Effective: March 16, 2017
BlackLine Systems, Inc. and its affiliates (“BlackLine”) are committed to protecting the privacy of visitors to BlackLine’s public web site at www.blackline.com (“Public Website”) and of customers using BlackLine’s hosted service web site (“Hosted Service”), and has established this privacy statement (“Statement”) to inform you of BlackLine’s information gathering and dissemination policies and practices regarding use of the Public Website and/or the Hosted Service.
BlackLine participates in the EU-US Privacy Shield Framework established by the U.S. Department of Commerce and European Commission regarding the collection, use and retention of personal information from European Union member countries and subject to enforcement by the Federal Trade Commission (See www.commerce.gov/page/eu-us-privacy-shield for additional information). BlackLine has certified that it adheres to the relevant Privacy Shield Principles. BlackLine’s participation in the Privacy Shield applies to all personal data that is subject to this Statement and is received from the European Union, European Economic Area and Switzerland.
BlackLine remains responsible for any of personal information that is shared under the Onward Transfer Principle with third parties for external processing on its behalf, as described in the “Sharing of Information Collected” sections below. In addition, as part of BlackLine’s participation in the Privacy Shield Framework, it has designated JAMS as its ADR provider for resolving disputes under the EU-U.S. Privacy Shield. For more information on JAMS as an ADR provider and the procedure for filing complaints, please see www.jamsadr.com/eu-us-privacy-shield and the Dispute Resolution section set forth below.
BlackLine is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”) with respect to personal information received or transferred pursuant to the Privacy Shield Framework.
Further information related to the EU-US Privacy Shield is available at www.commerce.gov/page/eu-us-privacy-shield.
As you navigate the Public Website, BlackLine may collect information such as your Internet Protocol address, Web browser information and your actions while on the Public Website. This information will be collected, if at all, through the use of commonly-used information-gathering tools, such as cookies and Web beacons. Standing alone, this information does not personally identify you.
When expressing interest in BlackLine’s products or services, you may have the option to provide contact information such as your name, organization name, address, e-mail address, phone number, number of employees or annual company revenue. You may also have the option of engaging in a “live chat” or other form of interactive communication, during which BlackLine may collect a record of information disclosed by you. Providing this optional information is voluntary on your part, and in the absence of providing such information you remain anonymous to BlackLine.
We use your information, including your personal information, for the following purposes:
BlackLine will not share your information, including personal information, with third parties, except as follows:
The Public Website may contain links to other web sites or third party applications such as Facebook, Twitter, LinkedIn or YouTube. BlackLine is not responsible for the privacy practices or the content of these other web sites or applications, and we advise you to refer to the policy statement of these third parties to understand how they collect and use information.
BlackLine also collects information, including personal information, from users of the Hosted Service (“User Information”). Access to the Hosted Service is subject to the terms and conditions of a Master Subscription Agreement or similar agreement between BlackLine and the party or entity that has subscribed to the Hosted Service. Any User Information provided through the Hosted Service will be subject to this Statement, unless otherwise specified in the Master Subscription Agreement.
BlackLine collects the following User Information in connection with the Hosted Service:
BlackLine uses User Information for the sole purpose of providing and improving the Hosted Service, maintaining security, and diagnosing technical problems as further described in its Master Subscription Agreement.
BlackLine will not share User Information with third parties, except as follows:
To receive a copy of, update or access information you have provided to, BlackLine via the Public Website, please send an e-mail to: email@example.com. BlackLine will respond to any correction or update request within at most thirty (30) days from the date of your request. BlackLine offers its visitors and customers a means to choose how we may use personal information provided. If, at any time after providing personal information, you change your mind about receiving information from us or about sharing your information with third parties, send a request specifying your new choice to:firstname.lastname@example.org
Cookies are unique identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Public Website and Hosted Service, while others are used to enable a faster log-in process or to allow us to track your activities at our Public Website and Hosted Service. There are two types of cookies: session and persistent cookies.
Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie or how to disable cookies altogether. Visitors to our Public Website or Hosted Service who disable cookies will be able to browse certain areas of the site, but some features may not function.
We will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information.
Neither the Public Website nor the Hosted Service are designed for or directed to children under the age of 13, and we will not intentionally collect or maintain information about anyone under the age of 13.
The Public Website and Hosted Service have security measures in place to help protect against the loss, misuse, and alteration of information and data under our control. When our Public Website or Hosted Service is accessed using Internet Explorer 11, or recent versions of Firefox or Chrome Transport Layer Security (TLS) is employed to encrypt all communications and to help ensure data confidentiality. Hosted Service uses authentication mechanisms to help ensure that information and data is safe and secure. BlackLine hosts the Public Website and Hosted Service in a secure environment that uses firewalls, intrusion detection, anti-malware, and other advanced technology to prevent interference or access from intruders. These safeguards help prevent unauthorized access, maintain data accuracy and ensure the appropriate use of information and data.
BlackLine utilizes the self-assessment approach to assure its compliance with this Statement. BlackLine regularly verifies that the Statement is accurate, comprehensive, prominently displayed, completely implemented and in conformity with the Privacy Shield and conducts its self-assessment on an annual basis to ensure all relevant privacy practices are followed. Appropriate employee training is in place and internal procedures for periodically conducting objective reviews of compliance are in place. A statement verifying this self-assessment is signed by a corporate officer or other authorized representative at least once a year.
BlackLine reserves the right to change this Privacy Statement as reasonably necessary or advisable to accommodate changes to the law, technology or circumstances, and will use reasonable efforts to provide notification of the material changes through the Public Website and Hosted Service at least thirty (30) business days prior to the changes taking effect.
Questions regarding this Statement or the practices of the Hosted Service or Public Website should be directed to BlackLine’s Security Administrator by e-mailing such questions to: email@example.com or by regular mail addressed to BlackLine Systems, Inc., Attn: Security Administrator, 21300 Victory Blvd., 12th Floor, Woodland Hills, CA 91367.
BlackLine will attempt to investigate and promptly resolve any disputes or complaint regarding the interpretation or compliance with this Statement. You can submit a dispute or complaint to us as set forth in the section entitled Contacting BlackLine above. If we are unable to resolve any complaints through any of the above methods, you may be able to invoke binding arbitration in accordance with the Privacy Shield Framework at www.jamsadr.com/eu-us-privacy-shield.
California law permits residents of California to request certain details about what personal information a company shares with third parties for the third parties’ direct marketing purposes. BlackLine does not share your information with third parties for the third parties’ own and independent direct marketing purposes. If you have any questions about what personal information BlackLine may share with third parties that are not already answered in this Statement, please contact BlackLine at: firstname.lastname@example.org.
Certain web browsers have incorporated “Do Not Track” feature. This feature, when turned on, sends a preference to the websites you visit indicating that you do not wish to be tracked. Those sites (or the third-party content on those sites) may continue to engage in activities you might view as tracking even though you have expressed this preference, depending on the sites’ privacy practices. Because there is not yet a commonly-accepted standard on how to interpret the Do Not Track requests, BlackLine does not currently respond to the browser Do Not Track requests on its websites or online services.