Close
Webinar featuring guest Forrester: Why Process Excellence is Key to World-Class Operations in a Digital World

Last Update: January 1, 2020

Website data protection statement and information for data subjects pursuant to Article 13 and Article 14 of the EU General Data Protection Regulation.

This Celonis Privacy Policy (โ€œPrivacy Policyโ€) describes how we collect, use, protect, and disclose information associated with a natural person (โ€œPersonal Dataโ€), and what choices you have with respect to that Personal Data. This Privacy Policy applies when you access or use any of our websites, receive communications from us, including, emails, phone calls, or texts, access our cloud services where we act as controller of your Personal Data, or access other digital properties such as our social media pages, when you attend events hosted or attended by Celonis, when you contact us for customer support, or when you otherwise interact with us (collectively, the โ€œServicesโ€).

When we refer to โ€œCelonisโ€, we mean the Celonis entity that acts as the controller or processor of your information, as explained in more detail in the โ€œIdentifying the Data Controller and DPOโ€ section below.

We may change this Privacy Policy at any time or substitute this Privacy Policy at our sole discretion. You should check regularly for the most up-to-date version of this Privacy Policy whenever you access the Services.

1. General data processing information

Data Collected:

The Personal Data that we collect directly from you may include the following: if you express an interest in obtaining additional information about our services, request customer support, contact us directly via the website or otherwise, register to use our websites, sign up for an event or webinar, or download certain content, we generally require you to provide us with your contact information, such as your name, job title, company name, address, phone number, email address, or username and password. If you use and interact with our websites, we automatically collect log files and other information about your device and your usage of our websites through cookies, web beacons or similar technologies, such as IP-addresses or other identifiers, which may qualify as Personal Data (see sections 2 & 3 below). We may also obtain Personal Data from third parties. Any processing of your Personal Data that goes beyond the scope of the statutory permission is only possible on the basis of your express consent, or, where permitted by local laws, on the basis of our legitimate interests.

Processing Purpose:

We process Personal Data for the purpose of providing the Services. To fulfill these purposes, we may access data to provide the Services, to prevent or address service or technical problems, to respond to customer support matters, to follow the instructions of our customer who submitted the data, or in response to contractual requirements with our customers. Personal Data will be used by us in accordance with your instructions, for contract execution and as further described sections 2 & 3 below. We may also process Personal Data for marketing purposes.

Who we share data with:

We use a limited number of third-party providers to assist us in providing the Services, as further described in sections 2 & 3. As of the date hereof, these third-party providers perform technical operations such as database monitoring, data storage and hosting services, and customer support software tools. These third parties may access, process, or store Personal Data in the course of providing these services, but based on our instructions only. Further we share data with the following categories:

โ€ข Public authorities in the event of priority legislation.

โ€ข External service providers or other contractors.

โ€ข Other external bodies in so far as the data subject has given their consent or a transmission is permitted due to a prevailing interest.

If we receive Personal Data subject to our certification under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the Personal Data in a manner inconsistent with the Privacy Shield and (ii) we are responsible for the event giving rise to the damage.

Transfers of data:

We may transfer your Personal Data to countries other than the one in which you live. Therefore, your Personal Data may be processed outside the EEA, and in countries which are not subject to an adequacy decision by the European Commission and which may not provide for the same level of data protection in the EEA. In this event, we will ensure that such recipient offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR), or we will ask you for your prior consent to such international data transfers. To comply with European Union and Swiss data protection laws, Celonis, Inc. (โ€œCelonis U.S.โ€) self-certified under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, as further described below.

Duration of data storage:

The duration of data storage depends on the statutory storage requirements and is usually 10 years, unless otherwise requested by You or the controller of data.

2. How we use, process, and disclose your information on the website

Use of cookies and other tracking technologies:

We use โ€œcookiesโ€ and similar technologies alone or in conjunction with cookies to increase user-friendliness and compile information about the usage of our websites and your interactions with communications from us. Cookies are text files sent by the web server to the userโ€™s browser and stored there for later retrieval and to enable certain functionality.

We use both session-based and persistent cookies on our websites. To change your cookie settings, click the Cookies Opt-out button at the bottom of this page. You can also control the use of cookies at the individual browser level but choosing to disable cookies may limit your use of certain features or functions on our websites and services.

We also use web beacons on our websites and in email communications. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to one of our websites. Such technologies are used to operate and improve our websites and email communications. For instructions on how to unsubscribe from our marketing emails, please email info@celonis.com attn: unsubscribe.

The following describes the types of cookies we use:

Required Cookies. Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies. If you have chosen to identify yourself to us, we may place on your browser a cookie that allows us to uniquely identify you when you are logged into our websites, our Services, and to process your online transactions and requests. Required cookies are essential to operate our sites, and there is no option to opt out of these cookies.

Functional Cookies. Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual. Functional cookies are used to improve how our websites function and to help us provide you with more relevant communications, including marketing communications. We may use third-party technology to track and analyze usage information to provide enhanced interactions and more relevant communications, and to track the performance of our marketing campaigns.

Targeting or Advertising Cookies. Targeting or advertising cookies track activity across websites in order to understand your interests, and to direct specific marketing to you. We sometimes use cookies delivered by us or by third parties to show you ads for our products that we think may interest you on devices you use and to track the performance of our advertisements. For example, these cookies collect and remember information such as which browsers have visited our websites.

We also contract with third-party advertising networks that collect IP addresses and other information from web beacons on our websites, from emails and on third-party websites. Advertising networks follow your online activities over time and across different websites or other online services by collecting device and usage data through automated means, including through the use of cookies. These technologies may recognize you across the different devices you use, such as a desktop or laptop computer, smartphone or tablet. Third parties use this information to provide ads about products and services tailored to your interests. You may see their ads on other websites or mobile applications on any of your devices. This process also helps us manage and track the effectiveness of our marketing efforts. These technologies are further described below in this section 2.

You can choose to opt out of functional or targeting and advertising cookies. To change your cookie settings, click the Cookies Opt-out button at the bottom of this page.

Use of a newsletter When registering for our newsletter, you provide us with your email address and, where applicable, other contact information. We use this data solely for the purpose of sending you the newsletter. We retain the data that you disclose in your newsletter registration until you cancel your subscription. You can unsubscribe at any time via the link in the newsletter intended for this purpose, or by sending us the appropriate notification. By unsubscribing, you revoke the use of your email address.

Celonis websites. When provide your Personal Data through our any of our websites, which may include signing up for a demo/webinar, the use of Celonis Snap, or our Community or Training portals, you may provide us with your email address, name, and other related contact information. We use this data to process your intended request and related permissions. You can delete your account(s) on our websites at any time by providing us with an appropriate request. We will delete your account including any of your data stored in the account upon receipt of such request.

We also use your email address, which we receive in connection with the sale of a product or service, or in relation to your registration our websites for direct advertising in the form of marketing communications, and for user questionnaires, provided that you have not objected to having your email used in this way. You may opt-out of the use of your email address at any time without incurring any costs. Your opt-out can be communicated by emailing info@celonis.com.

Use of Google Analytics Our websites use Google Analytics, a web analytics service provided by Google, Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses a functional cookie. Google Analytics also creates a Remarketing Tag to retarget a user via Google Ads, which is an advertising cookie. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the US and stored there. However, in the event IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within states of the European Economic Area. The full IP address will be transmitted to a Google server in the U.S. and shortened only on an exceptional basis. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services to website operators relating to website activity and Internet usage. Google will not associate the IP address transmitted under Google Analytics by your browser with other data held by Google. You may prevent the storage of cookies by selecting the appropriate settings on your browser software; however, we should inform you in this case that you might not be able to enjoy all of the functionality of this website to its full extent. You may additionally prevent the recording of the data (including your IP address) to Google that is generated by the cookie and that pertains to your use of the website, or the processing of these data, by downloading and installing the following browser plug-in available through the following link: https://tools.google.com/dlpage/gaoptout?hl=en. In view of the discussion about the use of analytics tools with full IP addresses, we would like to point out that our website uses Google Analytics with the extension โ€œ_anonymizeIp()โ€ which means that IP addresses are used only in a shortened form in order to prevent any direct correlation to specific persons. For browsers on mobile devices, please click the link above to prevent anonymous tracking by Google Analytics and to activate a โ€œopt-out cookieโ€ for your browser.

Google AdWords Conversion Tracking Our websites use Google AdWords Conversion Tracking, a web analytics service that uses advertising cookies. Google AdWords Conversion Tracking also uses โ€œcookiesโ€ stored on your computer that allow analysis of your use of the website. Google AdWords Conversion Tracking also creates a Remarketing Tag to retarget a user via Google Ads, which is an advertising cookie. The information generated by the cookie about your use of this website is transmitted to a Google server in the US and stored there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services related to website activity and internet usage. Google may also transfer this information to third parties if required by law or in so far as third parties process this data on behalf of Google. Google will in no case connect the data with other data from Google.

Facebook Our online presence uses the โ€œFacebook Pixelโ€ developed by Facebook, Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA). This tool is an advertising cookie that makes it possible to track the behavior of users who have clicked on a Facebook ad and been directed to the website of the provider in question. The effectiveness of Facebook ads can then be assessed for statistical and market research purposes, which in turn can help optimize future advertising measures. The data we obtain through this process is anonymous, meaning it gives us no means of tracing the identity of any user. This information is stored and processed by Facebook on servers in the U.S., in order to facilitate a connection to each userโ€™s profile. Facebook can then use the data for its own advertising purposes in line with its data usage guidelines (https://www.facebook.com/about/privacy/). As a result, Facebook and its partners can insert ads both on and outside of Facebook. A cookie may also be stored on your computer for these purposes.

Salesforce Pardot Our websites use Pardot Services, an analysis tool of salesforce.com, Inc. (The Landmark @ One Market Street, San Francisco, CA 94105, USA). Pardot Services only set a maximum of three (3) cookies (โ€œVisitor Cookieโ€, โ€œOpt-In Cookieโ€ and โ€œPardot App Session Cookieโ€) are stored on your computer and enable analysis of your website usage. The Visitor Cookie generates an identification number which serves to re-identify the website visitor. The identification number is a numeric code which has no meaning outside Pardot Services. The Opt-in Cookie ensures that visitors who have opted for the โ€œdo not trackโ€ option are not applied with a Visitor Cookie. The Pardot App Session Cookie is only placed if a customer is logging onto the Pardot App as a user. All cookies only contain the generated numeric code, Personal Data is not collected. If you would like to avoid tracking by Pardot, you can ensure this by adjusting your browser settings or through a respective extension of your browser. Data collected though the Pardot Services are not used to identify individuals. None of the identification numbers are matched against other Personal Data.

LinkedIn Our online presence uses the โ€œLinkedIn Insight Tagโ€, an advertising cookie, provided by LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA). We use the LinkedIn Insight Tag to track conversions, retarget website visitors, and unlock additional insights about members interacting with our LinkedIn ads. The LinkedIn Insight Tag enables the collection of metadata such as IP address information, timestamp, and events such as page views. All data is encrypted. The LinkedIn browser cookie is stored in a visitorโ€™s browser until they delete the cookie or the cookie expires. With the help of the LinkedIn Insight Tag we are able to analyze the success of our campaigns within the LinkedIn platform or determine target groups for them based on the interaction of the users with our website. If you are registered with LinkedIn, it is possible for LinkedIn to associate your interaction with our online services with your user account. You can permanently opt out on this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. For more information on the Linkedin Privacy Policy, go to: https://www.linkedin.com/legal/privacy-policy. LinkedIn advertising cookie is used on the basis of Art. 6 (1) (f) GDPR. We have a legitimate interest in analyzing user behavior to optimize our website and advertising.

Terminus Our online presence uses the Terminus reverse IP tracking, which is a functional cookie. This tool uses cookies and web beacons such as invisible tracking pixels to gather non-personally identifiable information such as browser version, operating system, IP address, cookie information, time stamps, from which we gather company and other firmographic data associated with your IP address. Cookies are readable only by Terminus, with identifiers that may be linked to certain non-personally identifiable information or non-personally identifiable advertising IDs from third parties. We also use the โ€œTerminus Engageโ€ remarking tag to retarget ads via Terminus, which is an advertising cookie. You can visit https://terminus.com/privacy-policy/ for more information.

3. How we use, process, and disclose your information on specific activities

Specific information about the application process

Affected data:

Application information

Processing Purpose:

Implementation of application process

Categories of recipients:

Public authorities in the event of priority legislation.

External service providers or other contractors.

Other external bodies in so far as the data subject has given his consent or a transmission is permitted due to a prevailing interest.

Third-country transfers:

As part of contractual execution, processors could also be used outside the European Union.

Duration of data storage:

Application data will generally be deleted within four months after communication of the decision, unless consent has been given for a longer period of data storage.

Specific information for the processing of customer data/prospective partiesโ€™ data

Affected data:

Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent. Data required for processing in relation to marketing activities on the basis of your express consent or, where permitted by local laws, our legitmate business interest.

Processing Purpose:

Contract execution. Marketing our products and services to You.

Categories of recipients:

Public authorities in the event of priority legislation.

External service providers or other contractors.

Other external bodies in so far as the data subject has given his consent or a transmission is permitted due to a prevailing interest.

Third-country transfers:

As part of contractual execution, processors could also be used outside the European Union.

Duration of data storage:

The duration of data storage depends on the statutory storage requirements and is usually 10 years.

Specific information on the processing of employee data

Affected data:

Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.

Processing Purpose:

Contract execution.

Categories of recipients:

Public authorities in the event of priority legislation.

External service providers or other contractors.

Other external bodies in so far as the data subject has given his consent or a transmission is permitted due to a prevailing interest.

Third-country transfers:

As part of contractual execution, processors could also be used outside the European Union.

Duration of data storage:

The duration of data storage depends on the statutory storage requirements and is usually 10 years.

Specific information for the processing of supplier data

Affected data:

Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.

Processing Purpose:

Contract execution.

Categories of recipients:

Public authorities in the event of priority legislation.

External service providers or other contractors.

Other external bodies in so far as the data subject has given his consent or a transmission is permitted due to a prevailing interest.

Third-country transfers:

As part of contractual execution, processors could also be used outside the European Union.

Duration of data storage:

The duration of data storage depends on the statutory storage requirements and is usually 10 years.

4. EU-U.S. and Swiss-U.S. Privacy Shield Notice

Celonis U.S. has certified with and complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union, the United Kingdom (UK), and Switzerland to the United States. Celonis U.S. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. Once the UK is no longer a Member State of the European Union, We will comply with the EU-U.S. Privacy Shield in respect of the collection, use and retention of Personal Data transferred from the UK to the U.S. in reliance on the EUโ€“U.S. Privacy Shield, or any successor framework between the U.S. and the UK.

In compliance with the Privacy Shield Principles, Celonis commits to resolve complaints about our collection or use of your Personal Data. EU, UK, and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Celonis at: cfo@celonis.com, Attn: Legal Organization

Celonis has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and to Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU, UK, and Switzerland.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

Celonis U.S. is subject to the investigatory and enforcement powers of the FTC. If Celonis shares EU Data with a third-party service provider that processes the data solely on Celonisโ€™s behalf, then Celonis may be held liable for that third partyโ€™s processing of EU Data in violation of the Principles, unless Celonis can prove that it is not responsible for the event giving rise to the damage.

Requirement to Disclose. We may disclose Personal Data when we have a good faith belief that such action is necessary to: conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements; or to enforce our contractual obligations.

5. Identifying the Data Controller and DPO

Depending on your location, the Celonis entity described below is the controller of your Personal Data and responsible for the collection, processing and disclosure of your Personal Data as described in this Privacy Policy. Please note for all activity and related information collected on the Celonis website, Celonis SE is the processor of Personal Data.

Controller for all website activities and for all other activities hereunder if you are located outside North America:

Celonis SE

TheresienstraรŸe. 6

80333 Munich, Germany

Attn: Legal/CFO

cfo@celonis.com

Legal representative: Mr. Bastian Nominacher, Mr. Alexander Rinke

Contact details for data protection officer: Dr. Sebastian Kraska, email@iitr.de

Controller for all other activities if you are located in North America:

Celonis, Inc.

119 W 40th, 16th Floor

New York, NY, 10018, USA

Attn: Legal/CFO

cfo@celonis.com

6. Your rights

According to the General Data Protection Regulation 2016/679 of the European parliament and of the council of 27 April 2016 (the โ€œRegulationโ€), you have โ€“ at any time โ€“ a right of access, correction, and deletion of your data. In certain circumstances you also have the right to request the restriction of processing your Personal Data, to object to processing of your Personal Data, as well as the right to define guidelines related to the fate of your Personal Data after your death.

You have the right to object to your Personal Data being processed by us on the basis of our legitimate interests.

Where we are relying on consent to process your Personal Data you may withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried our before you withdraw your consent.

You also have the right to receive Personal Data which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller under conditions and in accordance with the Regulation.

You may exercise your rights by contacting us in writing, with a proof of your identity, at the address provided at: https://www.celonis.com/legal/. If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to the lead supervisory authority.

7. Your California Privacy Rights

This section provides additional details about the Personal Data we collect about California residents and the rights afforded to them under the California Consumer Privacy Act or โ€œCCPA.โ€ We are extending the same rights to all residents of the U.S. For purposes of the CCPA, the defined term Personal Data is the same as the term Personal Information as such term is defined in the CCPA.

For more details about the Personal Data we have collected over the last 12 months, including the categories of sources, please see section 2 & 3 above. We collect this information for the business and commercial purposes described above. We share this information with the categories of third parties described in section 2 above. We do not sell, as such term is defined in the CCPA, the Personal Data we collect and will not sell it without providing a right to opt out. However, we do use third-party cookies for our advertising purposes as further described in section 2. Further, we sometimes share Personal Data with our partners or they share your Personal data with us, but only if You have consented have such information be shared.

Subject to certain limitations, the CCPA provides You the right to request to know more details about the categories or specific pieces of Personal Data we collect (including how we use and disclose this information), to delete your Personal Data, to opt out of any โ€œsalesโ€ that may be occurring, and to not be discriminated against for exercising these rights.

You may make a request pursuant to your rights under the CCPA by contacting us at cfo@celonis.com, attn: Legal. We will verify your request using the information associated with your account (if any), including email address. Government identification may be required. You can also designate an authorized agent to exercise these rights on their behalf.

Cookies Opt-out

You can opt out of cookie usage by clicking the following button.

You have opted out of cookie -usage.

If cookies were previously enabled, please refresh your browser window to delete them.

Letโ€™s
get
started

Insights to inbox - Monthly newsletter

We've received your submission
Please fill in all the fields

By submitting this form, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Policy
Dear visitor, you're using an outdated browser. Parts of this website will not work correctly. For a better experience, update or change your browser.