ServiceNow, Inc.

Active Participant

Other Covered Entities

ServiceNow Delaware LLC

Industries

  • Information and Communications Technology
  • Software

Participation

UK Extension to the EU-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 9/29/2023
Next Certification Due Date: 1/24/2024
Data Collected: HR, NON-HR

Swiss-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 5/19/2017
Next Certification Due Date: 1/24/2024
Data Collected: HR, NON-HR

EU-U.S. Data Privacy Framework Framework: Active

Original Certification Date: 10/7/2016
Next Certification Due Date: 1/24/2024
Data Collected: HR, NON-HR

Purpose of Data Collection

ServiceNow, Inc. ("ServiceNow") is a leading provider of enterprise cloud computing solutions that define, structure, manage and automate services across the global enterprise (the "Subscription Service") and related support services (the "Support Service") as well as expert services, including professional services, training and certification (the "Expert Services"). The Subscription Service, Support Service and the Expert Services are collectively referred to as the "Service". In connection with the Service, customers submit electronic data, which may include personal data about their EEA and Swiss employees, clients or other individuals, to ServiceNow's servers. ServiceNow hosts and processes the electronic data, including any personal data contained therein, at the direction of and pursuant to the instructions of its customers. ServiceNow accesses the electronic data, including any personal data contained therein, as necessary to provide and support the Service, including updating the Service and addressing customer support issues. In some cases, in accordance with our customer agreements, we may disclose personal data to business partners, affiliates or other service providers (collectively, “Subprocessors”) to provide services on our behalf or on behalf of our customers. ServiceNow maintains onward transfer agreements with its Subprocessors in compliance with our Privacy Shield obligations. ServiceNow also obtains certain personal data, such as contact information, about customers' representatives in connection with ServiceNow’s account management activities. In addition, ServiceNow obtains, uses, discloses and otherwise processes personal data regarding ServiceNow's current and former EEA and Swiss employees and job applicants for recruitment and human resources management, including managing all aspects of the employment relationship. ServiceNow may disclose personal data relating to the Service or to current and former employees and job applicants as detailed in our Privacy Shield Policy and Privacy Shield Policy for Human Resources.

Privacy Policy

HR Data

Data Privacy Framework Human Resources Policy
Description:

The purpose of this policy is to ensure ServiceNow, Inc. (“ServiceNow”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss – U.S. Data Privacy Framework (Swiss-U.S. DPF) set forth by the United States Department of Commerce (DoC) with respect to the collection, use and retention of Personal Data transferred from the European Union, United Kingdom (and Gibraltar), and Switzerland to the United States, respectively, as further described in the Scope section within this Policy. This Data Privacy Policy – Human Resources (“Policy”) outlines our commitment to the Data Privacy Framework principles (“Principles”) and our practices for implementing the Principles.

Effective Date: 9/28/2023

Non-HR Data

Document: Data Privacy Framework Policy
Description:

The purpose of this policy is to ensure ServiceNow, Inc. (“ServiceNow”) compliance with the EU-EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) set forth by the United States Department of Commerce (DoC) with respect to the collection, use and retention of Personal Data transferred from the European Union, United Kingdom (and Gibraltar), and Switzerland to the United States as further described herein (collectively, the “DPF Policy”). This DPF Policy outlines our commitment to the DPF Principles (the “Principles”) and our practices for implementing the Principles. The relevant web address where the ServiceNow DPF-consistent privacy policy is located is: https://www.servicenow.com/data-privacy-framework.html

Effective Date: 9/28/2023

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact ServiceNow, Inc. at:

Brendan Gavin
Director, Legal EMEA
ServiceNow, Inc.
Legal
2225 Lawson Ln
Santa Clara, California 95054-3311
brendan.gavin@servicenow.com
Phone: 353 1 588 4100

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from ServiceNow, Inc. to your question or complaint, please contact the independent recourse mechanism listed below


HR RECOURSE MECHANISM

UK Information Commissioner's Office (ICO)
Swiss Federal Data Protection and Information Commissioner (FDPIC)
EU Data Protection Authorities (DPAs)

NON-HR RECOURSE MECHANISM

ICDR-AAA DPF IRM Service
JAMS
Swiss Federal Data Protection and Information Commissioner (FDPIC)
EU Data Protection Authorities (DPAs)


Appropriate statutory body with jurisdiction to investigate any claims against ServiceNow, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission