2022 Gartner® Magic Quadrant™ SIEM
Get the reportMore
Effective Date: 11/01/2017
Last Updated: 03/06/2020
This Privacy Statement describes the privacy practices of Sumo Logic, Inc. and its affiliates (“Sumo Logic”, “we” or “us”) and applies to the information we collect about you when you use our websites or cloud analytics solutions (collectively, the “Services”), or when you otherwise communicate with us. This statement does not apply to the information we process on behalf of our customers via our cloud analytics solutions (which is subject to our customer agreements), but it does apply to the information we collect about the individuals that use these solutions on behalf of our customers. Please refer to our Privacy Shield Notice for additional information on how we process on behalf of our customers via our cloud analytics solution.
We may change this Privacy Statement from time to time. If we make changes, we will notify you by revising the date at the top of this statement and, in cases where there are material changes we will provide you with additional notice (such as adding a statement to our website homepage or sending you a notification) prior to the changes becoming effective. We encourage you to review the Privacy Statement whenever you access the Services or otherwise interact with us to stay informed about our information practices and the choices available to you.
Collection of Information
Use of Information
Sharing of Information
Advertising and Analytics Services Provided by Others
Information for California residents
Individuals in the European Economic Area (EEA), Switzerland and UK
Information You Provide to Us
We collect information when you register for an account, fill out a form or a survey, attend an event or training, post on our blog or Community forum, make a purchase, request customer support, access content (like a whitepaper), apply for a job, or otherwise communicate with us. The information you may provide includes your name and contact information (including email, phone and address), company information (including name and job title), social media handles, account username and password, payment method information, and any other information you choose to provide us.
Automatically Collected Information
When you use our Services, we collect the following information about you:
Information We Collect from Other Sources
We also obtain information about you from other sources. For instance, we receive information about contacts of potential customers through other sites that distribute our content or webinars, from data analytics and marketing services like Dun & Bradstreet and through refer-a-friend tools made available on our Services. This information includes your name, contact information (including email and phone), job title, and company.
We use the information we collect to:
We share information about you as follows or as otherwise described in this Privacy Statement:
We also share aggregated or other information not subject to obligations under the data protection laws of your jurisdiction.
Various browsers allow a “do not track” (DNT) setting that relies on a technology known as a DNT header, which sends a signal to websites visited by the individual about the individual’s browser DNT setting. At this time, there is no general agreement on how companies like Sumo Logic should interpret DNT signals. Therefore, Sumo Logic does not currently commit to respond to DNT signals, whether that signal is received on a computer or on a mobile device.
You may update certain account information you provide via our Services (such as your name and email address) by logging into your account, but note that we retain certain information when required or permitted by law.
You may opt out of receiving promotional emails or text messages from Sumo Logic by following the instructions in those emails or text messages. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.
If you have any questions about this Privacy Statement, please contact us at: firstname.lastname@example.org, or by mail to:
Sumo Logic Inc.
c/o Legal Department
305 Main Street
Redwood City, CA 94063.
If you are in the European Economic Area (EEA), UK or Switzerland, you may also contact us at: email@example.com or by mail to:
c/o General Counsel
London, WC2B 6HN.
This section provides additional disclosures required by the California Consumer Privacy Act (“CCPA”).
In the last 12 months, we collected the following categories of personal information: identifiers (such as name and contact information), professional or employment-related information and education history (such as for job applications or about potential and current customer contacts), internet or other electronic network activity information (such as browsing behavior), inferences (such as approximate location or product interests) and other personal information (such as payment method information). For more details about the personal information we collect, including the categories of sources, please see the “Collection of Information” section above. We collect this information for the business and commercial purposes described in the “Use of Information” section above. We share this information with the categories of third parties described in the “Sharing of Information” section above.
Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories and specific pieces of personal information, to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.
California consumers may make a rights request by contacting us at firstname.lastname@example.org.
The remaining sections of this statement apply to you if you use our Services while in the EEA, Switzerland or UK.
Legal Basis for Processing
When we process your personal data we will only do so in the following situations:
Data Subject Requests
Subject to certain limits and conditions provided under law, you have the following rights:
If you would like to exercise any of these rights, you may contact us as indicated in the “Contact Us” section above.
We retain personal data no longer than is necessary for the purposes for which it is processed, unless applicable law requires storage for a longer period of time.
Sumo Logic processes and stores information in the U.S. and other countries, which may not provide equivalent levels of data protection as your home jurisdiction. For example, we transfer personal data to our corporate affiliates located in the United Kingdom, Poland, United States, Japan, India and Australia for the purposes described in this Privacy Statement. Transfers to Sumo Logic Inc. in the United States are pursuant to the Privacy Shield as discussed below. Transfers to other jurisdictions not deemed adequate by the European Commission are pursuant to Standard Contractual Clauses adopted by the European Commission, copies of which are available Here and Here.
Privacy Shield Notice
References to “we” or “us” in the following paragraph refer only to Sumo Logic Inc. We adhere to the EU-U.S. and Swiss-U.S. Privacy Shield Framework Principles issued by the U.S. Department of Commerce (the “Principles”) in connection with our transfer of personal data to the United States that relates to individuals in the EEA, UK and Switzerland (“Covered Data”). We are committed to subjecting all personal data including Covered Data received from the EEA, UK and Switzerland in reliance on the Privacy Shield Framework and the Principles. For more information about the Principles and to view our certification, please visit the Department of Commerce’s Privacy Shield List at www.privacyshield.gov/list. You may contact us about any question or complaint regarding our adherence to the Principles as indicated in the ‘Contact Us’ section above or submit the form here https://www.sumologic.com/contact-us/. Under certain conditions specified by the Principles, you may also be able to invoke binding arbitration to resolve your complaint. We are subject to the investigatory and enforcement powers of the Federal Trade Commission. If we share Covered Data with a third-party service provider that processes the data solely on our behalf, then we will be liable for that party’s processing of Covered Data in violation of the Principles, unless we can prove that we are not responsible for the event giving rise to the damage.