BlackLine Systems has created this privacy statement (“Statement”) in order to demonstrate our commitment to customer privacy. Privacy on the BlackLine Systems web site (the “Site”) is of great importance to us. Because we gather important information from our visitors and customers, we have established this Statement as a means to communicate our information gathering and dissemination practices. We reserve the right to change this Statement and will provide notification of the change at least thirty (30) business days prior to the change taking effect. To be effective, the change will include directions on how users may respond to the change.

Collected Information

We require customers who register to use the services offered on our Site (collectively, the “Service”) to give us contact information, such as their name, company name, address, phone number, and e-mail address, and financial qualification and billing information, such as billing name and address, credit card number, and the number of users within the organization that will be using the Service. At the time you express interest in obtaining additional information, or when you register for the Service, we may also ask for additional personal information, such as title, department name, fax number, or additional company information, such as annual revenues, number of employees, or industry. Customers can opt out of providing this additional information by not entering it when asked. Customers can update or remove their personal information at any time by asking their organizations system administrator to update their user profile by logging into the Website and editing their user information through the user details page. Customers can view their updated profile to confirm their edits have been made.

BlackLine Systems uses the information that we collect to set up the Service for individuals and their organizations. We may also use the information to contact customers to further discuss customer interest in our company, the Service that we provide, and to send information regarding our company, such as promotions and events. Customers are invited to receive an e-mail newsletter by providing an e-mail address. Customer e-mail addresses and any personal customer information will not be distributed or shared with third parties. Customers can opt out of being contacted by us, or receiving such information from us, at any time by sending an e-mail to info@blackline.com. Separately, customers are also asked to provide an e-mail address when registering for the Service, in order to receive a username and password. We may also e-mail information regarding updates to the Service or company, and will send a Customer Newsletter. Again, e-mail addresses will not be distributed or shared and customers can opt out of receiving any communication by e-mailing info@blackline.com at the time it is distributed, or at the time any customer registers for the Service.

We do not disclose to third parties any information provided. All financial and billing information that we collect through the Site is used solely to check the qualifications of prospective customers and to bill for the Service. This billing information is not used by BlackLine Systems for marketing or promotional purposes. BlackLine Systems uses a third-party intermediary to handle the credit card processing. This intermediary is solely a link in the distribution chain, and is not permitted to store, retain, or use the information provided, except for the sole purpose of credit card processing.

Customers of the Service will be using the Site to host data and information (“Data”). BlackLine Systems will not review, share, distribute, print, or reference any such Data except as provided in the BlackLine Systems Master Subscription Agreement, or as may be required by law. Individual records may at times be viewed or accessed only for the purpose of resolving a problem, support issue, or suspected violation of the Master Subscription Agreement, or as may be required by law. Of course, customers are responsible for maintaining the confidentiality and security of their user registration and password.

BlackLine Systems may also collect certain information from visitors to and customers of the Site, such as Internet addresses. This information is logged to help diagnose technical problems, and to administer our Site in order to constantly improve the quality of the Service. We may also track and analyze non-identifying and aggregate usage and volume statistical information from our visitors and customers.

If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and e-mail address. BlackLine Systems will automatically send the friend a one-time e-mail inviting them to visit the site. BlackLine Systems does not store this information.

The Site may contain links to other web sites. BlackLine Systems is not responsible for the privacy practices or the content of these other web sites. Customers and visitors will need to check the policy statement of these others web sites to understand their policies. Customers and visitors who access a linked site may be disclosing their private information. It is the responsibility of the user to keep such information private and confidential.

Personal information received from the EU

When BlackLine Systems is a data controller – Safe Harbor compliance

BlackLine Systems adheres to the Safe Harbor Principles (Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement) as described in this Privacy Statement, with respect to the personal data we collect from EU data subjects or receive from our affiliates located in the EU, such as information regarding service requests, service orders, handling orders, delivering services and processing payments; and have certified our compliance with the Safe Harbor Framework to the United States Department of Commerce. BlackLine Systems’ Safe Harbor certification can be found at http://www.export.gov/safeharbor/.

When BlackLine Systems is a data processor

BlackLine Systems’ obligations with respect to personal data for which BlackLine Systems is solely a data processor, such as personal data that BlackLine Systems’ customers store or transfer using BlackLine Systems’ hosted services, are defined in its agreements with its customers and are not included in this Privacy Statement. In those circumstances BlackLine Systems receives personal data from the EU as an agent of the customer merely for processing and is not required to apply Safe Harbor principles to that information. The customer will remain responsible for the personal data that it collects and processes and for the compliance with applicable data protection laws.

Sensitive Information

We will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information. Sensitive Information

Children’s Online Privacy Protection

Our services are not designed for or directed to children under the age of 13, and we will not intentionally collect or maintain information about anyone under the age of 13.

Security

Our Site has security measures in place to help protect against the loss, misuse, and alteration of the Data under our control. When our Site is accessed using Microsoft Internet Explorer versions 6.0 or higher, Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help ensure that Data is safe, secure, and available only to you. BlackLine Systems hosts the Site in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders. Finally, BlackLine Systems provides unique user names and passwords that must be entered each time a customer logs on. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of Data.

Verification

BlackLine Systems utilizes the self-assessment approach to assure its compliance with its Privacy Statement. BlackLine Systems regularly verifies that the privacy statement is accurate, comprehensive, prominently displayed, completely implemented and in conformity with the Safe Harbor Principles and conducts its self-assessment on an annual basis to ensure that all relevant privacy practices are being followed. Appropriate employee training is in place and internal procedures for periodically conducting objective reviews of compliance are in place. A statement verifying this self-assessment is signed by a corporate officer or other authorized representative at least once a year.

Opt-Out Policy

BlackLine Systems offers its visitors and customers a means to choose how we may use information provided. If, at any time after registering for information or ordering the Service, you change your mind about receiving information from us or about sharing your information with third parties, send us a request specifying your new choice. Simply send your request to info@blackline.com.

Correcting & Updating Your Information

If customers need to update or change registration information they may do so by editing the user or organization record. To update a User Profile, have your organizations system administrator log on to BlackLine Systems and select Users to add or update information. To update Organization’s data, please e-mail info@blackline.com. To update billing information, please e-mail billing@blackline.com or call 877.777.7750. To discontinue the Service and to have data returned, e-mail info@blackline.com or call 877.777.7750. BlackLine Systems will respond to your correction or update request within at most 30 days from the date of your request.

Additional Information

Questions regarding this Statement or the practices of this Site should be directed to BlackLine Systems’ Security Administrator by e-mailing such questions to info@blackline.com or by regular mail addressed to BlackLine Systems, Inc., Attn: Security Administrator, 21300 Victory Blvd., 12th Floor, Woodland Hills, CA 91367.