Privacy Policy

Introduction

This Privacy Policy (‘policy’) applies to Open Text Corporation and its affiliates (hereinafter referred to as ‘OpenText’, ‘we’, ‘us’, ‘our’) and provides information on the collection, use and sharing of your personal information. This includes personal information collected via our websites and portals (‘Website’), our products, services or personal information collected from you directly, such as in person, via telephone or email, or indirectly through third parties in the course of our business.

A current listing of our subsidiaries is available in our Annual Report. This policy applies to our subsidiaries to the extent they have access to your personal information.

This policy does not apply to the extent we process your personal information in the role of a processor or service provider on behalf of our customers.

OpenText supports the right to privacy and understands the importance of protecting personal information and complying with applicable data protection laws. We have appointed a Data Protection Officer for assisting with questions regarding this policy and the processing of your personal information. For details on how to contact us, see the Contact Information section below.

This policy describes:

• What Data We Collect and Why We Use It
• How We Collect Your Data
• How We Share Your Data
• How We Protect Your Data
• How Long We Store Your Data
• Your Privacy Rights
• Children’s Privacy
• Contact Information

What Data We Collect

The personal information we process about you and how we collect it can vary depending on (a) the product(s) or service(s) you use; (b) how you use the product(s) or service(s); (c) how you have interacted with OpenText and (d) the personal information that we have obtained from a customer or from a third party with permission to share such information with us. Refer to the table below for more details on the categories of information collected and purposes of use.

Automated Decisions. To the extent permitted by applicable law, OpenText may collect data in an automated manner and make and use automated decisions about customers in order to provide or optimize the products and services, for security or analytics purposes, to display advertisements and offers based on individual preferences and for any other lawful purpose.

Why We Use Your Data: OpenText processes personal information to respond to your requests, to provide you OpenText products and services, including information, support and delivery and access to online resources. Some of the specific purposes of use of your personal information include:

Table 1

OpenText may combine the personal information you provide with information that is not collected directly from you. Data not provided directly by you may be supplied by OpenText’s vendors and/or partners. Refer to Personal Information Collected from Third Parties for additional information. Also, see Cookie Technology section for details on what and how we collect using cookies and similar tracking technologies.

In certain circumstances, if you do not provide us with personal information we need, we may not be able to provide certain products or services or comply with our legal obligations. We will let you know when we need personal information from you and the consequences of failing to provide us with that personal information.

The legal basis for collecting and using the personal information described above will depend on the personal information concerned, applicable privacy laws and specific context in which we collect it, such as:

• With customer or user consent,
• Where the processing is necessary for the performance of a contract,
• Where necessary to comply with law and
• Where the processing is necessary for the purposes of our legitimate interests, taking into account individual interests. Refer to Table 1 for list of legitimate interests.

How We Collect Your Data

We collect personal information through various means, for example, via our Website(s), order forms and through provision of products or services, from third-party service providers, customer support activities and at meetings, exhibitions and events (both physical or digital). Your employer, as a customer or partner of OpenText, may provide your contact information as required to provide OpenText products or services. We also collect personal information where you or your employer is a customer of a business we may acquire. We may also collect information about you on CCTV when you visit our premises or on other security cameras as part of our security and crime prevention measures. The Website(s) may also collect information about your visits to the Website without you actively submitting such information through cookie technology.

Cookies: OpenText uses cookies to collect information about the use of its Website(s), either directly or through third-party tracking providers. For more information, refer to our Cookie Policy.

Do Not Track (DNT): Your browser setting may allow you to automatically transmit a "Do Not Track" (DNT) signal to websites and online services that you visit. There is no consensus among industry participants as to what DNT means in this context, and some browsers automatically apply DNT signals by default and therefore do not necessarily reflect our visitors' choice as to whether they wish to receive advertisements tailored to their interests. As a result, like many websites, we do not respond to a DNT signal from a visitor's browser. To find out more about DNT, please visit http://allaboutdnt.com. However, you may elect not to accept cookies by changing the designated settings on your web browser or opting out of the OpenText cookies. Please note that if you do not accept certain cookies, you may not be able to use all functions and features of our Website(s). Consent for use of cookies varies depending on the jurisdiction. Click here for more information about OpenText’s Cookie Policy and options on how to manage your cookies preferences.

Personal Information Collected from Third Parties: OpenText obtains personal data from third parties. For example, OpenText may collect and receive personal information about you from companies that distribute OpenText products by way of co-branded or private-labeled websites. Companies with which OpenText partners to market, resell and distribute its products and services, which may include the payment gateways we work with, also may supply us with personal information in order to help us fulfil orders and provide services. We may also collect your personal information from public sources or from data brokers (for example, LinkedIn, ZoomInfo, Dun & Bradstreet) to the extent the local regulations allow. Personal information collected through such sources may include your name, email address, mailing address, business phone and job title. We may add this information to the information we have already collected from you via our Website or other sources.

API Services: For certain limited services provided by OpenText, we use third party API Services such as the YouTube API or Google API. Such third-party API services used in OpenText products only capture data you designate OpenText to access on third party platforms. Such data may include your content stored on third party sites, associated meta data, and account information related to those third-party sites. Data collected by OpenText using third party API services may be used to archive content and certain associated meta data uploaded to those third-party sites by you. Additionally, such data may be used by OpenText as part of an authentication and authorization framework to access your data on third party sites. Third-party email, social media, and other communication services are not offered, controlled, or provided by OpenText. OpenText is not responsible for how a third party transmits, accesses, processes, stores, uses or provides data to OpenText. In addition, such third-party services are subject to the terms and conditions and privacy policies applicable to those services. Depending on the service you are using, the Google privacy policy may apply and is available here: http://www.google.com/policies/privacy; and/or the YouTube terms of service may apply and is available here: http://www.youtube.com/t/terms.

How We Share Your Data

OpenText may share personal information with its affiliates, business partners (including those who resell or distribute our products and services), service providers (including website, software, infrastructure and application providers), payment gateways, customer service, event/campaign management, cloud hosting providers, credit reference agencies, debt agencies, professional advisors, marketing agencies (including event or promotion partners or sponsors), third-party networks and websites, database providers, backup and disaster recovery specialists, analytics and email providers) and agents working on our behalf.

We may be required to share personal information with a third party or body where such disclosure is required to satisfy applicable law or other legal or regulatory requirement, or to protect the rights or property of OpenText or others. This can include in response to lawful requests from a competent authority or body and to meet national security or law enforcement requirements.

If all or any part of our business is re-organized or sold to or there is a joint venture with another organization, we may need to provide your information to that organization. We may also be the recipient of personal information when we acquire another organization or a part of their business or enter into a joint venture with them.

Where third parties are performing processing on our behalf, OpenText will require these organizations to adopt adequate technical and organizational security measures to protect personal information and to ensure the processing of personal information is only performed as instructed by OpenText and for no other purposes.

Personal information may be processed outside the country of your residence by our affiliates, partners or service providers and agents working on our behalf. The transfer to other countries by OpenText and its affiliates shall be in accordance with applicable data protection legislation, which may include an adequacy decision or appropriate safeguards. Appropriate safeguards may include: OpenText and third parties entering into the EU Model Clauses approved by the European Commission.

How We Protect Your Data

Protecting your data, both online and offline, is a priority for us. We have implemented appropriate technical and organizational measures to protect your personal information and ensure a level of security appropriate to the risk.

All our employees are subject to confidentiality agreements and undergo annual training on the proper handling of personal information.

OpenText is committed to protect all personal information and is cognizant of its obligations under applicable data protection laws. For further details, including information on industry standard certifications of our products, please refer here.

Links to other websites or locations may be provided for your convenience but do not signify our endorsement of such other websites or locations or their contents. When you click on such links, you will leave the OpenText website and go to another site. When this happens, a third party may collect personal information from you. Please be aware that the terms of this policy do not apply to such outside websites or content or to any collection of data after you click on a link to a third-party website or location. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy notice of any website you visit.

How Long We Store Your Data

OpenText will retain personal information for as long as needed to provide the relevant products or services or to fulfil the purposes for which the personal information was collected or as per the specific contractual terms. OpenText may also retain and use this information for a longer period as permitted or required by law, to comply with our legal, tax or regulatory obligations (e.g., audit and accounting requirements), handle disputes, to exercise or defend claims and enforce our agreements. We ensure that personal information we dispose of is de-identified or destroyed in a secure manner.

Your Privacy Rights

Your local applicable law may provide certain rights regarding the collection, use and sharing of your personal information. You may request from OpenText access to, correction of, updating of and/or deletion of your personal information, or object to our use of your personal information in certain circumstances, in line with applicable data protection law. Your rights may differ according to your place of residence.

Choice/Opting out of Marketing: OpenText offers you the choice of receiving different types of communications and information related to our products and services. You may subscribe to e-newsletters or other publications; you may also elect to receive marketing communications and other special offers from us via email. If at any time you would like to change your communication preferences, we provide unsubscribe links and an opt-out mechanism in all our marketing communications or you may contact us.

Note that if you opt out of marketing, you may still receive service-related messages from us (and you may still receive marketing messages for a short period after opting out while we update our records).

Under GDPR and UK data protection law (and other applicable data protection regulations), you have rights we need to make you aware of. The rights available to you depend on your juridiction and our reason for processing your information:

• Your right of access
  You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
• Your right to rectification
  You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
• Your right to erasure
  You have the right to ask us to erase your personal information in certain circumstances.
• Your right to restriction of processing
  You have the right to ask us to restrict the processing of your information in certain circumstances.
• Your right to object to processing
  You have the right to object to processing if we are able to process your information because the process forms part of our public tasks or is in our legitimate interests.
• Your right to data portability
  This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.

If we are processing your information for criminal law enforcement purposes, your rights are slightly different. Please see the relevant section of this notice.

Exercise Your Privacy Rights: To exercise your privacy rights, please fill out the Data Subject Request form.

Please direct any complaints or questions you may have with regard to our privacy practices to OpenText’s Data Protection Officer.

You may also have the right to complain to the competent supervisory authority. Contact details of Data Protection Authorities in the European Economic Area can be found here, and in the UK here.

Customer Data: If your personal data has been submitted to us by or on behalf of a customer to our products and services who is the controller of that personal information and we are the processor on their behalf, you will need to contact them directly if you wish to exercise any rights you may have under applicable data protection laws. If you make your request to us, we will need the name of that customer who submitted your data to us, and we will refer it on to them.

CCPA: The California Consumer Privacy Act (“CCPA”) requires businesses to disclose if they sell personal information. OpenText does not sell personal information. OpenText may share personal information with third parties or allow them to collect personal information from our Website, products or services in certain situations, such as where they are our authorized service providers or business partners and have a contract with us, where you consent to or direct us to disclose the personal data to those parties, if you use our Websites or services to interact with those third parties or we are otherwise permitted or required to do so by law. We may also share personal information with or allow third parties to collect personal information from our Websites and apps (for example, through the use of cookies or similar technologies) to help us deliver advertising to you and to make it more relevant to you. This activity may be considered a sale under the CCPA. See our Cookie Policy for information on how to manage these. For details on how to manage advertising, visit Digital Advertising Alliance Consumer Choice. For your mobile device, you can review your device settings: Android devices allow you to opt out using “Opt-out of Ads Personalization” and Apple devices allow apps to include interest-based advertising only if you opt in using the app’s pop-up notice.

California residents may request and obtain from us once a year, free of charge, certain information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that were shared and the names and addresses of all third parties with which we shared information in the preceding calendar year. For details on how to contact us with a request in relation to your privacy rights, see the Contact Information section of this policy or call our toll free number 1-866-397-0207.

For Data Subjects in Japan:

• Data Transfer to Outside of Japan:

As described in the “How We Share Your Data” section above, OpenText may transfer your data to third parties, including the subsidiaries of OpenText (as listed in our Annual Report), located outside of Japan.

In addition, OpenText may transfer your data to outside of Japan in the course of entrusting certain data processing work.

• Joint Use:

OpenText may jointly use your data under the following conditions:

• The types of personal data jointly used: as listed in the table below section “What Data We Collect and Why We Use It.”
• The purpose of the joint use: to respond to your requests, to provide you OpenText products and services, including the purpose as listed in “Table 1” above.
• The entities that engage in the joint use: the subsidiaries of OpenText, available in our Annual Report.
• The entity responsible for the joint use: OpenText Corporation (Corporate HQ: 275 Frank Tompa Drive, Waterloo ON N2L 0A1, Canada).

Children’s Privacy

OpenText encourages parents and guardians to take an active role in their children's online activities. Our Services are not aimed at people under 18 and OpenText does not knowingly collect personal information from children without appropriate parental or guardian consent. If you believe that we may have collected personal information from someone under the age of 13 (or the applicable age of consent) without proper consent, please submit your complaint in writing to the address found in the Contact Information section.

Contact Information

OpenText’s Data Protection Officer can be reached at DPO@opentext.com or by mail at:

UK and EU representatives for OpenText and its affiliates can be reached at DPO@opentext.com.

Changes to this Privacy Policy

OpenText may update this policy from time to time. If we modify this policy, we will post the revised version here. You should review this page periodically for updates.

If we make a change that significantly affects your rights or, to the extent we are permitted to do so, significantly changes how or why we use personal information, we will notify you by way of a prominent notice or pop-up on our Website.

Note: In addition to the entities referenced above, this policy applies to:

• The products and services of Total Defense, LLC (formerly known as Total Defense, Inc.), a subsidiary of Open Text Corporation, including its Total Defense Mobile Security product; and

• The products and services of Webroot, LLC (formerly known as Webroot Inc.), a subsidiary of Open Text Corporation, including its Webroot Mobile Security and Webroot for Chromebook.  

This policy was last updated November 2023.