OneStream Software LLC. has created this comprehensive legal notice in order to demonstrate our commitment to customer privacy.
This Privacy Statement starts with a general statement of our privacy practices and then provides specific information for residents of California and data subjects who are in the European Economic Area.
If you are a resident of California or in the European Economic Area, please refer to that information in addition to the general statement.
When you or your representative or agent give us personal information of, or about, you, you consent (and/or your agent consents on your behalf) to the collection, storage, processing, sharing and other activities with respect to your information as provided for in this Privacy Statement. This Privacy Statement does not apply to human resources information with respect to OneStream’s own employees, which is covered by OneStream’s internal privacy policies.
When this Privacy Statement refers to “OneStream,” “we, “us,” “our,” or similar terms, it means OneStream Software LLC, a Delaware, USA, limited liability company, or the specific division, subsidiary, or affiliate that collects, stores, uses, and/or shares personal information under a OneStream brand.
When this Privacy Statement refers to “you” or uses similar words, it means the subject of the personal information discussed in this Privacy Statement.
Other privacy statements might also apply to specific services for which you sign up, or to OneStream apps and/or resources that you use. Those privacy statements should be read together with this one. Other third-party services or applications that are used in connection with OneStream’s services might also have their own privacy statements. Those statements have separate terms and should be read independently from this Privacy Statement.
OneStream collects personal information like name, address, telephone number, other contact information, billing and payment information, information about business roles, and information about software and service support requirements and inquiries.
OneStream, or its Internet service provider (“ISP”), may collect log-file information, such as Internet protocol (“IP”) addresses, browser type, ISP, referring/exit pages, platform type, date/time stamp, and number of clicks.
If you provide personal information of a third party to OneStream (such as when you sign up a colleague to receive information from or about OneStream or when you provide information about a person (such as an employee) to enable the person to have credentials or receive services), you represent and warrant to OneStream that you have all necessary authority to provide that information to OneStream and to grant to OneStream all rights in the information necessary for OneStream to do everything with that information that this Privacy Statement permits OneStream to do.
OneStream collects some of the information directly from you when you provide it to OneStream, whether through OneStream’s website(s) or OneStream applications, at conferences or marketing events, and when you acquire goods and/or services from OneStream or its affiliates or suppliers.
If you use OneStream’s goods, services, or software as an employee or contractor for another person, OneStream often receives personal information about you from your employer or customer, such as for credentialing and user-access information necessary for you to use OneStream’s goods, services, and/or software.
OneStream collects information from other sources, as well, such as directories, membership lists, conference attendee information, people who acquire OneStream services for you or for your benefit, and third-party information providers.
OneStream uses personal information in the following ways.
If OneStream anonymizes or deidentifies the information (combines it with other information, redacts it, or otherwise makes it so that it no longer reasonably identifies you), OneStream can use the information for any purpose.
It is OneStream’s policy to refrain from knowingly collecting or maintaining personally identifiable information relating to any person under the age of 18. If you are under the age of 18, please do not supply any personal information to OneStream. If you are under the age of 18 and have already provided personal information to OneStream, please have your parent or guardian contact OneStream immediately using the information below so that OneStream can remove such information from its files. If you are the parent or guardian of a person under the age of 18 and you have reason to believe that that person’s personal information has been collected by OneStream, please contact OneStream immediately.
OneStream may also serve, provide, or designate the content of ads or other presentations on third-party websites, including on third-party websites or as part of third-party services. Some cookies or similar devices exist only during a particular session, and some are persistent over multiple sessions over time.
These methods can allow you to maintain your account log-in information and other information between visits, and they allow OneStream to measure and record activity.
You can set your web browser to reject cookies. Each browser is different, so you should check your browser’s “Help” menu to learn how to change your cookie preferences. If you reject or block cookies, OneStream’s website(s) might not function as intended.
Many web browsers have a “do not track” setting. That said, there is no widely-accepted standard (through the World Wide Web Consortium or otherwise) governing what should happen when a user selects “do not track” in his or her browser. If and when an industry consensus is reached about how to treat a “do not track” setting, OneStream will determine whether to follow that consensus approach. In the meantime, enabling “do not track” in your browser will not change what information is exchanged with your computer, or how that information is used.
You might be able to exercise choices regarding third-party cookies and/or tracking devices. You can obtain more information about those choices at https://www.networkadvertising.org/choices/ or https://www.aboutads.info/choices/.
OneStream operates primarily in the United States and Europe and expects that personal information will mostly be collected, stored, used, processed, and shared in and from those jurisdictions. The protections of personal information under the law in those jurisdictions might be different from the protections under the law of your jurisdiction. You consent to the collection, processing, use, sharing, and storage in, and transfer to, from, and among, these jurisdictions and such other jurisdictions as are reasonably necessary for OneStream’s conduct of its business.
One or more OneStream websites or other resources might contain links to other websites or other resources that are not operated by OneStream. OneStream does not operate those websites or resources, and OneStream cannot control the information that the operators of such websites gather or what the operators of such websites do with the information. OneStream is not responsible for the activities of the operators of such other websites or resources.
OneStream uses, and requires that its service providers use, commercially reasonable physical, technical, and other safeguards designed to prevent unauthorized access to, use of, or alteration of, your information.
OneStream sometimes supplements the information that it receives from you with other information that OneStream receives from third-party sources, such as credit card issuers, directories, and/or information clearinghouses.
For the purposes of any applicable law regarding notification of persons whose personal information was, or is reasonably believed to have been, acquired by an unauthorized person, OneStream’s information security policy provides that any required notification may, where permitted by law, be made by the use of e-mail, telephone, fax, mail (including, but not limited to, a notice printed in an available area of a bill or statement) or posting a notice on a OneStream website or other electronic resource. The specific means used is up to OneStream, and OneStream will use its commercially reasonable judgment based on the circumstances. Where any notice is to be sent to a specific address or number (such as e-mail address, physical address, telephone number, etc.), OneStream will use the latest available address in its records. EXCEPT TO THE EXTENT PROHIBITED BY LAW, YOU AGREE TO THIS MEANS OF NOTIFICATION.
If your personal information changes, if you have reason to believe that your personal information as OneStream maintains it is incorrect, or if you no longer desire service, you may contact OneStream using the contact information below and OneStream will accommodate all reasonable requests for such changes.
Note that California residents might have additional or different rights. Please refer to that portion of this Privacy Statement to determine whether those rights apply to you.
Users who no longer wish to receive newsletters, digital notifications, or promotional materials or have their information provided to third parties may opt to not receive such communications or have information shared by contacting OneStream using the information below. Please be prepared to tell us the specific OneStream good or service with respect to which you wish to opt out. OneStream will comply with such requests as soon as is commercially practicable. Such compliance may involve batch processing and other processes that take 30 days or longer. If you opt not to receive such communications or allow OneStream to share your information and then give your personal information to OneStream again using a site or under other circumstances that permit us to use your information, OneStream will regard your opt-out as rescinded.
Note that opting out will not have any effect on information that OneStream has shared with third parties as permitted by this Privacy Statement.
To change your preference with regard to the way your information is treated, contact us using the contact information below.
Note that California residents might have additional or different rights. Please refer to that portion of this Privacy Statement to determine whether those rights apply to you.
If, after opting out, you do certain things that invite us to use your personal information again, OneStream will regard you as having opted back in. Examples include, but aren’t limited to, asking one of OneStream’s personnel (verbally or otherwise) to send you information, signing up for an event, or similar communications or transactions. As always, OneStream will abide by the provisions of this Privacy Statement with respect to your personal information that you provide to OneStream.
OneStream will use commercially reasonable efforts to timely make any changes you request. Many such changes are accomplished using batch processing (i.e. collecting a number of similar change requests and making all such changes at once), so the changes might not be immediately effective. If you require an immediate change to your personally identifiable information and are unable to make such a change using the available site resources, please contact us.
Note that California residents and those in the European Economic Area might have additional or different rights. Please refer to that portion of this Privacy Statement to determine whether those rights apply to you.
Except as stated below, OneStream will use information in accordance with the privacy statement, or version of the privacy statement, under which the information was collected.
If OneStream decides to use information about you in a manner different from that stated in the privacy statement in effect at the time of collection, OneStream will notify you by e-mail if, and to the extent that, you have provided your e-mail address. If you reply to such an e-mail within a reasonable time and request that OneStream not use your personally identifiable information in the proposed new manner, OneStream will honor your request, but OneStream reserves the right to suspend your access to all or part of the services offered through one or more sites if you do so.
If you do not reply to such an e-mail, or OneStream receives a reply of “undeliverable” or similar message from your last known e-mail address, in either case after a reasonable time, OneStream will use the information in the proposed new manner.
Please be sure to update your e-mail and other contact information from time to time so that you don’t miss any communication by OneStream of the kind contemplated by this section.
Notwithstanding anything else in this privacy statement to the contrary, OneStream may collect personal information and use such information in ways other than those described above if OneStream is required to do so by law or if OneStream deems it advisable in the course of assisting law enforcement activities or protecting OneStream’s sites, resources, or property. Without limiting the foregoing, OneStream reserves the right to use and disclose any information that you provide to us if OneStream deems it advisable in the prosecution or defense of any litigation involving your use of OneStream’s goods, services, or software.
The California Consumer Privacy Act (it “CCPA) provides specific rights to consumers who reside in California regarding their personal information. Note that OneStream does not sell the information of California consumers. The following permissions apply to California consumers. To the extent that the following provisions are different from the general provisions above, the following provisions prevail.
Right to Know
You have the right to send us a request, not more than twice in a 12-month period, for any of the following information.
Right to Deletion
You have the right to request that we delete any of your personal information that it has collected from you and retained, subject to certain exceptions.
For example, we may deny your deletion request if retaining the information is necessary for us to complete the transaction or service that you requested, detect security incidents, or enable internal uses that are reasonable aligned with your expectations.
How to Exercise your California Privacy Rights
The following provisions apply to persons in the European Economic Area (the “EEA”). To the extent that the following provisions are different from the general provisions above, the following provisions prevail.
If we transfer your personal information to a third party and that transfer, or an act or omission by the third party, results in a violation of this Privacy Statement or applicable EEA law, we are liable for the transfer and/or the act or omission, even if it was the third party that committed the act or omission.
Where we transfer personal information to a third party acting as an agent, (i) we transfer such data only for limited and specified purposes; (ii) we require (usually by contract) at least a level of privacy protection consistent with this Privacy Statement; (iii) we take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with our obligations under this Privacy Statement; and (iv) we take reasonable and appropriate steps to stop and remediate unauthorized processing.
You have the right to choose (opt out) whether your personal information is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by you. If you wish to exercise any of these choices, please contact us using the information below. This choice/opt-out doesn’t apply where the sharing of your personal information is with a third party who is acting as our agent (such as our service providers who perform services that help us to run our business). We won’t provide your personal information to a third party under these circumstances unless we have a contract in place with that third party that requires the third party to comply with obligations consistent with this Privacy Statement.
We do not intentionally or knowingly collect or maintain information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation. Please don’t provide such information to us. If you think that we have collected, or that you have provided, such information to us, please contact us immediately so that we can delete it.
We process personal information that we need in order to carry out our business. We only process personal information in a way that is compatible with the purposes for which we collected it or subsequently authorized by the data subject.
We take reasonable steps to ensure that personal information is reliable for its intended use, accurate, complete, and current.
We adhere to this Privacy Statement for as long as we retain the personal information.
Except as otherwise permitted by law, we destroy or anonymize personal information after it no longer serves a purpose of processing as contemplated above.
We give data subjects access to such personal information as we have that pertains to them and will help to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of this Privacy Statement or applicable law. If you wish to contact us to access your information, you can do so using the contact information below. We reserve the right to limit such access and related activity where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated.
We will disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
OneStream Software, LLC
362 South Street
Rochester, Michigan 48307
E-Mail: [email protected]