About This Privacy Statement
This Privacy Statement explains how Cloudera, Inc. ("Cloudera," "we," "us" or "our") collects, stores, uses, discloses, and otherwise processes Personal Data relating to you and your rights in relation to your Personal Data. It applies to Personal Data we process when you use our website www.cloudera.com (the “Site”) or Cloudera products and services (the “Products”) (the Site and the Products collectively, the "Services"), as well as information collected by other means, such as through your interactions with us at events or through other sales and marketing activities.
Cloudera is the Data Controller of any Personal Data collected on or through the Site and processed for sales and marketing activities, as well as any Personal Data associated with our current, past, and prospective business clients (the "Clients") and their interactions with us and our Products.
Cloudera may act as a Data Processor with regard to Personal Data that our Clients submit or otherwise make available to Cloudera in connection with our performance and delivery of our Products. To the extent that we process any Personal Data as a Data Processor on behalf of a Client that is the Data Controller pursuant to an agreement between Cloudera and the Client, we offer our Client a Data Processing Addendum (the "DPA"), which the Client may request from a Cloudera representative. In this context, we will only use the Client’s Personal Data in accordance with our applicable agreement(s) and the DPA. Please note that our Clients’ privacy policies and practices apply to their own use of your Personal Data for which they are the Data Controllers. Cloudera is not responsible for Clients’ policies or practices, which may differ from those explained in this Privacy Statement.
Collection of Personal Data
Information You Provide
Cloudera collects information you provide directly to us. For example, we collect information when you create an account, use the Services, fill out a form, submit a job application, request customer support, or otherwise communicate or interact with us, including at in-person meetings or events. The types of Personal Data we may collect include your first and last names, company, job title or role, email address, postal address, telephone number, and other contact or identifying information you choose to provide.
Information We Collect When You Use Our Services
When you access or use our Services or otherwise interact with us, Cloudera may collect information about you, including the following:
- Log information: We log information about your use of the Services, including the type of browser you use, internet service provider, clickstream data, date/time stamp, pages and files viewed on our Site (e.g., HTML pages, graphics, etc.), your Internet protocol (“IP”) address, username, and the page you visited before navigating to our Services.
- Device information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers, and mobile network information.
- Blogs and Community Forums: Our Site offers publicly accessible blogs and community forums. Please be aware that any information you provide in these areas may be read, collected, and used by others who access them.
- Testimonials: We display personal testimonials of satisfied Clients on our Site in addition to other endorsements. With your consent, we may post your testimonial along with your name.
- Public Profiles: If you create a profile on our Site (e.g., to participate in Cloudera Community discussions), your profile will be publicly accessible unless otherwise indicated. You may change the privacy settings of your profile through your account portal.
- Social Media Widgets: Our Site includes social media features, such as the Facebook button or interactive mini-programs that run on our Site. These features may collect your IP address and information on which page you are visiting on our Site, and they may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing such features.
- Single Sign-On: You may apply for a job opening using sign-in services such as LinkedIn or an Open ID provider. These services will authenticate your identity, provide you the option to share certain Personal Data (such as your name and email address) with us, and pre-populate our application form. Services like LinkedIn give you the option to post information about your activities on our Site to your profile page to share with others within your network.
- Employees and Job Applicants: We may collect information related to your job application, including your full name, professional background and work history, and academic or educational background and history, as well as other contact information. With your consent (if required), we may conduct background checks on our potential employees. If we do so, the only information that we append to an application is the result (pass or fail) of that background check. This helps us to evaluate potential candidates for employment. We do not otherwise append Personal Data on results of the background check to an application. With respect to employees, we may collect additional information about you, including, but not limited to, information about your salary and benefits.
- Product Diagnostic and Telemetry Data: When our Clients use our Products, we may collect certain usage data, including configuration files, metrics count, software versions, log files, and other information regarding our Clients’ computing environments and use of the Products. Clients have the option to configure the diagnostic function in our Products to disable automatic reporting of such data to Cloudera. For purposes of clarity, however, this diagnostic functionality does not include metering capabilities within Cloudera online Services which Cloudera uses to determine Client’s usage for billing purposes. Client may not disable, tamper with, or otherwise alter any such metering capabilities within such Services. We may combine such data with other information we have collected, including information from public sources or third parties or information you provide to us when you download our Products, request information, or otherwise communicate with us, including the name of your organization or company.
- Inferences: We may infer new information about you and your company from data we collect, including information about your likely preferences, your product and service needs, or other characteristics.
In addition, Cloudera may collect information about you from public sources and third parties in accordance with applicable privacy laws. This information may include your full name, company, job title/role, email address, postal address, telephone number, and other contact or identifying information.
Third-party Websites and Framing of Partner Content
Cloudera’s Site may link to third-party websites, which have different privacy policies and practices than our own and over which Cloudera has no control. Also, some of our pages utilize framing techniques to serve content from our partners while preserving the look and feel of our Site. In such case, please be aware that you are providing your Personal Data to these third parties and not to Cloudera.
Cloudera encourages you to carefully review the privacy policies of these third parties before submitting your Personal Data to them. If you receive marketing communications from these third parties and wish to stop receiving marketing messages from them, please contact these third parties directly.
Sensitive Personal Data
Unless Cloudera specifically requests your Sensitive Personal Data, we request that you not send or disclose to us any such data (e.g., social security numbers and information related to racial or ethnic origin, political opinions, religion or trade union membership, health, biometrics or genetic characteristics, and criminal background) on or through the Services or otherwise to us.
Use of Personal Data
Lawful Bases and Business Purposes
Cloudera may collect and use Personal Data pursuant to several legal bases, including contract performance (namely, to perform our agreements and manage our contractual relationship with you), compliance with our legal or regulatory obligations, our legitimate interests, and your consent.
Cloudera may use Personal Data for a broad range of business purposes, including to do the following:
- Provide, maintain, and improve our Services; and
- Provide and deliver the Products you request, such as to:
- process information according to your instructions pursuant to an agreement, such as the DPA;
- process transactions, and send you related information, including confirmations and invoices;
- send you technical notices, updates, security alerts, and support and administrative messages;
- process payments on your account or bill you for Products or Services purchased by you; and
- respond to your comments, questions, and requests and to provide customer service.
- Data analysis (e.g., to improve the efficiency of our Services);
- Audits (i.e., to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements);
- Fraud and security monitoring (e.g., to detect and prevent cyberattacks or malicious, deceptive, fraudulent, or illegal activity, such attempts to commit identity theft);
- Develop new products and services;
- Identify and repair errors that impair existing intended functionality of the Services;
- Enhance, improve, repair, maintain, upgrade, or modify our current products and services, as well as undertaking quality and safety assurance measures;
- Identify usage trends (e.g., to understand which parts of our Services are of most interest to users);
- Determine the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users; and
- Operate and expand our business activities (e.g., to understand which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests).
- Consider and manage your job application and our employer-employee relationship or the relationship with a consultant, contractor, vendor, or other third party providing services on our behalf; and
- Process and deliver contest entries and rewards:
- We may offer you the opportunity to participate in a sweepstakes, contest, or other promotion. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Data. Please read those additional rules before choosing to participate.
- Facilitate social sharing functionalities;
- Market Products that may be of interest to you, including through tailored communications, such as telemarketing, emails, newsletters, or other content;
- Solicit and process your opinions through surveys; and
- Develop our Services and other purposes related to Cloudera’s business, such as to:
- analyze or predict our users’ preferences to prepare aggregated trend reports on how our digital content is used, so we can improve our Services;
- understand your interests and preferences, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests;
- understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you; and
- provide personalized services.
Cloudera may anonymize Personal Data so that it will no longer be considered Personal Data. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.
Sharing of Personal Data
How We May Share Personal Data
Cloudera may share Personal Data about you as follows:
- Affiliates / Subsidiaries: With our affiliates or subsidiaries for the purposes described in this Privacy Statement.
- Third-Party Service Providers and Consultants: With service providers, consultants, and other third parties who need access to your information to carry out work on our behalf, such as providing product and service functionality, customer service, billing, and invoicing, and conducting research and analysis.
- Third-Party Sponsors: With our third-party sponsors of sweepstakes, contests, and similar promotions.
- Business Partners: With our commercial business partners that offer solutions and services complementary to Cloudera’s offerings, including resellers, system integrators, software providers, or consultant agencies. See our current list of partners here.
- Mergers and Acquisitions: In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company. In this event, you will be notified via email and/or a prominent notice on our Site, of any change in ownership, uses of your Personal Data, and choices you may have regarding your Personal Data.
Please note that, by using the Services, you may elect to disclose Personal Data on message boards, chat, profile pages, blogs, and other services to which you are able to post information and content. Any information you post or disclose through these services will become public and may be available to other users and the general public.
Third-party analytics and advertisements
Cloudera performs analytics on the functioning of our Site. Specifically, Cloudera uses an integrated version of Google Analytics. You may opt out from Google Analytics by using the Google’s Ads Preferences Manager. We also encourage you to use the Google Analytics Opt-out Add-on.
Service Providers and Sub-processors
Cloudera may transfer or disclose Personal Data to third-party service providers that help us provide our Services. In addition, when we process Personal Data on behalf of our Clients, we may engage sub-processors to help deliver our Products. Our current list of sub-processors is available here. Our agreements with Clients cover data transfers to third parties.
We Do Not Sell Your Personal Data
Cloudera does not “sell” your Personal Data (as the term “sale” or “sell” is defined under the California Consumer Privacy Act), and we will not do so without offering you the right to opt out of any such sale.
Cloudera uses commercially reasonable organizational, technical, and administrative measures to help protect Personal Data from accidental or unlawful loss, alteration, destruction, theft, misuse, and unauthorized access and disclosure. We follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and once it is received. Visit our Information Security and Compliance page for additional information. Please keep in mind that no security measures are completely effective, and we encourage you to regularly review your accounts for suspicious activity and carefully guard your credentials.
Cloudera retains Personal Data for as long as necessary for our legitimate business purposes and/or as lawfully permitted given the purpose(s) for which we obtained it and consistent with applicable law. We use the following criteria to determine our retention periods:
- The length of time we have an ongoing relationship with you and to provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
- Whether there is a legal or regulatory obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable considering our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
International Personal Data Transfers
As a global company, Cloudera may process Personal Data in multiple countries, including the United States. Cloudera may store and process your Personal Data in any country where we have facilities, affiliates or subsidiaries, or in which we engage third-party service providers. By using the Services, you understand and acknowledge that we may transfer your Personal Data from your country of residence to other countries, including the United States, which may have data protection laws or rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may have legal authorization to access or request disclosure of your Personal Data.
Cloudera may transfer Personal Data from the European Union (EU), the European Economic Area (EEA), Switzerland, and/or the United Kingdom (UK) to a third country. The European Commission, Switzerland, and the UK recognize several third countries as providing adequate levels of data protection and granted such countries adequacy decisions, which allow the lawful transfer of Personal Data to such countries. To conduct lawful transfers of Personal Data to third countries without such adequacy decisions, Cloudera relies on appropriate safeguards, such as Standard Contractual Clauses (SCCs). You may obtain a copy of these SCCs by contacting us in accordance with the “How to Contact Us” section below.
Your Privacy Rights Concerning Your Personal Data
Marketing and Promotional Communications
Cloudera may periodically send you free newsletters and emails that directly promote the use of our Site or the purchase of our Products. When you receive newsletters or marketing and promotional communications from us, you may indicate a preference to stop receiving further communications from us. You will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the email you receive or by submitting a request to unsubscribe here.
Your Privacy Rights
Depending on the data protection or privacy law applicable to you and your Personal Data, you may be entitled to exercise one or more of the following rights:
- Right to Know about Personal Data Processing and to Access Personal Data
- Right to Delete or Erase Personal Data
- Right to Correct Inaccurate or Incomplete Personal Data
- Right to Data Portability
- Right to Restrict Processing of Personal Data
- Right to Object to Processing of Personal Data
- Right to Withdraw Your Consent at Any Time (where the lawful basis of processing is consent)
Exercising Your Privacy Rights
If you would like to exercise one or more of your privacy rights, please submit a request to us at firstname.lastname@example.org. You may also submit your request via one of our contact methods listed in the section titled “How to Contact Us.”
To help us respond appropriately, please make clear the nature of your request and the Personal Data to which it pertains. For your protection, we may only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain Personal Data for legitimate business purposes, to comply with legal or regulatory obligations, to establish, exercise, or defend legal claims, and/or to perform a contract (e.g., complete any transactions that you began prior to requesting a change or deletion).
If you become aware that a profile has been created about you without your consent or knowledge, you may contact us to request deletion of such account.
California Privacy Notice
The California Consumer Privacy Act (“CCPA”) provides California residents with the right to know, right to delete, right to opt-out of the sale of personal data, and the right to non-discrimination.
- Right to Know: This Privacy Statement identifies the categories of Personal Data Cloudera collects and how we use and disclose such information, the sources of information, the purposes for using that information, and the third parties to which we may disclose information. You may request a copy of the Personal Data that we have collected, used, and disclosed about you in the 12-month period preceding the date of your request. We will provide such information to you free of charge.
- Right to Delete: As noted in the section above titled “Your Privacy Rights Concerning Your Personal Data,” you may request that Cloudera delete certain Personal Data we have about you.
- Right to Opt-out: As noted in the section above titled “Sharing of Personal Data,” Cloudera does not sell your Personal Data, but will give you the right to opt-out if Cloudera decides otherwise.
- Right to Non-discrimination: Cloudera will not discriminate against you for exercising your privacy rights.
If you would like to exercise a privacy right under the CCPA or you are an authorized agent making a request on a California consumer’s behalf, please contact us at email@example.com or 1-888-789-1488. When making your request, please specify which right you would like to exercise and note that we must verify your identity and may need to ask you to provide additional information for purposes of verification. For more information on how we process requests, please refer to the section above titled “Your Privacy Rights Concerning Your Personal Data.”
Data Privacy Complaints
How You Can Lodge a Complaint
To make a complaint about data privacy, please contact us at firstname.lastname@example.org.
To help Cloudera address the issue effectively, please clearly state the following in your complaint:
- The specific data privacy complaint with as much detail as possible, including the relevant country, your understanding of the data privacy infringement and issues, and the redress requested;
- Your full name and how we can contact you; and
- Any previous correspondence with us on this specific data privacy issue.
Cloudera aims to resolve all issues in a timely manner, or as mandated by local law, but if this is not possible because a more detailed investigation is required, we will try to keep in regular contact with you to ensure that you are kept informed of the progress on your matter.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Data Protection Authorities
If you are not satisfied with Cloudera’s resolution of your complaint, you may have the right to lodge a complaint with the competent data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs.
Personal Data Processed on Behalf or for Our Clients
When Cloudera collects or processes Personal Data under the direction of its Clients, Cloudera has no direct relationship with the individuals whose Personal Data it processes. If Cloudera processes your Personal Data at the direction of a Client, and you have a concern or would like to exercise a privacy right related to your Personal Data, please contact the relevant Client directly.
Use of this Site by Children
These Services are not intended for or directed to anyone under the age of 16 years. Cloudera does not knowingly collect Personal Data of individuals under the age of 16. If you are younger than 16, you should not register with or use the Services.
Changes to this Privacy Statement
Cloudera may update this Privacy Statement from time to time to reflect changes in our business and practices. If we make material changes, we will notify you or our Client by revising the date at the top of the policy, and in some cases, including as required by law, we may provide you with more prominent notice. We encourage you to review this Privacy Statement whenever you access the Services to stay informed about our information practices and the ways you can help protect your privacy.
How to Contact Us
If you have any questions about this Privacy Statement or need to contact us with any questions, complaints, or concerns about how Cloudera handles your Personal Data, you may reach us as follows:
5470 Great America Parkway
Santa Clara, CA 95054
Attn: Data Protection Officer
Cloudera Data Policy
This Data Policy (the “Policy”) describes Cloudera’s policy for handling, storing, and otherwise treating certain types of data of Cloudera’s customers (each, a “Customer”), including data associated with individual users and employees of Customer organizations, in each case pursuant to a Customer Agreement (as defined below). “Cloudera” means Cloudera, Inc. and its subsidiaries and affiliates.
Additional policies that apply to specific Cloudera Products and Services can be found at the end of this Policy, in the section entitled “Service-Specific Terms.”
Cloudera collects information that a Customer or other data sources send to Cloudera as part of such Customer’s use of Cloudera Products and Services. This data is addressed in three categories, “Transaction Data”, “Account Data” and “Personal Data”, each as defined below.
TRANSACTION DATA AND ACCOUNT DATA
Cloudera understands the sensitive nature of the data that Customer or Customer’s organization may provide while using Cloudera Products and Services. Cloudera will maintain commercially reasonable administrative, physical and technical safeguards designed for the protection, confidentiality and integrity of Customer’s Transaction Data and Account Data.
Data Use by Cloudera
Access. Cloudera places strict controls over its employees’ access to Customer’s Transaction Data and Account Data that resides in the Cloudera Products and Services, and is committed to ensuring that Customer’s Transaction Data and Account Data is not used by anyone who should not have access to it. The operation of the Cloudera Products and Services requires that some employees have access to Customer systems which store and process Customer’s Transaction Data and Account Data. For example, in order to diagnose a problem Customer is having with Cloudera Products and Services, the Cloudera support team may need to access Customer’s Transaction Data. These employees are prohibited from using these permissions to view Customer’s Transaction Data unless it is necessary to do so.
Ownership. As between Cloudera and Customer, Customer or its licensors own all right, title, and interest in and to the Transaction Data and Account Data. Cloudera obtains no ownership rights under this Agreement from Customer or its licensors to any Transaction Data or Account Data.
Use of Transaction Data. Cloudera will treat Transaction Data as confidential and will use it only to: (i) facilitate operation of the Cloudera Products and Services; (ii) enhance the use of the Cloudera Products and Services and its related web pages; (iii) perform internal tracking to improve Cloudera Products and Services; (iv) analyze the extent to which Customers use Cloudera Products and Services; (v) enable Cloudera to contact its Customers; (vi) process, bill and invoice Customer’s transactions for Cloudera Products and Services usage; (vii) make backups in order to prevent data loss; and (viii) comply with the law or a binding order of a governmental body. This permission includes allowing us to use third-party service providers in the operation and administration of Cloudera Products and Services and the rights granted to us are extended to these third parties to the degree necessary in order for Cloudera Products and Services to be provided. The Privacy Statement does not apply to Transaction Data.
Use of Account Data. Cloudera will only use Account Data in accordance with the Privacy Statement, and Customer consents to such usage.
Feedback. If any Customer users provide Cloudera with any feedback, support tickets, reported defects, usability enhancements, feature requests or suggestions regarding Cloudera Products and Services, Customer grants Cloudera an unlimited, irrevocable, perpetual, free license to use any such feedback or suggestions for any purpose without any obligation to Customer.
Retention of Transaction Data and Account Data
Data collected by Cloudera as part of diagnostic bundles will be retained for a period of 12 months. All other Transaction Data and Account Data may be retained no longer than as permitted by governing law, but in no event longer than for the life of the related Cloudera product + 10 years.
Incident Management and Response
In the event of a security breach involving Cloudera Products and Services, Cloudera will promptly notify each affected Customer of any unauthorized access to any of such Customer’s Transaction Data or Account Data that was stored in Cloudera Products and Services. Cloudera has internal incident management procedures in place to handle such an event.
Product Security Practices
New features, functionality, and design changes go through a security review process facilitated by Cloudera’s security team. The security team works closely with development teams to resolve any additional security concerns that may arise during development.
Cloudera’s current Privacy Statement is incorporated into this document and includes important terms regarding Cloudera’s handling of Personal Data. The sections above relating to Incident Management and Response and Product Security Practices also apply to Personal Data.
Customer Account and Account Data
To access certain Cloudera Online Services, Customer may be asked to create a Cloudera account associated with a valid e-mail address (a “Customer Account”). Customer may only create one account per email address. Customer is responsible for: (i) maintaining the confidentiality of the Account Data, (ii) monitoring and controlling which end users have access to the Customer Account; and (iii) all activities that occur under the Customer Account, regardless of whether the activities are undertaken by Customer, Customer’s employees or a third party (including Customer’s contractors or agents). Except to the extent caused by Cloudera’s breach of this Data Policy, Cloudera and its Affiliates are not responsible for unauthorized access to the Customer Account. Customer will contact Cloudera immediately if Customer believes an unauthorized third party may be using the Customer Account or if Customer’s Account Information is lost or stolen.
Customer must not: (i) use, or encourage, promote, facilitate or instruct others to use, Cloudera Products and Services for any illegal, harmful or offensive use, or to transmit, store, display, distribute or otherwise make available content that is illegal, harmful, or offensive; (ii) use Cloudera Products and Services to violate the security or integrity of any network, computer or communications system, software application, or network or computing device; (iii) make network connections to any users, hosts, or networks unless Customer has permission to communicate with them; (iv) use Cloudera Products and Services to transmit spam, bulk or unsolicited communications; or (v) use Cloudera Products and Services to collect and store personally identifiable information about any person unless specifically authorized by such person.
Transaction Data, Account Data and Personal Data
Customer is solely responsible for the creation, operation and maintenance of Transaction Data, Account Data and Personal Data. For example, Customer is solely responsible for:
- the technical operation of Cloudera Products and Services, including ensuring that calls Customer makes to any Cloudera Online Service are compatible with then-current APIs for that Cloudera Online Service;
- compliance with the Acceptable Use provisions herein;
- compliance with all applicable laws;
- any claims relating to Transaction Data, Account Data and Personal Data;
anonymizing data to the extent Customer deems it reasonable or prudent to do so; and
- properly handling and processing notices sent to Customer (or any of its affiliates) by any person claiming Customer’s data violates such person’s rights, including notices pursuant to the Digital Millennium Copyright Act.
Customer agrees that its Transactional Data, Account Data and Personal Data will not include information regulated under the International Traffic in Arms Regulations (U.S. government regulations addressing defense-related articles and services).
Customer agrees not to upload, post or otherwise transmit to Cloudera any Transaction Data that: (a) is inaccurate, harmful, obscene, pornographic, defamatory, racist, violent, offensive, harassing, or otherwise objectionable; (b) includes unauthorized disclosure of personally identifiable information or other confidential information; (c) violates or infringes any third party intellectual property rights; or (d) contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment. Cloudera reserves the right to edit or remove Transaction Data that violates this Policy.
By providing Transaction Data, Customer represents and warrants to Cloudera that Customer owns or otherwise possesses all intellectual property rights and other rights necessary to provide such Transaction Data and to permit others to make use of such Transaction Data.
Security and Backup
Customer is responsible for taking its own steps to maintain appropriate security, protection and backup of Transactional Data, Account Data and Personal Data, which may include the use of encryption technology or anonymization to protect such data from unauthorized access.
Cloudera Products and Services that store or process Customer Data are either located on a third-party hosting site or on Customer’s own servers. As such, Cloudera has no liabilities or obligations with respect to Customer Data under this Data Policy.
“Account Data” means information about Customer that Customer provides to Cloudera in connection with the creation or administration of its Cloudera account. For example, Account Data includes names, user names, phone numbers, email addresses and billing information associated with Customer’s Cloudera account.
"Cloudera Products and Services" means any of Cloudera’s products and software to which Customer may have subscribed under the terms of a Customer Agreement, including but not limited to Cloudera Manager, Cloudera Enterprise, Cloudera Live, Cloudera Express, Cloudera Altus Director, any Cloudera Online Services, any trial software, and any software related to the foregoing.
“Customer Agreement” means the separate agreement between Customer and Cloudera governing Customer’s use of the Cloudera Products and Services.
“Customer Data” means any of Customer’s originating data that might be stored in nodes and accessed by Cloudera’s software or other third-party software.
“Personal Data” means data that can identify an individual or that is associated with the identity of an individual.
“Privacy Statement” means the privacy Statement currently referenced at https://www.cloudera.com/legal/policies.html#privacy, as it may be updated by Cloudera from time to time.
“Transaction Data” means all data that is (i) input into Cloudera Products and Services by Customer or its end users, (ii) generated by Cloudera’s systems as a result of Customer’s or its end users’ use of the Cloudera Products and Services, or (iii) data that is generated for troubleshooting and diagnostics, in each case that is transmitted to Cloudera. Transaction Data does not include Customer Data.
In the event of a conflict between this Policy and the terms of the applicable Customer Agreement, the terms and conditions of this Policy apply, but only to the extent of such conflict.
Cloudera Navigator Optimizer and Workload Analytics
Data Use. Cloudera’s Navigator Optimizer service (“Optimizer”) and Workload Analytics service (“Workload Analytics”) do not collect or store any Personal Data or Customer Data. These services may collect and/or store certain types of Transaction Data such as Customer’s queries or workload information (“Analytics Data”). While Analytics Data is confidential information and will be protected pursuant to the provisions in this policy that apply to Transaction Data, Optimizer and Workload Analytics are not databases of record for the storage of Analytics Data. Retention of this Analytics Data is not Cloudera’s responsibility.
Availability. Cloudera is committed to making Optimizer and Workload Analytics highly-available services that Customers can count on. To the extent feasible, Cloudera’s infrastructure runs on systems that are fault-tolerant, for failures of individual servers. Cloudera’s operations team tests disaster-recovery measures regularly and staffs a team to quickly resolve unexpected incidents. However, at this time Cloudera makes no uptime or availability guarantees with respect to Optimizer or Workload Analytics or retention of Analytics Data.
Cloudera DataFlow for the Public Cloud
Cloudera DataFlow for the Public Cloud (“CDF-PC”) provides the capability for Customer to centrally manage data flows across multiple server clusters, environments, and public cloud providers. To enable this, CDF-PC allows Customer to upload and store certain metadata about Customer’s data flows (“Flow Definitions”) in a central catalog within CDP Public Cloud Control Plane (“Control Plane”). Each Flow Definition is encrypted with its own unique encryption key and stored in Control Plane where it may then be accessed by Customer. Customer may use CDF-PC to: (a) load Flow Definitions into a Customer Environment (as such term is defined in the Cloudera Online Services Terms of Service) in CDP Public Cloud, and (b) execute the Flow Definitions in the Customer Environment.
Control Plane is hosted and runs in a multi-tenant environment. Cloudera does, however, implement reasonable technical controls and safeguards designed to help ensure logical separation and privacy as between different Cloudera customer accounts.
Flow Definitions are considered Transaction Data as such terms is used in this Data Policy; provided, however, that, notwithstanding anything to the contrary in this Data Policy, Cloudera will use Flow Definitions only for the following purposes: (a) to store Flow Definitions that are loaded into Control Plane by Customer, (b) to remove from Flow Definitions any content that violates this Data Policy, and (c) to the extent necessary to (i) investigate CDP Public Cloud security issues; (ii) investigate CDP Public Cloud performance issues, or (iii) comply with applicable law or a binding order of a governmental body.
As Flow Definitions are Customer-generated content, Customer (not Cloudera) is solely responsible for ensuring that Flow Definitions contain the intended information (that is, metadata describing Customer’s dataflow logic) and do not contain data prohibited from being included in Transaction Data by this Data Policy. Without limiting the foregoing, Customer must ensure that neither the name of each Flow Definition nor the Flow Definition content includes any personal data (including without limitation personally identifiable information (PII), personal health information (PHI) regulated under the Health Insurance Portability and Accessibility Act of 1996 (as amended and supplement) (HIPAA)), or cardholder data as defined under the Payment Card Industry Data Security Standard (PCI-DSS). Customer is responsible for ensuring that Flow Definitions adhere to the “Acceptable Use” terms of this Data Policy, including without limitation, those terms that prohibit Customer from using CDP Public Cloud, CDF-PC or Flow Definitions (i) in any manner that would violate the security or integrity of any network, computer or communications system, software application, or network or computing device, or (ii) for any illegal, harmful or offensive use, or to transmit, store, display, distribute or otherwise make available content that is illegal, harmful, or offensive.