Introduction
Open Text Corporation (collectively with its affiliates hereinafter referred to as ‘OpenText’, ‘we’, ‘us’, ‘our’) supports the right to privacy and understands the importance of protecting personal information and complying with applicable data protection laws. OpenText’s Global Data Privacy Department is dedicated to assisting with questions regarding this privacy policy (‘policy’) and the processing of your personal information, and as part of such activities has developed this policy. This policy applies to our subsidiaries to the extent they have access to your personal information. A current listing of our subsidiaries is available in our Annual Report.
This policy provides information on the collection, use, and sharing of your personal data or information (personal information) when OpenText acts as a data controller (meaning where OpenText controls how and why your personal Information is processed), unless otherwise provided in a separate agreement or mandated by any applicable law.
This policy applies to the personal information collected from you directly when you visit our websites and portals (‘Website’); you communicate with us, including but not limited to emails, phone calls, texts, or faxes; you use our products, services, and applications; you engage in commercial transactions with us; and register for or participate in our webinars, events, programs, marketing, and promotional activities or indirectly through third parties, including our partners, in the course of our business.
Where we provide links to websites of other organizations, this policy does not cover how that organization processes personal information. We encourage you to read the privacy policies on the other websites you visit. Unless otherwise provided in a separate agreement, this policy does not apply to the extent we process your personal information in the role of a processor or service provider on behalf of our customers (meaning where OpenText acts on your instructions regarding how and why your personal information is processed).
For details on how to contact us, see the Contact Information section below.
Table of Contents
- WHAT PERSONAL INFORMATION WE COLLECT AND WHY WE USE IT
- HOW WE COLLECT YOUR PERSONAL INFORMATION
- HOW WE SHARE YOUR PERSONAL INFORMATION
- HOW WE PROTECT YOUR PERSONAL INFORMATION
- HOW LONG WE STORE YOUR PERSONAL INFORMATION
- YOUR PRIVACY RIGHTS
- CHILDREN’S PRIVACY
- CONTACT INFORMATION
- CHANGES TO THIS PRIVACY POLICY
- PHILIPPINES' PRIVACY SEAL OF REGISTRATION
WHAT PERSONAL INFORMATION WE COLLECT AND WHY WE USE IT
The personal information we process about you and how we collect it is determined by the OpenText product(s) and/or service(s) you use, how you interacted with OpenText, and the personal information we have obtained from a third party with permission to share such information with us.
Refer to Table 1 below for more details on the categories of personal information collected and purposes we process it for. More detailed examples for each purpose are described in Table 2 below.
Table 1 - Purposes of processing personal information
Categories of information collected | Purposes of processing (for additional detail, please refer to Table 2 below) |
---|---|
Contact and account registration information For example: Name, address, email, telephone number, username and password, country, and language (collectively “Account Information”) |
|
Financial and transactional information For example: Credit card, debit card, banking or other payment information |
|
Device information and identifiers For example: The configuration of any device registered for use in connection with the products and services; also IP address, browser type and language, operating system, platform type, device type, software and hardware attributes, and unique device and application identifier |
|
Connection and usage data For example: Information about files you download, domain names, landing pages, usage activity, content viewed and accessed, dates and times of access, pages viewed, forms you complete or partially complete, search terms, uploads or downloads, whether you open an email and your interaction with email content, access times, error logs, URL accessed, and other similar information |
|
Other information For example: Any other information you choose to provide to us directly or indirectly in connection with your use of the products and services or Websites |
|
Table 2 – Examples of processing activities
Purpose | Examples |
---|---|
Communicating with you |
|
Providing services |
|
Personalizing your experience |
|
Protecting our services and users |
|
Defending our legal rights and compliance with the law |
|
Choice/opting out of marketing: OpenText offers you the choice of receiving different types of communications and information related to our products and services. You may subscribe to e-newsletters or other publications; you may also elect to receive marketing communications and other special offers from us via email. If at any time you would like to change your communication preferences, we provide unsubscribe links and an opt-out mechanism in all our marketing communications or you may contact us directly.
Note that if you opt out of marketing, you may still receive service-related and market research messages from us (and you may still receive marketing messages for a short period after opting out while we update our records).
Choice/opting out of digital advertising: For details on how to manage advertising, visit Digital Advertising Alliance Consumer Choice. For your mobile device, you can review your device settings: Android devices allow you to opt out using “Opt-out of Ads Personalization” and Apple devices allow apps to include interest-based advertising only if you opt in using the app’s pop-up notice.
HOW WE COLLECT YOUR INFORMATION
We collect personal information through various means, for example, via our Website(s), order forms, and through provision of products or services, from third-party service providers, customer support activities, and at meetings, exhibitions, and events (both physical or digital). Your employer, as a customer or partner of OpenText, may provide your contact information as required to provide OpenText products or services. We also collect personal information where you or your employer is a customer of a business we may acquire. We may also collect information about you on CCTV and log books when you visit our premises or on other security cameras as part of our security and crime prevention measures.
The Website(s) may also collect information about your visits to the Website without you actively submitting such information through cookie technology.
Cookies and tracking technologies: OpenText uses cookies to collect information about the use of its Website(s), either directly or through third-party tracking providers. For more information refer to our Cookie Policy.
Do Not Track (DNT): Your browser setting may allow you to automatically transmit a "Do Not Track" (DNT) signal to websites and online services that you visit. There is no consensus among industry participants as to what DNT means in this context, and some browsers automatically apply DNT signals by default and therefore do not necessarily reflect our visitors' choice as to whether they wish to receive advertisements tailored to their interests. As a result, like many websites, our Website does not respond to a DNT signal from a visitor's browser. To find out more about DNT, please visit http://allaboutdnt.com. However, you may elect not to accept cookies by changing the designated settings on your web browser or opting out of the OpenText cookies. Please note that if you do not accept certain cookies, you may not be able to use all functions and features of our Website(s). Consent for use of cookies varies depending on the jurisdiction. Click here for more information about OpenText’s Cookie Policy and options on how to manage your cookies preferences.
Personal information collected from third parties: OpenText obtains personal information from third parties. For example, OpenText may collect and receive personal information about you from companies that distribute OpenText products by way of co-branded or private-labeled websites. Companies with which OpenText partners to market, resell, and distribute its products and services, which may include the payment gateways we work with, also may supply us with personal information in order to help us fulfil orders and provide services. We may also collect your personal information from public sources or from data brokers (for example, LinkedIn, ZoomInfo, Dun & Bradstreet) to the extent the local regulations allow.
API Services: For certain limited services provided by OpenText, we use third-party API Services such as the YouTube API or Google API. Such third-party API services used in OpenText products only captures data you designate OpenText to access on third-party platforms. Such data may include your content stored on third-party sites, associated meta data, and account information related to those third-party sites. Data collected by OpenText using third-party API services may be used to archive content and certain associated meta data uploaded to those third-party sites by you. Additionally, such data may be used by OpenText as part of an authentication and authorization framework to access your data on third-party sites. Third-party email, social media, and other communication services are not offered, controlled, or provided by OpenText. OpenText is not responsible for how a third party transmits, accesses, processes, stores, uses, or provides data to OpenText. In addition, such third-party services are subject to the terms and conditions and privacy policies applicable to those services. Depending on the service you are using, the Google privacy policy may apply and is available here: http://www.google.com/policies/privacy; and/or the YouTube terms of service may apply and is available here: https://www.youtube.com/t/terms.
In certain circumstances, if you do not provide us with personal information we need, we may not be able to provide certain products or services or comply with our legal obligations. The legal basis for collecting and using the personal information described above will depend on the personal information concerned, applicable privacy laws, and specific context in which we collect it, such as:
- With consent where required by law.
- Where the processing is necessary for the performance of a contract or a commitment under which you and/or we have made an undertaking.
- Where necessary to comply with law.
- Where the processing is necessary for the purposes of our legitimate interests, taking into account individual interests. Please refer to Table 1 for a list of legitimate interests.
HOW WE SHARE YOUR PERSONAL INFORMATION
OpenText may share your personal information with its affiliates, business partners (including those who resell or distribute our products and services), service providers (including website, software, infrastructure and application providers), payment gateways, customer service, event/campaign management, cloud hosting providers, credit reference agencies, debt agencies, professional advisers, marketing agencies (including event or promotion partners or sponsors), third-party networks and websites, database providers, backup and disaster recovery specialists, analytics and email providers, and agents working on our behalf.
We may be required to share personal information with a third party or body where such disclosure is required to satisfy applicable law or other legal or regulatory requirement, or to protect the rights or property of OpenText or others. This can include in response to lawful requests from a competent authority or body and to meet national security or law enforcement requirements.
If all or any part of our business is re-organized or sold to or there is a joint venture with another organization, we may need to provide your information to that organization. We may also be the recipient of personal information when we acquire another organization or a part of their business or enter into a joint venture with them.
Where third parties are performing processing on our behalf, OpenText will require these organizations to adopt adequate technical and organizational security measures to protect personal information and to ensure the processing of personal information is only performed as instructed by OpenText and for no other purposes.
Personal information may be processed outside the country of your residence by our affiliates, partners, or service providers, and agents working on our behalf. The transfer to other countries by OpenText and its affiliates shall be in accordance with applicable data protection legislation, which may include an adequacy decision or appropriate safeguards. Appropriate safeguards may include: OpenText and third parties entering into the Model Clauses approved by the relevant authorities (i.e., European Commission, Information Commissioner’s Office, Federal Data Protection, and Information Commissioner, etc.) or relying on any approved alternative mechanism.
For more information on the recipients of your personal information and the mechanism in place for international transfers please contact us by using the information in the section (Contact Information) below.
HOW WE PROTECT YOUR PERSONAL INFORMATION
Protecting your personal information, both online and offline, is a priority for us. We have implemented appropriate technical and organizational measures to protect your personal information from unauthorized access, accidental loss, disclosure, or destruction and ensure a level of security appropriate to the risk. We have specialized and dedicated security teams who constantly review and improve our security measures to protect your personal information from unauthorized access, accidental loss, disclosure, or destruction.
All our employees are subject to confidentiality agreements and undergo annual training on the proper handling of personal information.
OpenText is committed to protecting all personal information and is cognizant of its obligations under applicable data protection laws.
HOW LONG WE STORE YOUR PERSONAL INFORMATION
OpenText will retain personal information for as long as needed to provide the relevant products or services or to fulfill the purposes for which the personal information was collected or as per the specific contractual terms. OpenText may also retain and use this information for a longer period as permitted or required by law, to comply with our legal, tax or regulatory obligations (e.g., audit and accounting requirements), handle disputes, to exercise or defend claims, and enforce our agreements. We ensure that personal information we dispose of is de-identified or destroyed in a secure manner.
YOUR PRIVACY RIGHTS
Customer data: If your personal information has been submitted to us by or on behalf of a customer of our products and services who is the controller of that personal information and we are the processor, you will need to contact them directly if you wish to exercise any rights you may have under applicable data protection laws. If you make your request to us, we will need the name of the customer who submitted your data to us, and we will refer it on to them.
Your local applicable law may provide certain rights regarding the collection, use, and sharing of your personal information. As a minimum standard, we aim to enable all individuals to exercise the privacy rights set out below, but please note that these rights and the conditions for exercising and processing them (including response times) may vary depending on the jurisdiction in which you reside.
Under the European Union (EU) data protection laws, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information:
- Your right of access. You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
- Your right to rectification. You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
- Your right to erasure. You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing. You have the right to ask us to restrict the processing of your information in certain circumstances.
- Your right to object to processing. You have the right to object to processing if we are able to process your information because the process forms part of our public tasks or is in our legitimate interests.
- Your right to data portability. This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another or give it to you. The right only applies if we are processing information based on your consent or under, or are in talks about entering into a contract and the processing is automated.
Jurisdiction-specific privacy rights:
Australia: We are committed to processing any personal information in accordance with the Privacy Act 1988 (Cth.) (the Privacy Act) including the Australian Privacy Principles (APPs).
This current policy describes how OpenText deals with personal information of individuals who interact with us or any personal information obtained through our operations as a professional services provider.
The nature of our business activities may require that personal information be disclosed to overseas recipients (including in Canada, India, the USA, and Europe and other countries from time to time) in order to provide the services contemplated under the terms of our engagement or prospective engagement. In such circumstances, we will use our best endeavors to ensure such parties are subject to a law, binding scheme, or contract that effectively upholds principles for fair handling of the information that are suitably similar to the APPs.
If you make a complaint about how OpenText has handled your personal information and we are unable to resolve your complaint or you are unhappy with the outcome, you can contact the Office of Australian Information Commissioner via its enquiries line 1300 363 992 or website https://www.oaic.gov.au to lodge a complaint.
California: In accordance with the California Consumer Privacy Act ("CCPA") as updated, amended, and expanded by the California Privacy Rights Act (CPRA), California residents benefit from the following additional rights.
Use of personal information
In compliance with its obligations under the CCPA, OpenText may provide your personal information to our affiliates, authorized service providers, and business partners, or allow them to collect personal information from our Website, products, or services in certain situations. Examples of such situations include where you consent to or direct us to disclose the personal information to those parties, if you use our Websites or services to interact with those third parties, or we are otherwise required to do so by law. We may also provide personal information to service providers, or allow service providers to collect personal information from our Websites and apps (for example, through the use of cookies or similar technologies) to help us deliver advertising to you and to provide a personalized experience. See our Cookies Policy for more information.
Access to personal information
As a California resident you may request and obtain from us once a year, free of charge, certain information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that were shared and the names and addresses of all third parties with which we shared information in the preceding calendar year.
For more details on what personal information we collect and how it is processed, please see the ‘What personal information we collect and why we use it’ section.
China: The OpenText China Privacy Policy governs how we process Personal Information of residents of mainland China who fall within the scope of the China Personal Information Protection Law (“PIPL”) and relevant laws, regulations, and national standards (“China Data Protection Law”).
For more information concerning The OpenText China Privacy Policy, please refer to the following links:
South Africa: Personal information as used in this privacy policy means Personal Information as such term is defined under the Protection of Personal Information Act, 2013 (“POPIA”). Therefore, “You” and “Your” as used in this privacy policy mean a natural person or a juristic person as such term is used under POPIA.
Japan: In accordance with Act on the Protection of Personal Information (APPI) and for data subjects residing in Japan:
Data Transfer to outside of Japan: As a personal information handling business operator as defined in the Act on the Protection of Personal Information N°57 (APPI) will operate in conformity with this policy.
Joint use: OpenText Affiliates may jointly use your data, as jointly used is defined under the APPI, under the following conditions:
- The types of personal data jointly used: as listed in the table below section “What data we collect and why we use it.”
- The purpose of the joint use: to respond to your requests, to provide you with OpenText products and services, including the purpose as listed in “Table 1” above.
- The entities that engage in the joint use: the subsidiaries of OpenText, available in our Annual Report.
- The entity responsible for the joint use: Open Text Corporation (Corporate HQ: 275 Frank Tompa Drive, Waterloo ON N2L 0A1, Canada).
As a rule, we do not share your data to third parties or transfer your data outside Japan except where such data processing is permitted by applicable laws, or where you have provided your consent, and when the foreign third party adheres to the necessary standards prescribed by the Personal Information Protection Commission (PPC) (as described in the “How we share your data”).
CHILDREN’S PRIVACY
OpenText encourages parents and guardians to take an active role in their children's online activities. Our services are not aimed at people under 18 and OpenText does not knowingly collect personal information from children without appropriate parental or guardian consent. If you believe that we may have collected personal information from someone under the age of 13 (or the applicable age of consent) without proper consent, please submit your request in writing to the address found in the Contact Information section.
CONTACT INFORMATION
If you have questions regarding this privacy policy or our privacy practices,
1) please contact OpenText’s Data Protection Officer or OpenText Global Data Privacy Department at DPO@opentext.com or by mail at:
OpenText Global Data Privacy
Department
Prof. E.M. Meijerslaan 1
1183 AV Amstelveen
The Netherlands
OpenText Global Data Privacy
Department
275 Frank Tompa Drive
Waterloo, Ontario
N2L 0A1
Canada
2) write to the OpenText entity of which you are a customer or interacting with, at the following addresses available at: Worldwide office locations | OpenText
To exercise your privacy rights, please fill out the Data Subject Request Form, email us at DPO@opentext.com, or call our toll free number 1-866-397-0207.
Open Text will request certain verification information from individuals for both access and deletion requests made under the CCPA as amended, to ascertain that any received request is valid. You can also designate an authorized agent to submit requests to exercise your data protection rights to OpenText. Such authorized agent must be registered with the California Secretary of State and submit proof that you have given authorization for the agent to act on your behalf.
When you contact us, please indicate in which country and/or state you reside.
Furthermore, if you think your rights as stated in this privacy policy or under applicable data protection laws have been violated, you can at any time, to the extent required by applicable law, lodge a complaint with the relevant data protection authority.
CHANGES TO THIS PRIVACY POLICY
OpenText may update this policy from time to time. If we modify this policy, we will post the revised version here. You should review this page periodically for updates.
If we make a change that significantly affects your rights or, to the extent we are permitted to do so, significantly change how or why we use personal information, we will notify you by way of a prominent notice or pop-up on our Website.
Note: In addition to the entities referenced above, this policy applies to:
-
The products and services of Total Defense, LLC (formerly known as Total Defense, Inc.), a subsidiary of Open Text Corporation, including its Total Defense Mobile Security product; and
-
The products and services of Webroot, LLC (formerly known as Webroot Inc.), a subsidiary of Open Text Corporation, including its Webroot Mobile Security and Webroot for Chromebook.
This policy was last updated in April 2024.