Conga Composer is an installable package from the Salesforce AppExchange, which integrates with an individual customer’s existing implementation of Salesforce. When properly configured, Conga Composer will run within an existing Salesforce instance without the need to view, manipulate or configure the application outside of the Salesforce user interface. Conga services are entirely represented by Salesforce when properly configured. Therefore, customers seeking the 508 Compliance VPAT documentation are referred to Salesforce.
Effective Date: 06 April 2017
Conga is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Conga complies with the Privacy Shield Principles for all onward transfers of personal data from the EU or Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Conga is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Conga may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, Conga commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Conga at firstname.lastname@example.org
Conga has further committed to refer unresolved Privacy Shield complaints to TRUSTe, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. The services of TRUSTe are provided at no cost to you.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Information in General
“Personal Information” is information about you that is personally identifiable to you like your name, address, e-mail address, or phone number. “Anonymous Information” means information that does not permit the identification of individual persons.
Information Related to Data Processed for Our Customers
Service provider collection and use
We collect information under the direction of users of the Services and have no direct relationship with the individuals whose personal data we process.
We process information on behalf of users of the Services, if your data is in the possession of one of the users of the Service and you would no longer like to have your information possessed by the user of the Service, please contact the user of the Service directly.
Service providers and onward transfer
Access to data controlled by our customers
Conga has no direct relationship with the individuals whose personal data it processes on behalf of our customers. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Conga’s customer (the data controller).
We do not retain any personal information submitted to our services. We will however, retain data pertaining to customer contacts and usage history as necessary to comply with our legal obligations, resolve disputes, enforce our agreements and provide support.
How We Gather Information
When expressing an interest in obtaining additional information about the Services, or registering to use the Web sites or other Services, or registering for an event, Conga requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services or registering for an event, Conga may also require you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”).
Additionally, in some instances, when you purchase Services from us, we request certain Personal Information from you on our order form. You must provide contact information (such as name, email, and billing address) and if paying by credit card, you need to provide our trusted third-party credit card processor with certain details (such as credit card number, and expiration date). We use this information for billing purposes and to fill your order. If we have trouble processing an order, we will use this information to contact you.
If you request customer support services for Services, we may collect Personal Information to enable us to provide such customer support services to you, such as your name, email address and phone number.
If you register on the Website for a Conga webinar or participate in a web-based meeting (e.g., through GoToMeeting) for demonstration or support purposes, or make use of our Knowledgebase or community forum support features, you will need to provide the information required by the third party vendor hosting the webinar or web-based meeting, or support features. In these cases, your data will be subject to the third party vendor’s privacy policies.
Conga may occasionally provide you the opportunity to participate in contests or surveys on our Website. If you participate, we may request certain Personal Information from you. Participation in these surveys or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes contact information (such as name and address), and demographic information (such as zip code). We may share aggregated demographic information about our user base with our partners and advertisers. This information does not identify individual users.
As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you, nor do we use it for any other purpose.
How We Use Your Data
- Providing our Services;
- Auditing, research and analysis in order to maintain, protect and improve our Services;
- Ensuring the technical functioning of Services and otherwise improving Services;
- To support and maintain Services;
- Protecting the rights or property of Conga or our users; and,
- Developing new Services.
Conga safeguards the security of the data you provide us, or that we receive or retrieve from you with industry-standard physical, electronic, and managerial procedures. Likewise, you should take every precaution to protect your Personal Information when you are on the Internet. Change your passwords often, use a combination of letters, numbers and symbols, and make sure you use a secure browser.
The Services use industry-standard Transport Layer Security (TLS) encryption.
No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee absolute security of the Services or Website, or your transmission of data to or from us. If you have any questions about security on our Web site, you can contact us at email@example.com.
Access To Your Personal Information
Upon request Conga will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. You may write to us at firstname.lastname@example.org to request that whatever information we have stored be changed, removed, or provided to you. We will respond to your request for access within 30 days.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Newsletters and Promotional Email
If you no longer wish to receive our newsletters and promotional communications from Conga, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by emailing us at email@example.com.
We post customer testimonials on our web site which may contain Personal Information. We do obtain the customer’s consent prior to posting the testimonial to post their name along with their testimonial. If you want your testimonial removed please contact us at firstname.lastname@example.org.
We do not intentionally gather Personal Information about visitors who are under the age of 16.
Social Media Widgets
Blog / Forum
Our Web site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at email@example.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Links to Other Sites
The Website may contain links to other sites, or functionality from third parties (e.g., Youtube), that are not owned or controlled by Conga. Please be aware that Conga is not responsible for the privacy practices of such other sites or third parties. We encourage you to be aware when you leave our site and to read the privacy statements of each and every web site that collects Personal Information.
Disclosure of Personal Information
In certain situations, [Participant] may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We reserve the right to disclose your Personal Information as required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on our Website.
In the event Conga goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, Personal Information will likely be among the assets transferred. Customers will be notified via email and/or prominent notice on our Web site for 30 days of any such change in ownership or control of your Personal Information.
Changes to This Privacy Statement
Third Party Suppliers
Conga utilizes a range of third party suppliers to assist them in both providing the services and business operations; including suppliers in the following categories.
The following supplier is utilized for delivering the Conga service, which includes processing customer data on behalf of the customer.
- Amazon Web Services: The Conga Service is hosted with Amazon Web Services located in the continental United States, and mirrored across multiple, geographically dispersed data centers for fault tolerance and business continuity purposes.
*Note: Customer’s field data retrieved from salesforce.com (or other customer controlled systems) and the merged output documents are only present in the Conga service for the time necessary to process the merge operation.
The following suppliers are utilized for delivering Conga Novatus Services, which includes processing customer data on behalf of the customer.
- DataSite Data Center
- Peer1 Data Center
- Iron Mountain
The following suppliers are utilized for marketing, billing or other business related purposes, which DO NOT utilize any data processed on behalf of the customer.
- Google Enterprise
CONGA GENERAL DATA PROTECTION REGULATION (GDPR) COMPLIANCE
Conga is committed to complying with the GDPR regulations that will take effect May 25, 2018. As a data processor, we have established processes and procedures to align with our commitment to data privacy, security, and compliance. We will continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies and will adjust policy and process accordingly if changes occur.
For further detail around how Conga are remaining GDPR compliant, visit our GDPR page.
Last updated: 17 June 2018