Other Covered Entities
- Information and Communications Technology
UK Extension to the EU-U.S. Data Privacy Framework Framework: Active
EU-U.S. Data Privacy Framework Framework: Active
Swiss-U.S. Data Privacy Framework Framework: Active
Purpose of Data Collection
CrowdStrike processes HR Data received in reliance on the EU-U.S. DPF and, as applicable, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF for the following purposes: administration of the employment relationship, providing payments and benefits, managing daily job activities, compliance with laws and regulations (including health and safety obligations) and CrowdStrike policies and procedures, monitoring job performance, security and fraud prevention, compliance with corporate responsibilities, audit requirements, cost and budgeting analysis and controls. CrowdStrike processes the following HR Data: name, other identification data, bank account details, information related to the job, health-related information, salary and benefits, equity compensation and information related to use of company equipment and resources, communications, performance, and any disciplinary actions. CrowdStrike discloses HR Data to group companies, service providers, business partners, customers, government agencies and regulators (e.g., tax authorities), social insurance carriers, courts, and government authorities, and to external advisors acting as controllers (e.g., lawyers, accountants, auditors etc.), including in connection with a change in ownership or control of CrowdStrike. CrowdStrike processes personal data as both a Data Controller and as a Data Processor. As a Controller, CrowdStrike processes business contact information, audio, electronic & visual information, or other personal data provided to CrowdStrike when an individual visits our Websites or Web Portals. CrowdStrike processes this personal data for business & operational purposes, marketing & commercial purposes, security purposes, and legal and compliance purposes. As a Processor, to the extent CrowdStrike processes personal data via our Offerings, this is generally done under the authority and direction of customers and done in order to provide the Offering. Further information is available in Section 2 of the Privacy Notice. CrowdStrike's Privacy Notice is available at: https://www.crowdstrike.com/privacy-notice/
This Policy describes how CrowdStrike complies with DPF for Employee Personal Data.
CrowdStrike's non-HR data privacy notice
Verification MethodTRUSTe Dispute Resolution
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact CrowdStrike Holdings, Inc. at:
VP & Counsel, Privacy & Cyber Policy
Sunnyvale, California 94086-6012
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from CrowdStrike Holdings, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against CrowdStrike Holdings, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission