able to delete or block all Tracking Technologies. Please note that in the case you delete existing cookies, your chosen pre-settings will be deleted as well. This means that the next time you access our website, we may ask for your consent again (to the extent required by law) and set new cookies. The period of validity of those cookies will then start from the beginning. You may also set your email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our email and performed certain functions with it. In order to understand these settings, the following links may be helpful, otherwise you should use the "Help" option in your browser for more details.

      Cookie settings in Internet Explorer

      Cookie settings in Firefox

      Cookie settings in Chrome

      Cookie settings in Safari

      Please note that if you choose to refuse cookies, you may not be able to use the full functionality of the Services.

    • How to withdraw consent for showing targeted ads on third-party websites and for our use of Tracking Technology. To the extent we rely on your consent to provide you with targeted advertising on third-party websites and the use of Tracking Technology, you may withdraw such consent at any time with effect for the future by contacting us using the contact details set out at the end of this section A. Depending on the setting options and the scope of your consent withdrawal, you may still receive generic ads.
    • Google Analytics. We use Google Analytics and have implemented the following Google Advertising Feature: Google AdWords Conversion. Google uses cookies to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. However, if IP anonymization is activated on this website, your IP address will be shortened by Google in advance within if data is collected from within the Member States of the European Union and in the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. We use Google Analytics to recognize you and link the devices you use when you visit our Websites on your browser or mobile device, login to your account on our Websites, or otherwise engage with us. Google Analytics allows us to better understand how our users interact with our Services and to tailor our advertisements and content to you. For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google's site "How Google uses data when you use our partners' sites or apps" located at www.google.com/policies/privacy/partners/. You can learn about Google Analytics' currently available opt outs, including the Google Analytics Browser Add-On here: https://tools.google.com/dlpage/gaoptout/.
    • We use Demandbase to help us provide you with targeted ads on the basis of cookies and online search behaviour. If you do not wish to receive such ads, you can use the means set out above and also choose to withdraw your consent (if provided before) or opt-out by using the means provided here.

  10. Social media.

    Our Websites include links to social media sites, such as Facebook, LinkedIn, Twitter, Instagram and YouTube. These social sites are hosted by a third party, and your interactions with these features are governed by the privacy notice of the company providing it.


  11. Links to other Websites and services.

    The Services may contain links to and from third-party websites of our business partners, advertisers and social media sites, and our users may post links to third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. We strongly recommend that you read their privacy policies and terms and conditions of use to understand how they collect, use, share and otherwise process personal information. We are not responsible for the privacy practices or the content on the websites of third-party sites.


  12. How do we protect your personal information?

    We implement a variety of security measures designed to maintain the safety of your personal information when you use our Services.

    However, no security system is impenetrable, and we cannot guarantee the security of our systems 100%. In the event that any personal information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose personal information may have been compromised, such notification will be made having regard to the nature of the personal information involved and may include email communications, written correspondence, or public statements and take other steps in accordance with any applicable laws and regulations, such as notify competent data protection authorities.


  13. Children’s privacy.

    We do not knowingly collect or solicit any personal information from anyone under the age of 16 on or through the Services. In the event that we learn that we have inadvertently collected personal information from a child under age 16, we will delete that information as quickly as possible. If you believe that we might have any information from a child under 16, please contact us by using the contact details set out at the end of this section A.

    For Europe-specific information on children’s privacy, please our section “Additional information on children’s privacy”.

    For California-specific information on children’s privacy, please see our section “Additional California-specific information on children’s privacy”.


  14. What rights and choices do you have?

    We want you to understand your rights and choices regarding how we may use your personal information. Depending on how we use your personal information, these rights and choices may include the following:

    • Access, correction and deletion. Upon request, Flexera will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by contacting us at marketingops@flexera.com. We will respond to your request within a reasonable timeframe.
    • Cookies Settings and Preferences. You may disable cookies and other tracking technologies through the settings in your browser. In the case you have provided consent to use marketing cookies and similar Tracking Technology or would like to learn more about how to avoid Tracking Technology, please see our section “How do we use cookies and other Tracking Technology?”.
    • E-Mail Settings and Preferences. If you have consented to receiving marketing communication (e.g., by signing up for our newsletters), you may easily withdraw your consent at any time with effect for the future. You can also opt out from receiving marketing emails if we do not rely on consent. You can withdraw your consent or opt out from receiving marketing communication via or by using the link provided to you at the end of each promotional communication. You may also contact us using the contact details set out at the end of this section A to request that we remove you from our email list. https://info.flexera.com/Manage-Preferences.
    • Deny or Withdraw of Consent. We may work on the basis of consent, in particular in relation to sales and marketing campaigns. For example, if you sign up to our email newsletter, you allow us to send marketing communication to you, or when our marketing partners provide us with your email address, we will process your data to the extent covered by your consent. If you have granted us consent to use your personal information, we will use it only for the purposes for which you have granted your consent. You are free to deny your consent and the denial will have no negative consequences for you. You are also free to withdraw your consent at any time with effect for the future without negative consequences for you. However, we will not / no longer be able to provide you with the Services to which this consent relates. If you want to learn about your options regarding withdrawing your consent to receive marketing communication specifically, please see our section “E-Mail Settings and Preferences” above. If you want to learn more about your options to avoid Tracking Technology, please see our section “How do we use cookies and other Tracking Technology?
    • Europe-specific rights. For further Europe-specific rights, please see our section “Additional Europe specific disclosures.”
    • California-specific rights. For further California-specific rights, please see our section “Additional CCPA specific disclosures.”

  15. Online privacy notice updates.

    We may make changes to our privacy notice from time to time and will update the “last updated” date at the beginning of this privacy notice. Please review our policies regularly, as updated policies will apply to your future use of our Services. To the extent that we have your contact information, we will notify you of any material changes to our privacy notice.


  16. How to contact us?

    If you have any questions or concerns about our privacy notice or if you want to exercise your rights, please send an email to DataProtectionTeam@flexera.com or write to us at:

    Flexera Software LLC, 300 Park Boulevard, Suite 400, Itasca, IL 60143, USA

    You may also contact the EU representative of all non-EU Flexera group companies, which is Flexera Software GmbH, at DataProtectionTeam@flexera.com or Hahnenkamp 1, 22765 Hamburg, Germany.

    For the individuals and supervisory authorities in the UK, the UK representative of all non-EU Flexera group companies is Flexera Software Ltd. Level 3, 401 Faraday Street Birchwood Park, Birchwood Warrington, Cheshire WA3 6GA, United Kingdom. The UK representative may be contacted at DataProtectionTeam@flexera.com.

    If you obtain Services from one of our Flexera entities, you may of course address any privacy related question to the Flexera entity that has concluded a contract with you.

    While the main contact information above is favored and would be happy to respond to all queries for all entities within the Flexera family, you can obtain contact information on each Flexera group company here.


  17. Data Compliance Team.

    For all enquiries regarding Flexera’s data processing activities, you may also want to contact our Data Compliance Team, who can be reached at DataProtectionTeam@flexera.com.

B. Additional Europe-specific disclosures

  1. Scope of the disclosure.

    These Additional Europe-specific disclosures supplement the information contained in our privacy notice above to comply with the requirements under applicable data protection law in Europe, in particular the General Data Protection Regulation (“GDPR”). Unlike the generally applicable section A. of this privacy notice, these Additional Europe-specific disclosures apply only to our processing of personal information where the processing of personal information relates to individuals in Europe -–where we either offer goods or services to such individuals or monitor their activities in Europe or where the processing is undertaken by or on behalf of a Flexera company or branch established in Europe.


  2. Information on data processing rendered by us on behalf of customers.

    Where a Flexera group company processes personal information based on a data processing agreement entered with you or your employer (or other similarly situated entity), the respective Flexera group company is not the data controller but a data processor.

    The use of personal information provided to us as a data processor by our customers for the purpose of processing on their behalf shall be limited to the purpose of providing the Service for which the customer has engaged Flexera (data processing on behalf of customer).

    Flexera acknowledges that you have the right to access your personal information. Flexera has no direct relationship with the individuals whose personal information it processes on behalf of its customers. An individual who seeks access or who seeks to correct, amend or delete inaccurate data should direct their query to Flexera’s customer (the data controller). If requested to remove data we are processing for our customer, we will respond within a reasonable timeframe. We may transfer personal information to companies that help us provide our Services. Transfers to subsequent third parties are covered by the service agreements with our customers.


  3. Legal basis based on which we collect and use your personal information.

    Regularly, we use your personal information based on the following legal grounds according to the GDPR and the Data Protection Act 2018:

    • Perform of our contractual services or prior to entering into a contract with you. If you order Services from Flexera or if you contact us to request our Services, we use your personal information to provide you with these Services.
    • Justified by our legitimate interests. The usage of your personal information may also be necessary for our own business interests. For example, we may use some of your personal information to evaluate and review our business performance, create financial statements, improve our Services, provide advertising or to identify potential cyber security threats. We may use your personal information for marketing purposes, for example, to send you relevant product updates and/or share your contact information such as name, email address or phone number with reseller partners for them to directly contact, qualify and manage the customer relationship. To the extent we rely on legitimate interests to process your data for marketing purposes (for example, in the case that you have provided your email address in connection with the purchase of our services), you may object to such processing at any time via https://info.flexera.com/Manage-Preferences or by using the link provided to you at the end of each promotional communication. You may also contact us using the contact details set out at the end of section A to request that we remove you from our email list. If necessary, we may also use your personal information to pursue or defend ourselves against legal claims.
    • Consent In some cases, we may ask you to grant us separate consent to use your personal information. Please see “What rights and choices do you have?” regarding the choices and rights you have in this respect.

       

    • Compliance with legal obligations. We are obligated to retain certain personal information because of legal requirements, for example, tax or commercial laws, or we may be required by law enforcement to provide personal information on request.

    We do not use your personal information for automated individual decision-making.


  4. Additional information on international data transfers.

    TRUSTeWe may transfer personal information about you outside Europe and when we do so, we rely on appropriate or suitable safeguards recognized under applicable law in Europe, including adequacy decisions, Standard Contractual Clauses that have been adopted by the European Commission and provide appropriate guarantees for the transfer of personal information.

    • Flexera-internal transfers.

      As regards the sharing of personal information with Flexera group companies located outside Europe, Flexera has entered into data transfer agreements based on the Standard Contractual Clauses issued by the European Commission. The data transfer agreements between the Flexera group entities also make use of the Standard Contractual Clauses issued by the European Commission for data transfers to Flexera group entities located in the US, the UK or any other country in which we have subsidiaries for as long as these countries are not acknowledged by the European Commission or Switzerland as providing for an adequate level of data protection. If you would like to obtain further information, please contact us using the contact details set out at the end of section A.

    • External transfers.

    We may transfer personal information about you to countries that the European Commission has deemed to adequately safeguard personal information. We may also use Standard Contractual Clauses when transferring personal information from a country in Europe to a country outside Europe that has not been deemed to adequately safeguard personal information. The same applies to data transfers from the European Economic Area or Switzerland to the UK as well as data transfers from the UK to other countries that are not recognized by the UK to adequately safeguard personal information. If you would like to obtain further information, please contact us using the contact details set out at the end of section A.


  5. How long do we keep your personal information?

    We will store personal information for as long as necessary to fulfil the purposes for which we collect the personal information, and in accordance with our legal obligations and legitimate business interests. Personal information collected in connection with the Websites by Eloqua that offers marketing services will be identified for manual removal after 18 months of no interaction between the data subject and Flexera. Additionally, personal information processed by Flexera as a data processor will be removed in accordance with the instructions of the applicable data controller.

    If you signed up for our promotional emails, we will delete the respective personal information if you unsubscribe from receiving our promotional emails. However, we will store your email address in a ‘do not contact’ list to ensure that you will not receive any further communication.


  6. Additional Europe-specific information on children’s privacy.

    From children under the age of 16 residing in Europe, we will not process any personal information on the ground of a consent.


  7. Europe-specific rights.

    Subject to the applicable law in your jurisdiction, you have the following rights in respect to your personal information that we hold:

    • Right of access. The right to obtain access to your personal information.
    • Right to rectification. The right to obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete.
    • Right to erasure. The right to obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed.
    • Right to restriction. The right to obtain restriction of the processing undertaken by us on your personal information in certain circumstances, such as, where the accuracy of the personal information is contested by you, for a period of time enabling us to verify the accuracy of that personal information.
    • Right to portability. The right to portability allows you to move, copy or transfer personal information easily from one organization to another.
    • Right to object. You have a right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. You can object to marketing activities for any reason whatsoever.

    If you wish to exercise one of these rights, please contact us by using the contact details set out at the end of section A.

    In addition to the foregoing listed rights, you also have the right to lodge a complaint with your local data protection authority. However, we encourage you to first reach out to us by using the contact set out at the end of section A so that you have an opportunity to address your concerns directly and find a solution together before you do lodge a complaint.

C. Additional California-specific disclosures

  1. Scope of notice.

    These Additional California specific disclosures (the “CA Notice”) supplements the information contained in the privacy notice above and applies solely to individual residents of the State of California (“consumers” or “you”).

    This CA Notice provides additional information about how we collect, use, disclose and otherwise process personal information of individual residents of the State of California, either online or offline, within the scope of the California Consumer Privacy Act of 2018 (“CCPA”).

    Unless otherwise expressly stated, all terms in this CA Notice have the same meaning as defined in our privacy notice above or as otherwise defined in the CCPA.


  2. General remarks on personal information disclosures.

    When we use the term “personal information” in this CA Notice, we mean information that identifies, relates to, describes, is reasonably capable of being associated with or could reasonably be linked, directly or indirectly, with a particular consumer or household.

    For the purposes of this CA Notice, the term personal information does not include:

    • Publicly available information from government records.
    • De-identified or aggregated information that is maintained in a form that is not capable of being associated with or linked to you.
    • Information excluded from the CCPA's scope, such as:
      • Information reflecting a communication or a transaction between us and a representative of another legal entity in the context of conducting due diligence regarding, or providing or receiving, a product or service to or from that legal entity.
      • Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
    • Information relating to our job applicants, employees, contractors and other personnel.

  3. Information on data processing rendered by us on behalf of customers.

    Where a Flexera group company processes personal information based on a data processing agreement entered with you or your employer (or other similarly situated entity), the respective Flexera group company is not the “business” that determines the purposes and means of the processing of consumers’ personal information, but a “service provider” within the meaning of the CCPA.

    The use of personal information provided to us as a service provider by our customers for the purpose of processing on their behalf shall be limited to the purpose of providing the Service for which the customer has engaged Flexera (data processing on behalf of customer).

    Flexera acknowledges that you have the right to access your personal information. Flexera has no direct relationship with the individuals whose personal information it processes on behalf of its customers. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to Flexera’s customer (the business). If requested by our customer to remove data we are processing on their behalf and at their direction, we will respond within a reasonable timeframe. We may transfer personal information to companies that help us provide our Services. Transfers to subsequent third parties are covered by the service agreements with our customers.


  4. Collection and use of personal information.

    In the last 12 months, we have collected the following categories of personal information from the following sources of personal information for the following purposes, which reference the personal information, sources and purposes described in the “What personal information do we collect?” and “How do we collect your information” section of our privacy notice:

     
    Category of Personal Information Collected Commercial or Business Purpose Categories of Sources

    Identifiers, including your name, email address, phone number, postal address, username and password

    Yes
    • Monitor and run the use of services
    • For customer service purposes
    • For quality assurance purposes
    • For regulatory compliance purposes
    • For collecting feedback
    • Personalization purposes
    • For marketing purposes
    • Product and services improvement
    • For contests and sweepstakes
    • For market research purposes
    • Directly from you
    • Your browser or device
    • Our business partners and affiliates
    • Third parties you direct to share information with us
    • Push notification providers
    • Customer service platforms

    Internet/Network Information, such as IP address, device and browser information, clickstream data, log data and analytics data

    Yes
    • To monitor and run the services
    • Understanding consumer behavior
    • Addressing software issues
    • Personalization purposes
    • Product and services improvement
    • Directly from you
    • Your browser or device

    Geolocation Data, such as your general geographic location or more precise location when permitted by law

    Yes
    • To generate recommendations for users
    • Monitor the use of products
    • Personalization purposes
    • Directly from you
    • Your browser or device

    Other Personal Information, such as personal information you provide us in relation to a question, request or inquiry, or information you post on our social media pages or otherwise provide to us

    Yes
    • Monitor and run the use of services
    • For market research purposes
    • Directly from you
    • Your browser or device
    • Third parties you direct to share information from us

    Inferences, including predictions about your interests and preferences.

    Yes
    • To generate recommendations for users
    • Monitor the use of services
    • Monitor habit formation
    • For engagement analytics
    • Personalization purposes
    • For market research purposes
    • Directly from you
    • Your browser or device
    • Information generated or derived from your purchases, online browsing and usage activity

  5. Disclosure and sale of personal information.

    As described in the “With whom do we share your personal information?” section in our privacy notice, we have disclosed personal information within Flexera and with a variety of third parties for business purposes.

    In the previous 12 months, we have disclosed the following categories of personal information to third parties for a business purpose:

    • All of the categories of personal information we collect, explained in the table above.

    *Note about “Sales”: Flexera does not “sell” personal information as most people would typically understand that term. However, we do allow certain third-party advertising partners to collect information about consumers through our Services for purposes of serving ads that are more relevant, for ad campaign measurement and analytics and for ad fraud detection and reporting. To the extent these practices qualify as “sales” under the CCPA, you may have the right to opt out as described in the “California-specific rights” section below.


  6. California-specific rights.

    As a California resident, you may be able to exercise the following rights in relation to the personal information about you that we have collected (subject to certain limitations at law):

    • Right of access. The right to access and obtain a copy of the personal information we have collected about you in the last 12 months.
    • Right to knowledge: The right to request the following information from the last 12 months relating to the personal information we have collected about you:
      • The categories and specific pieces of personal information we have collected about you;
      • The categories of sources of the personal information;
      • The purposes for collecting the personal information;
      • The categories of third parties with whom we share the personal information; and
      • The categories of personal information we have disclosed for a business purpose and the categories of recipients.
    • Right to deletion. The right to request the deletion or erasure of personal information we have collected about you.
    • Right to opt out. The right to direct us not to sell personal information we have collected about you to third parties now or in the future.
    • Right to opt in. If you are under the age of 16: The right to authorize us, or have your parent or guardian authorize us, to sell personal information about you.
    • Non-discrimination. The right to be free from discrimination for exercising any of the rights described above. Please note, however, that if the exercise of the rights described above limits our ability to process personal information (such as in the case of a deletion request), we may not be able to provide our services and offerings to individuals who exercise these rights, or to otherwise engage with such individuals going forward.

  7. How to exercise your California-specific rights.
    • To exercise your right to know or right to deletion. To exercise your right to know and/or right to deletion, please submit a request by:
      • Emailing DataProtectionTeam@Flexera.com with the subject line “California Rights Request,”; or
      • Filling out our California Resident Rights Request Form.

      Before processing your request, we will need to verify your identity and confirm you are a resident of the State of California. In order to verify your identity, we will generally require you to (1) log into your account if you have one, or (2) require you to provide sufficient information to enable us to identify the information we maintain about you in our systems. This process may require us to request additional personal information from you, including, but not limited to your name, email, address, and/or date of last interaction with customer service. We will only use personal information provided in connection with a Consumer Rights Request to review and comply with the request.

      In certain circumstances, we may decline a request to exercise the rights described above, particularly where we are unable to verify your identity or locate your personal information in our systems. If we are unable to comply with all or a portion of your request, we will explain the reasons for declining to comply with the request.

      Authorized Agents

      In certain circumstances, you are permitted to use an authorized agent (as that term is defined by the CCPA) to submit requests on your behalf through the designated methods set forth in this CA Notice where we can verify the authorized agent’s authority to act on your behalf by:

      • For requests to know or delete personal information:
        • receiving a power of attorney valid under the laws of California from you or your authorized agent; or
        • receiving sufficient evidence to show that you have:
          • provided the authorized agent signed permission to act on your behalf;
          • verified your own identity directly with us pursuant to the instructions set forth in these Disclosures; and
          • directly confirmed with us that you provided the authorized agent permission to submit the request on your behalf.
      • For requests to opt-out of personal information “sales”: receiving a signed permission demonstrating your authorized agent has been authorized by you to act on your behalf.
    • To exercise your right to opt out of personal information sales

      As noted above, we do not “sell” personal information as most people would typically understand that term. However, as is common practice among companies that operate online, we permit third party advertising networks, social media companies and other third party businesses to collect and disclose your personal information (including Internet/Network Information, Commercial Information, and Inferences) directly from your browser or device through cookies or tracking technologies when you visit or interact with our websites or engage with us online. These third parties use this information for the purposes of serving ads that are more relevant, for ad campaign measurement and analytics, and for fraud detection and reporting and they may sell that information to other businesses for advertising and other purposes. By visiting www.privacyrights.info or https://optout.privacyrights.info/, you can opt out from sales of this type of personal information by businesses that participate in the opt out tool. To make opt-out requests related to mobile apps on your device for businesses participating in the DAA’s CCPA App-based Opt-Out Tool, you can download the appropriate app at www.youradchoices.com/appchoices. To learn more about how third parties collect information automatically and the choices you may have in relation to those activities, please see “How can you manage cookies from our Websites?” and “Interest-based advertising” in the “How do we use cookies and other Tracking Technology?” section of our privacy notice.


  8. Minors under age 16.

    We do not sell the personal information of consumers we know to be less than 16 years of age, unless we receive affirmative authorization (the "Right to Opt In") from either the minor who is between 13 and 16 years of age or the parent or guardian of a minor less than 13 years of age. Please contact us at DataProtectionTeam@Flexera.com to inform us if you or your minor child are under the age of 16. 


  9. Additional information.

    Updates to This CA Notice
    We will update this CA Notice from time to time. When we make changes to this CA Notice, we will change the "Last Updated" date at the beginning of this CA Notice. All changes shall be effective from the date of publication unless otherwise provided in the notification.