Industries
- Information and Communications Technology
- Software
Participation
UK Extension to the EU-U.S. Data Privacy Framework Framework: Active
EU-U.S. Data Privacy Framework Framework: Active
Swiss-U.S. Data Privacy Framework Framework: Active
Purpose of Data Collection
As a service provider, we collect data from our customers and other individuals who may visit our websites or otherwise interact with Smartsheet, that may include personal data that has originated or relates to individuals residing in the EU, United Kingdom or Switzerland in two ways: Content our customers upload or submit to the Smartsheet online services (for which Smartsheet acts as a data processor) and other personal data that is provided to or collected by Smartsheet in relation to the websites, individuals’ interactions with Smartsheet or the provision of the online services (for which Smartsheet acts as a data controller). Personal data for which we act as a data controller includes login credentials, contact information, user’s name, company name, permissions, usage data, and other similar user data or data gathered directly or automatically from website visitors, event attendees, and other individuals; this data is used to facilitate customers’ access to Content, for related customer service purposes, and for Smartsheet's legitimate business purposes including analytics and improvement of the online services, customer engagement and marketing. With respect to Content, the categories of personal data that may be processed within the online services are determined and controlled by our customers (the data controllers) in their sole discretion. Smartsheet does not review, audit, block or otherwise control the Content that our customers upload, share, access, or otherwise process within the online services. Smartsheet retains limited rights to access Content to provide the online services, to respond to customer support requests, to prevent fraud, abuse, and violations of our policies and agreements, or as otherwise required by law. We use service providers and need to share personal data with them, to administer services made available to all Smartsheet customers, for customer support purposes, and as otherwise required to manage the customer relationship.
Privacy Policy
Non-HR Data
Smartsheet’s public-facing privacy policy is accessible via Smartsheet’s website that specifically addresses personal data Smartsheet collects as a data controller. It has been created in accordance with the Privacy Shield Principles and relevant guidelines and includes the applicable, required content. Our public facing privacy notice is comprised of the policy at the URL provided below and notices linked from there. We have created a tiered notice to promote readability.
Verification Method
Self-Assessment
Dispute Resolution
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact Smartsheet Inc. at:
Director, Privacy
Bellevue, Washington 98004
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from Smartsheet Inc. to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against Smartsheet Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission