Effective: March 16, 2017

BLACKLINE PRIVACY STATEMENT

BlackLine Systems, Inc. and its affiliates (“BlackLine”) are committed to protecting the privacy of visitors to BlackLine’s public web site at www.blackline.com (“Public Website”) and of customers using BlackLine’s hosted service web site (“Hosted Service”), and has established this privacy statement (“Statement”) to inform you of BlackLine’s information gathering and dissemination policies and practices regarding use of the Public Website and/or the Hosted Service.

EU-US PRIVACY-SHIELD FRAMEWORK

BlackLine participates in the EU-US Privacy Shield Framework established by the U.S. Department of Commerce and European Commission regarding the collection, use and retention of personal information from European Union member countries and subject to enforcement by the Federal Trade Commission (See www.commerce.gov/page/eu-us-privacy-shield for additional information). BlackLine has certified that it adheres to the relevant Privacy Shield Principles. BlackLine’s participation in the Privacy Shield applies to all personal data that is subject to this Statement and is received from the European Union, European Economic Area and Switzerland.

BlackLine remains responsible for any of personal information that is shared under the Onward Transfer Principle with third parties for external processing on its behalf, as described in the “Sharing of Information Collected” sections below. In addition, as part of BlackLine’s participation in the Privacy Shield Framework, it has designated JAMS as its ADR provider for resolving disputes under the EU-U.S. Privacy Shield. For more information on JAMS as an ADR provider and the procedure for filing complaints, please see www.jamsadr.com/eu-us-privacy-shield and the Dispute Resolution section set forth below.

BlackLine is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”) with respect to personal information received or transferred pursuant to the Privacy Shield Framework.

Further information related to the EU-US Privacy Shield is available at www.commerce.gov/page/eu-us-privacy-shield.

1. PUBLIC WEBSITE INFORMATION COLLECTION

Information Collected

As you navigate the Public Website, BlackLine may collect information such as your Internet Protocol address, Web browser information and your actions while on the Public Website. This information will be collected, if at all, through the use of commonly-used information-gathering tools, such as cookies and Web beacons. Standing alone, this information does not personally identify you.

When expressing interest in BlackLine’s products or services, you may have the option to provide contact information such as your name, organization name, address, e-mail address, phone number, number of employees or annual company revenue. You may also have the option of engaging in a “live chat” or other form of interactive communication, during which BlackLine may collect a record of information disclosed by you. Providing this optional information is voluntary on your part, and in the absence of providing such information you remain anonymous to BlackLine.

Use of Information Collected

We use your information, including your personal information, for the following purposes:

  • To provide our Public Website and other services to you, to communicate with you about your use of our Public Website and services, to diagnose technical problems, to respond to your inquiries and for other customer service purposes.
  • To tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Public Website.
  • For marketing and promotional purposes. For example, we may use your information, such as your e-mail address and other optional information you provide, to send you news and newsletters, special offers, services, promotions, partners, events or promotions or to otherwise contact you about products or information we think may interest you.
  • To better understand how users access and use our Public Website, both on an aggregated and individualized basis, in order to improve our Public Website and services and respond to user desires and preferences, and for other research and analytical purposes.

Sharing of Information Collected

BlackLine will not share your information, including personal information, with third parties, except as follows:

  • Affiliates. . We may disclose the information we collect from you to our affiliates or subsidiaries; however, if we do so, their use and disclosure of your personally identifiable information will be subject to this Statement.
  • Vendors, Service Providers, Contractors and Agents. We may disclose the information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf, provided they agree to the principles in this Statement.
  • Business Transfers. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer the information we have collected from you to the other company.
  • In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena or to meet national security or law enforcement requirements.
  • To Protect Us and Others. We also may disclose the information we collect from you where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of this Statement, or as evidence in litigation in which BlackLine is involved.
  • Aggregate and De-Identified Information. We may share aggregate or de-identified information about users with third parties for marketing, advertising, research or similar purposes.

Third Party Links

The Public Website may contain links to other web sites or third party applications such as Facebook, Twitter, LinkedIn or YouTube. BlackLine is not responsible for the privacy practices or the content of these other web sites or applications, and we advise you to refer to the policy statement of these third parties to understand how they collect and use information.

2. HOSTED SERVICE INFORMATION COLLECTION

BlackLine also collects information, including personal information, from users of the Hosted Service (“User Information”). Access to the Hosted Service is subject to the terms and conditions of a Master Subscription Agreement or similar agreement between BlackLine and the party or entity that has subscribed to the Hosted Service. Any User Information provided through the Hosted Service will be subject to this Statement, unless otherwise specified in the Master Subscription Agreement.

Information Collected

BlackLine collects the following User Information in connection with the Hosted Service:

  • Information required to use the Hosted Service, currently a name and email address.
  • User profile information voluntarily provided by users, for example a phone number or profile picture
  • BlackLine receives financial information from its customers which may include personal information.

Use of Information Collected

BlackLine uses User Information for the sole purpose of providing and improving the Hosted Service, maintaining security, and diagnosing technical problems as further described in its Master Subscription Agreement.

Sharing of Information

BlackLine will not share User Information with third parties, except as follows:

  • Affiliates. We may disclose the User Information we collect to our affiliates or subsidiaries; however, if we do so, their use and disclosure of your personally identifiable information will be subject to this Statement.
  • Business Transfers. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer the User Information we have collected to the other company.
  • In Response to Legal Process. We also may disclose User Information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena or to meet national security or law enforcement requirements.
  • To Protect Us and Others. We also may disclose the User Information we collect where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of a Master Subscription Agreement or this Statement, or as evidence in litigation in which BlackLine is involved.

3. GENERAL PROVISIONS APPLICABLE TO ALL CUSTOMERS AND VISITORS

How to Access, Correct and Control Your Personal Information

To receive a copy of, update or access information you have provided to, BlackLine via the Public Website, please send an e-mail to: info@blackline.com. BlackLine will respond to any correction or update request within at most thirty (30) days from the date of your request. BlackLine offers its visitors and customers a means to choose how we may use personal information provided. If, at any time after providing personal information, you change your mind about receiving information from us or about sharing your information with third parties, send a request specifying your new choice to:info@blackline.com

Cookies

Cookies are unique identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Public Website and Hosted Service, while others are used to enable a faster log-in process or to allow us to track your activities at our Public Website and Hosted Service. There are two types of cookies: session and persistent cookies.

  • Session Cookies. Session cookies exist only during an online session. They disappear from your computer when you close your browser or turn off your computer. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Hosted Service. This allows us to process your online transactions and requests and verify your identity, after you have logged in, as you move through our site.
  • Persistent Cookies. Persistent cookies remain on your computer after you have closed your browser or turned off your computer. Our Public Website uses persistent cookies.

Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie or how to disable cookies altogether. Visitors to our Public Website or Hosted Service who disable cookies will be able to browse certain areas of the site, but some features may not function.

Third Party Analytics

BlackLine may use automated devices and applications, such as Google Analytics, to evaluate usage of our Public Website and, to the extent permitted, our Hosted Service. We also may use other analytic means to evaluate our Hosted Service. We use these tools to help us improve our services, performance and user experiences. These entities may use cookies and other tracking technologies to perform their services. We do not share your personal information with these third parties.

Sensitive Information

We will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information.

Children’s Online Privacy Protection

Neither the Public Website nor the Hosted Service are designed for or directed to children under the age of 13, and we will not intentionally collect or maintain information about anyone under the age of 13.

Security

The Public Website and Hosted Service have security measures in place to help protect against the loss, misuse, and alteration of information and data under our control. When our Public Website or Hosted Service is accessed using Internet Explorer 11, or recent versions of Firefox or Chrome Transport Layer Security (TLS) is employed to encrypt all communications and to help ensure data confidentiality. Hosted Service uses authentication mechanisms to help ensure that information and data is safe and secure. BlackLine hosts the Public Website and Hosted Service in a secure environment that uses firewalls, intrusion detection, anti-malware, and other advanced technology to prevent interference or access from intruders. These safeguards help prevent unauthorized access, maintain data accuracy and ensure the appropriate use of information and data.

Verification

BlackLine utilizes the self-assessment approach to assure its compliance with this Statement. BlackLine regularly verifies that the Statement is accurate, comprehensive, prominently displayed, completely implemented and in conformity with the Privacy Shield and conducts its self-assessment on an annual basis to ensure all relevant privacy practices are followed. Appropriate employee training is in place and internal procedures for periodically conducting objective reviews of compliance are in place. A statement verifying this self-assessment is signed by a corporate officer or other authorized representative at least once a year.

Changes to this Privacy Statement

BlackLine reserves the right to change this Privacy Statement as reasonably necessary or advisable to accommodate changes to the law, technology or circumstances, and will use reasonable efforts to provide notification of the material changes through the Public Website and Hosted Service at least thirty (30) business days prior to the changes taking effect.

Contacting BlackLine

Questions regarding this Statement or the practices of the Hosted Service or Public Website should be directed to BlackLine’s Security Administrator by e-mailing such questions to: info@blackline.com or by regular mail addressed to BlackLine Systems, Inc., Attn: Security Administrator, 21300 Victory Blvd., 12th Floor, Woodland Hills, CA 91367.

Disputes/Arbitration

BlackLine will attempt to investigate and promptly resolve any disputes or complaint regarding the interpretation or compliance with this Statement. You can submit a dispute or complaint to us as set forth in the section entitled Contacting BlackLine above. If we are unable to resolve any complaints through any of the above methods, you may be able to invoke binding arbitration in accordance with the Privacy Shield Framework at www.jamsadr.com/eu-us-privacy-shield.

Your California Privacy Rights

California law permits residents of California to request certain details about what personal information a company shares with third parties for the third parties’ direct marketing purposes. BlackLine does not share your information with third parties for the third parties’ own and independent direct marketing purposes. If you have any questions about what personal information BlackLine may share with third parties that are not already answered in this Statement, please contact BlackLine at: info@blackline.com.

Do Not Track Requests

Certain web browsers have incorporated “Do Not Track” feature. This feature, when turned on, sends a preference to the websites you visit indicating that you do not wish to be tracked. Those sites (or the third-party content on those sites) may continue to engage in activities you might view as tracking even though you have expressed this preference, depending on the sites’ privacy practices. Because there is not yet a commonly-accepted standard on how to interpret the Do Not Track requests, BlackLine does not currently respond to the browser Do Not Track requests on its websites or online services.

Contact Us