Close

Last Update: September 2020

Celonis Privacy Policy

1. General Information

2. Specific information on data processing on our websites

3. Specific information on data processing of certain data subject categories

4. Your Rights

5. Your California Privacy Rights

1.ย ย ย General Information

1.1 Scope

This Celonis Privacy Policy (โ€œPrivacy Policyโ€) describes how we collect, use, protect, and is close information associated with a natural person (โ€œPersonal Dataโ€), and what choices you have with respect to the Personal Data. This Privacy Policy applies when you

  • access or use any of our websites,

  • receive communications from us, incl. emails, phone calls, or texts,

  • access other digital properties such as our social media pages,

  • when you attend events hosted or attended by Celonis,

  • access our cloud services, contact us for customer support or sign up for a training where we act as controller of your Personal Data,

  • or when you otherwise interact with us.

These services are hereinafter collectively indicated as the โ€œServicesโ€.

1.2 Name of Controller and Data Protection Officer

When we refer to โ€œCelonisโ€, we mean the Celonis entity that acts as the controller of your information. Depending on your location, the Celonis entity described below is the controller of your Personal Data and responsible for the collection, processing and disclosure of your Personal Data as described in this Privacy Policy.

Controller for all website activities and for all other activities hereunder if you are located outside North America:

  • Celonis SE

  • Address: TheresienstraรŸe 6, 80333 Munich, Germany

  • Legal representative: Bastian Nominacher, Alexander Rinke

  • Data protection officer:ย Dr. Sebastian Kraska, email@iitr.de

Controller for all other activities if you are located in North America:

  • Celonis, Inc.

  • Address: 119 W 40th, 16th Floor, New York, NY, 10018, USA

  • Attn: Legal/CFO, cfo@celonis.com

1.3 Update of the Privacy Policy

We may change this Privacy Policy at any time or substitute this Privacy Policy at our sole discretion. You should check regularly for the most up-to-date version of this Privacy Policy whenever you access the Services.

1.4 Data Collected

The Personal Data that we collect directly from you may include the following: if you express an interest in obtaining additional information about our services, request customer support, contact us directly via the website or otherwise, register to use our websites, sign up for an event or webinar, or download certain content, we generally require you to provide us with your contact information, such as your name, job title, company name, address, phone number, email address, or username and password.

If you use and interact with our websites, we automatically collect log files and other information about your device and your usage of our websites through cookies, web beacons or similar technologies, such as IP-addresses or other identifiers, which may qualify as Personal Data (see section 2 below).

1.5 Processing Purposes

We process Personal Data for the purpose of providing the requested Services. We may also process Personal Data for marketing purposes.

1.6 Origin of Data

In most cases, the personal data is provided by yourself. We may also obtain Personal Data from transactions with your employer or, based on our express consent, from other third parties.

1.7 Recipients

Your personal data may be transferred to affiliates of Celonis SE as well as to a limited number of third-party providers. These third-party providers perform operations such as database monitoring, data storage and hosting services, and provisioning of customer support software tools. These third parties may access, process, or store Personal Data in the course of providing these services, but based on our instructions only.

Further we share data with the following categories:

  • Public authorities in the event of priority legislation

  • External service providers or other contractors

  • Other external bodies in so far as you have given your consent or a transmission is permitted due to a prevailing interest

Where we ask third parties to host or present at certain events like webinars or trainings, and further provided that your name and contact details are required to attend the respective event (e.g. to log on or to register), we may forward such personal data to the respective third party who may use this data to provide access to the event and also to contact you for related sales purposes.

1.8 Transfer of data outside the EEA

Celonis may transfer your Personal Data to countries to subsidiaries or third-party providers located outside the European Economic Area (EEA). If personal data is transferred to countries which are not subject to an adequacy decision by the European Commission we will ensure that such recipient offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR), or we will ask you for your prior consent to such international data transfers.

1.9 Duration of data storage

Celonis will only store your data for as long as it is necessary to provide the requested Service, unless otherwise requested by You. After you have revoked your consent for data processing or have objected to data processing your data will be deleted. If legal regulations apply that require longer storage of your personal data, or if Celonis needs your personal data to assert legal claims or defend against legal claims, Celonis will store your personal data until the expiration of the corresponding storage period or until the settlement of the claims.

1.10 Legal basis for the processing

Any processing of your Personal Data that goes beyond the scope of the statutory permission is only possible on the basis of your express consent, or, where permitted by local laws, on the basis of our legitimate interests.

2. Specific information on data processing on our websites

2.1 Entry of Personal Data on Celonis websitesย 

When you provide your Personal Data through any of our websites, e.g. when signing up for a demo/webinar, the registration of Celonis Snap, or interacting with our Community or use of our training portals, you may provide us with your email address, name, and other related contact information. We use this data to process your intended request and related permissions. You can delete your account(s) on our websites at any time by providing us with an appropriate request. We will delete your account including any of your data stored in the account upon receipt of such request.

We also use your email address, which we receive in connection with the sale of a product or service, or in relation to your registration on our websites for direct advertising in the form marketing communications, and for user questionnaires. You may opt-out of such use of your email address at any time by emailing to info@celonis.com.

When registering for our newsletter, you provide us with your email address and, where applicable, other contact information. We use this data solely for the purpose of sending you the newsletter. We retain the data that you disclose in your newsletter registration until you cancel your subscription. You can unsubscribe at any time via the link in the newsletter intended for this purpose, or by sending us the appropriate notification.

2.2 Use of cookies and other tracking technologies

We use โ€œcookiesโ€ and similar technologies alone or in conjunction with cookies to increase user-friendliness and compile information about the usage of our websites and your interactions with communications from us. Cookies are text files sent by the web server to the userโ€™s browser and stored there for later retrieval and to enable certain

functionality. We use both session-based and persistent cookies on our websites. To change your cookie settings, click the link at the bottom of this page (โ€œPrivacy Settingsโ€). You can also control the use of cookies at the individual browser level but choosing to disable cookies may limit your use of certain features or functions on our websites and services.

We also use web beacons on our websites and in email communications. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to one of our websites. Such technologies are used to operate and improve our websites and email communications. For instructions on how to unsubscribe from our marketing emails, please email info@celonis.com attn: unsubscribe.

The following describes the types of cookies we utilize:

  • Required Cookies. Required cookies are necessary for basic website functionality, e.g. session cookies to transmit the website, authentication cookies, and security cookies. If you have chosen to identify yourself to us, we may place on your browser a cookie that allows us to uniquely identify you when you are logged into our websites, our Services, and to process your online transactions and requests. Required cookies are essential to operate our sites, and there is no option to opt out of these cookies.

  • Functional Cookies. Functional cookies enhance functions, performance, and services on the website, e.g. cookies to analyze site traffic, cookies for market research, and cookies to display advertising that is not directed to a particular individual. Functional cookies are used to improve how our websites function and to help us provide you with more relevant communications, including marketing communications. These cookies collect information about how our websites are used, including which pages are viewed most often. We may use third-party technology to track and analyze usage information to provide enhanced interactions and more relevant communications, and to track the performance of our marketing campaigns.

  • Targeting or Advertising Cookies. Targeting or advertising cookies track activity across websites in order to understand your interests, and to direct specific marketing to you. We sometimes use cookies delivered by us or by third parties to show you ads for our products that we think may interest you on devices you use and to track the performance of our advertisements. For example, these cookies collect and remember information such as which browsers have visited our websites.

We also contract with third-party advertising networks that collect IP addresses and other information from web beacons on our websites, from emails and on third-party websites. Advertising networks follow your online activities over time and across different websites or other online services by collecting device and usage data through automated means, including through the use of cookies. These technologies may recognize you across the different devices you use, such as a desktop or laptop computer, smartphone or tablet. Third parties use this information to provide ads about products and services tailored to your interests. You may see their ads on other websites or mobile applications on any of your devices. This process also helps us manage and track the effectiveness of our marketing efforts. These technologies are further described below.

You can change your cookie settings here.

2.3 Taboola

Our Site and Services have embedded Taboola cookies for analytics and advertising purposes. In order to target advertisements to you for Our services that may interest you, we may use cookies, JavaScript, web beacons (including clear GIFs), HTML5 local storage, and other technologies. Taboola may also work with third parties such as ad networks, which are third parties that display advertisements based on your visits to websites that you have visited in the past. These advertisers will deliver you targeted advertisements for products and services that may interest you. For details of Taboola cookies usage, please click here. For Taboolaโ€™s privacy policy please click here.

2.4 Use of Google Analyticsย 

Our websites use Google Analytics, a web analytics service provided by Google, Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses a functional cookie. Google Analytics also creates a Remarketing Tag to retarget a user via Google Ads, which is an advertising cookie. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the U.S. and stored there. However, in the event IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within states of the European Economic Area. The full IP address will be transmitted to a Google server in the US and shortened only on an exceptional basis. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services to website operators relating to website activity and Internet usage. Google will not associate the IP address transmitted under Google Analytics by your browser with other data held by Google. You may prevent the storage of cookies by selecting the appropriate settings on your browser software; however, we should inform you in this case that you might not be able to enjoy all of the functionality of this website to its full extent. You may additionally prevent the recording of the data (including your IP address) to Google that is generated by the cookie and that pertains to your use of the website, or the processing of these data, by downloading and installing the following browser plug-in available through the following link: https://tools.google.com/dlpage/gaoptout?hl=en. In view of the discussion about the use of analytics tools with full IP addresses, we would like to point out that our website uses Google Analytics with the extension โ€œ_anonymizeIp()โ€ which means that IP addresses are used only in a shortened form in order to prevent any direct correlation to specific persons. For browsers on mobile devices, please click to the link above to prevent anonymous tracking by Google Analytics and to activate a โ€œopt-out cookieโ€ for your browser.

2.5 Google AdWords Conversion Trackingย 

Our websites use Google AdWords Conversion Tracking, a web analytics service that uses advertising cookies. Google AdWords Conversion Tracking also creates a Remarketing Tag to retarget a user via Google Ads, which is an advertising cookie. The information generated by the cookie about your use of this website is transmitted to a Google server in the U.S. and stored there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services related to website activity and internet usage. Google may also transfer this information to third parties if required by law or in so far as third parties process this data on behalf of Google. Google will in no case connect the data with other data from Google.

2.6 Facebookย 

Our online presence uses the โ€œFacebook Pixelโ€ developed by Facebook, Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA) (โ€œFacebookโ€). This tool is an advertising cookie that makes it possible to track the behavior of users who have clicked on a Facebook ad and been directed to the website of the provider in question. The effectiveness of Facebook ads can then be assessed for statistical and market research purposes, which in turn can help optimize future advertising measures. The data we obtain through this process is anonymous, meaning it gives us no means of tracing the identity of any user. This information is stored and processed by Facebook on servers in the U.S., in order to facilitate a connection to each userโ€™s profile. Facebook can then use the data for its own advertising purposes in line with its data usage guidelines (https://www.facebook.com/about/privacy/). As a result, Facebook and its partners can insert ads both on and outside of Facebook.

2.7 Salesforce Pardotย 

Our websites use Pardot Services, an analysis tool of salesforce.com, Inc. (The Landmark @ One Market Street, San Francisco, CA 94105, USA). Pardot Services only set a maximum of three (3) cookies (โ€œVisitor Cookieโ€, โ€œOpt-In Cookieโ€ and โ€œPardot App Session Cookieโ€) which are stored on your computer and enable analysis of your website usage. The Visitor Cookie generates an identification number which serves to re-identify the website visitor. The identification number is a numeric code which has no meaning outside Pardot Services. The Opt-in Cookie ensures that visitors who have opted for the โ€œdo not trackโ€ option are not applied with a Visitor Cookie. The Pardot App Session Cookie is only placed if a customer is logging onto the Pardot App as a user. All cookies only contain the generated numeric code, Personal Data are not collected. If you would like to avoid tracking by Pardot, you can ensure this by adjusting your browser settings or through a respective extension of your browser. Data collected though the Pardot Services are not used to identify individuals. None of the identification numbers are matched against other personal information.

2.8 LinkedInย 

Our online presence uses the โ€œLinkedIn Insight Tagโ€ of LinkedIn, which is an advertising cookie. Provider is the LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA). We use the LinkedIn Insight Tag to track conversions, retarget website visitors, and unlock additional insights about members interacting with our LinkedIn ads. The LinkedIn Insight Tag enables the collection of metadata such as IP address information, timestamp, and events such as page views. All data is encrypted. The LinkedIn browser cookie is stored in a visitorโ€™s browser until they delete the cookie or the cookie expires. With the help of the LinkedIn Insight Tag we are able to analyze the success of our campaigns within the LinkedIn platform or determine target groups for them based on the interaction of the users with our website. If you are registered with LinkedIn, it is possible for LinkedIn to associate your interaction with our online services with your user account. You can permanently opt out at this link:ย https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. For more information on the LinkedIn Privacy Policy, go to:ย https://www.linkedin.com/legal/privacy-policy.

2.9 Terminus

Our online presence uses Terminus reverse IP tracking, which is a functional cookie. This tool uses cookies and web beacons such as invisible tracking pixels to gather non-personally identifiable information such as browser version, operating system, IP address, cookie information, time stamps, from which we gather company and other firmographic data associated with your IP address. Cookies are readable only by Terminus, with identifiers that may be linked to certain non-personally identifiable information or non-personally identifiable advertising IDs from third parties. We also use the โ€œTerminus Engageโ€ remarking tag to retarget ads via Terminus, which is an advertising cookie. You can visit https://terminus.com/privacy-policy/ for more information.

3. Specific information on data processing of certain data subject categories

3.1 Specific information on the processing of Applicant Data

Affected data:

  • Application information

Processing Purpose:

  • Implementation of application process

Categories of recipients:

  • Public authorities in the event of priority legislation

  • External service providers or other contractors

  • Other external bodies in so far as you have given your consent or a transmission is permitted due to a prevailing interest

Third-country transfers:

  • As part of contractual execution, processors could also be used outside the European Union.

Duration of data storage:

  • Application data will generally be deleted within four months after communication of the decision, unless consent has been given for a longer period of data storage.

3.2ย Specific information on the processing of Employee Data

Affected data:

  • Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.

Processing Purpose:

  • Contract execution

Categories of recipients:

  • Public authorities in the event of priority legislation

  • External service providers or other contractors

  • Other external bodies in so far as you have given your consent or a transmission is permitted due to a prevailing interest

Third-country transfers:

  • As part of contractual execution, processors could also be used outside the European Union.

Duration of data storage:

  • The duration of data storage depends on the statutory storage requirements and is usually 10 years.

3.3 Specific information on the processing of Customer Data/Prospective Partiesโ€™ Data

Affected data:

  • Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.

  • Data required for processing in relation to marketing activities on the basis of your express consent or, where permitted by local laws, our legitimate business interest.

Processing Purpose:

  • Contract execution

  • Marketing our products and services to You

Categories of recipients:

  • Public authorities in the event of priority legislation

  • External service providers or other contractors

  • Other external bodies in so far as you have given your consent or a transmission is permitted due to a prevailing interest.

Third-country transfers:

  • As part of contractual execution, processors could also be used

    outside the European Union.

Duration of data storage:

  • The duration of data storage depends on the statutory storage requirements and is usually 10 years.

3.4 Specific information on the processing of Supplier Data

Affected data:

  • Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.

Processing Purpose:

  • Contract execution.

Categories of recipients:

  • Public authorities in the event of priority legislation.

  • External service providers or other contractors.

  • Other external bodies in so far as the data subject has given his consent or a transmission is permitted due to a prevailing interest.

Third-country transfers:

  • As part of contractual execution, processors could also be used outside the European Union.

Duration of data storage:

  • The duration of data storage depends on the statutory storage requirements and is usually 10 years.

4. Your Rights

According to the General Data Protection Regulation of the European Parliament (the โ€œGDPRโ€), you have the right of access, rectification, and erasure of your Personal Data. In certain circumstances you also have the right to request the restriction of processing your Personal Data, to object to processing of your Personal Data.

You have the right to object to your Personal Data being processed by us on the basis of our legitimate interests.

Where we are relying on consent to process your Personal Data you may withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.

You also have the right to receive Personal Data which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller under conditions and in accordance with the Regulation.

You may exercise your rights by contacting us in writing, with a proof of your identity, at privacy@Celonis.com. If You are resident of the EU You also have the right to direct questions or complaints to the lead supervisory authority.

5. Your California Privacy Rights

This section provides additional details about the Personal Data we collect about California residents and the rights afforded to them under the California Consumer Privacy Act or โ€œCCPA.โ€ We are extending the same rights to all residents of the U.S. For purposes of the CCPA, the defined term Personal Data is the same as the term Personal Information as such term is defined in the CCPA.

For more details about the Personal Data we have collected over the last 12 months, including the categories of sources, please see section 2 & 3 above. We collect this information for the business and commercial purposes described above. We share this information with the categories of third parties described in section 2 above. We do not sell, as such term is defined in the CCPA, the Personal Data we collect and will not sell it without providing a right to opt out. However, we do use third-party cookies for our advertising purposes as further described in section 2. Further, we sometimes share Personal Data with our partners or they share your Personal data with us, but only if You have consented have such information be shared.

Subject to certain limitations, the CCPA provides You the right to request to know more details about the categories or specific pieces of Personal Data we collect (including how we use and disclose this information), to delete your Personal Data, to opt out of any โ€œsalesโ€ that may be occurring, and to not be discriminated against for exercising these rights.

You may make a request pursuant to your rights under the CCPA by contacting us at cfo@celonis.com, attn: Legal. We will verify your request using the information associated with your account (if any), including email address. Government identification may be required. You can also designate an authorized agent to exercise these rights on their behalf.

Insights to inbox - Monthly newsletter

We've received your submission
Please fill in all the fields

By submitting this form, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Policy
Dear visitor, you're using an outdated browser. Parts of this website will not work correctly. For a better experience, update or change your browser.