Privacy Policy

Last Updated September 1, 2019

Gainsight, Inc., including Aptrinsic LLC and Gainsight, Inc.’s other subsidiaries and affiliates (collectively, “Gainsight“, “we,” “us,” or “our“) respect the privacy of its employees, customers, business partners, event attendees, job applicants, and Website (as defined below) visitors (“you” or “your”). This Privacy Policy explains who we are, how we collect, share and use personal information about you, and how you can exercise your privacy rights. This Privacy Policy only applies to personal information that is provided to or is collected by us in the usual course of business, including through our websites, such as https://www.gainsight.com, that link to this Privacy Policy (“Website”).

For personal information that we collect when you use or otherwise interact with our services, please see our services privacy notice;

If you have any questions about this Privacy Policy, please contact us at the details below.

Quick links

We recommend that you read this Privacy Policy in full to ensure that you are fully informed. However, if you only want to access a particular section of this Privacy Policy, then you can click on the relevant link to jump to that section.

Who we are

Gainsight, Inc. is a company incorporated under the laws of the State of Delaware, USA and whose principal office is located at 655 Montgomery St, 7th Floor, San Francisco, CA 94111. We own and operate a proprietary Customer Success platform and SaaS applications to enable our customers to better utilize their customer data (“Services”).

For more information about Gainsight, please see the About Us section of our Website.

What information do we collect?

The personal information that we may collect about you broadly falls into the following categories:

Information that you provide voluntarily: Certain parts of our Website may ask you to provide personal information, including when you request information about our Services, register for an event, or request access to a demo or any online training materials.

The personal information you provide voluntarily may include contact information such as your name, address, telephone number or email address and contact preferences. It may also include professional information, such as your job title, department or job role, as well as the nature of your request or communication. Note that we also may collect this information from our EU employees within the context of the work relationship. Gainsight currently does not have employees in Switzerland.

Information we automatically collect: When using our Websites or interacting with our online advertisements or marketing emails (collectively with our Websites, the “Online Properties”), we automatically collect certain information from your device. In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws. Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading “Cookies and similar tracking technology”

The information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Online Properties, including the pages accessed and links clicked.

How do we use information that we collect?

We may use information that we collect about you for purposes including:

  • To respond to your requests or provide you with information requested by you.
  • To send administrative or account related information to you.
  • To communicate with you about updates to the Services.
  • To maintain the website and tailor the website to your needs.
  • To provide you with marketing and promotional communications (where this is in accordance with the law). For more information about managing your marketing preferences, please see the “Your Data Protection Rights” section of this Privacy Policy below.

  • To comply with and enforce applicable legal requirements, agreements and policies.
  • To prevent, detect, identify, investigate, respond and protect against potential or actual claims, liabilities, prohibited behavior, and criminal activity.
  • For other business purposes such as data analysis, identifying usage trends, determining the effectiveness of our marketing and to enhance, customize and improve our Websites, products and services.
  • In relation to EU employee data, to facilitate the employer/employee relationship.
  • To better understand the individuals who use and interact with our Online Properties, where they come from, and what content on our Online Properties is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Online Properties.

Who do we share your personal information with?

We may disclose your personal information to the following categories of recipients:

  • to our contractors, third party service providers and partners who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Online Properties), or who otherwise process personal information for purposes that are described in this Privacy Policy or notified to you when we collect your personal information.
  • to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
  • to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Policy;
  • to our marketing partners to send emails on our behalf, and/or for co-branded and/or co-sponsored marketing and promotional events (such as conference events) offered in conjunction with another company or companies. If you register for or participate in such marketing and promotional events, we and the relevant partner companies may receive information collected in conjunction with the co-branded and/or co-sponsored marketing and promotional events. Our Privacy Policy will apply to our use of your personal information. We have no control over any other companies’ privacy practices, so please read their applicable privacy.
  • to any other person with your consent to the disclosure.

Cookies and similar tracking technology

We use cookies and similar tracking technology (collectively “Cookies”) to collect and use personal information about you.

How do we keep your personal information secure?

We use appropriate administrative, organizational, technical and physical safeguards to protect the personal information we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information and to help ensure that your data is safe, secure, and only available to you and to those you provided authorized access (e.g., your users). Specific measures we use include using encryption technologies and storage on physically and electronically secured servers. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so you should take care in deciding what information you send us in this way.

International data transfers

Your personal information may be collected, transferred to, and processed in, countries other than the country in which you are resident, including the United States and other countries. These countries may have data protection laws that are different to the laws of your country, and may not provide for the same level of data protection as your jurisdiction.

We have implemented appropriate safeguards to ensure that the recipient of your personal information offers an adequate level of protection, or we will ask you for your prior written consent for such international data transfers. Further details can be provided upon request.

Legal basis for processing personal information (EEA visitors only)

If you are resident in or a visitor from the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. In most cases we use personal information where we have your consent to do so, where we need it to perform a contract with you, or where the processing is in our legitimate business interests. In some cases, we have a legal obligation to collect personal information from you.

If we ask you to provide personal Information to comply with a legal requirement or to enter into a contract with you, we will make this clear at the relevant time and advise you whether the provision of information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate interests, we will make clear to you at the relevant time what those legitimate interests are. Typically, our legitimate interests include: (i) improving our technology, products and services; (ii) for our marketing activities; and (iii) measuring the effectiveness of our marketing and promotional campaigns.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Us” heading below.

EU-U.S. and Swiss Privacy Shield Notice

Gainsight complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries (including Iceland, Liechtenstein, an Norway) and Switzerland transferred to the United States pursuant to Privacy Shield. Gainsight has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

Gainsight is responsible for the processing of personal information it receives under the Privacy Shield Frameworks and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal information from participating European Union countries and Switzerland, including the onward transfer liability provisions.

Access: Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to privacy@gainsight.com. If requested to remove data, we will respond within a reasonable timeframe.

Purpose Limitation: Gainsight only utilizes and/or shares personal data for the purposes for which it was originally supplied or subsequently authorized. If this practice should change we will update this privacy policy and provide individuals with opt-out (for non-sensitive data) or opt-in (for sensitive data) choice as is appropriate.

Questions or complaints: In compliance with the Privacy Shield Principles, Gainsight is committed to resolving complaints about our collection or use of your personal information. If you are a resident of a European Union country or Switzerland, you may direct your inquires or complaints regarding this Privacy Policy to us using the contact details provided below privacy@gainsight.com. We will work with you to resolve your issue.

Dispute Resolution: Gainsight has further committed to refer unresolved complaints under the EU-US and Swiss-US Privacy Shield Principles to the BBB EU Privacy Shield, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you don’t receive timely acknowledgment of a complaint you have submitted, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information.

The services of BBB EU Privacy Shield are provided at no expense to you.

If your complaint involves human resources data transferred to the United States from the EU in the context of the employment relationship, and Gainsight does not address it satisfactorily, Gainsight commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) and to comply with the advice given by the DPA panel with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex(1)at https://www.privacyshield.gov/article?id=ANNEX-I-introduction U.S. Federal Trade Commission Enforcement: With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission (FTC).

Requirement to disclose: In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

For more information about the Privacy Shield, see the US Department of Commerce’s Privacy Shield website located at: https://www.privacyshield.gov. To review our certification on the Privacy Shield list, see the US Department of Commerce’s Privacy Shield self-certification list located at: https://www.privacyshield.gov/list.

Data Retention

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements, to enforce our agreements or comply with our legal obligations).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Please contact us if you have any questions about the information we collect and/or how we use the information we collect.

Your data protection rights

You have the following data protection rights:

  • You can access, review, change, update or delete your personal information at any time by contacting us at hello@gainsight.com. Please note that we may impose a small fee for access and disclosure of your personal information where permitted under applicable law, which will be communicated to you. We do not charge you to update or remove your personal information.
  • To remove your personal information from a Website testimonial or request removal of your personal information from our blog or community forum, contact us at hello@gainsight.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
  • In addition, if you are a resident of the European Union, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. To exercise these rights email privacy@gainsight.com.
  • You can opt out of receiving promotional emails from us by emailing hello@gainsight.com. If you choose to no longer receive marketing information, we may still communicate with you regarding such things as your security updates, product functionality, responses to service requests, or other transactional, non-marketing/administrative related purposes.
  • If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Economic Area (“EEA”), Switzerland and certain non-European countries (including the US and Canada) are available here.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. To protect your privacy and security, we take reasonable steps to verify your identity before granting you account access or making corrections to your personal information.

Children

The Website and its content are not directed at children. We do not knowingly collect any information from anyone under 13 years of age. If you are under the age of 18, you may not use this Website unless you have the consent of, and are supervised by, a parent or guardian.

Changes to our Privacy Policy

We may revise this Privacy Policy from time to time in response to changing legal, technical or business developments. The most current version of this Privacy Policy will govern our use of your personal information. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Privacy Policy.

Contact Us

If you have any questions or concerns about our use of your personal information or if you need to update, change, or remove your information, or exercise any other rights, please contact privacy@gainsight.com using the following details:

By post: Attn: Gainsight General Counsel Gainsight, Inc., 655 Montgomery St, 7th Floor, San Francisco, CA 94111

By email: privacy@gainsight.com

Important Information: If you are located in the EEA, Gainsight, Inc. is the data controller of your personal information.