Other Covered Entities
- Information and Communications Technology
Swiss-U.S. Privacy Shield Framework: Active
EU-U.S. Privacy Shield Framework: Active
Purpose of Data Collection
OneLogin collects the following personal information when a customer registers for the OneLogin Service; first name, last name, and email address. After registration the customer administrator, as acting data controller, can add other personal information of their end users into the OneLogin Solution to enable those end users to use the Service. OneLogin does not collect end user information without consent or direction of the customer administrator. OneLogin uses a third party to perform credit card processing for those customers that pay for the paid subscription tiers of the Service. OneLogin does not retain credit card information.
This is the privacy notice that are working on publishing today. It will also include the following intro text: Update: We've submitted an application to participate in the Privacy Shield framework for personal data transfers from the EU to the US, and have updated this Privacy Notice to reflect our application. This Privacy Notice has already been reviewed by TRUSTe as described below.
Outside Compliance Review
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact OneLogin, Inc. at:
San Francisco, California 94111
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from OneLogin, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against OneLogin, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission