Privacy & Cookies Policy
Please note our website includes hyperlinks to other websites neither owned nor managed by us. Intralinks is not associated with these third-party websites and does not review their privacy policies. We cannot guarantee the privacy of any information that may be obtained by third parties at these other websites. We strongly encourage you to review the privacy policies of any website you visit before supplying Personal Information through that website.
Click a link below for our policy on each topic:
- What information does Intralinks collect through its public website, or other interactions, and how is this information used?
- What information does Intralinks collect about users of its Service and how is this information used?
- What information could Intralinks otherwise collect about me?
- How does Intralinks protect the security of my Personal Information?
- What about transfer of my Personal Information to other countries?
- How can I change, update or delete my Personal Information or request that I not be contacted for non-support purposes?
- What rights do I have about the use of my Personal Information?
- Does Intralinks use "cookies"?
- California Consumer Privacy Act (CCPA) Notice
- Does Intralinks participate in the EU-U.S. Privacy Shield Framework?
What information does Intralinks collect through its public website, or other interactions, and how is this information used?
Anyone Who Contacts Us through Our Website
Intralinks collects certain Personal Information through its website when you choose to submit such information to us through email, an online form or other method (such as contacting us through our "Contact Us" or "Chat with Sales" website functions). This includes Personal Information you provide to Intralinks in order to request additional information about the Service, employment opportunities, for press inquiries or for other purposes. We use information collected through our website to respond to specific requests for information about our Service and other inquiries.
You do not need to provide this information to us but if you don't, we will not be able to respond to your communication. We use this information to answer any issues or concerns and to monitor customer/potential customer communications for quality and training purposes. We also use this information to develop new services and to improve or personalise existing services. We use this information because we have a legitimate business interest in understanding customer/potential customer feedback and in responding to your communications in a consistent way. We will keep this information for as long as you have a relationship with us or, if you do not have a relationship with us beyond this communication, for a reasonable length of time that lets us understand how people use our website.
Visitors to Our Website
Intralinks also maintains a log of certain information concerning visitors to our website, including but not limited to a visitor's IP address (a computer's numerical Internet address), the websites from which visitors access our website, the type of web browsers used to access our website, the device used to access our website and the pages viewed. Such information may be treated as Personal Information about the visitor in accordance with applicable local law.
If we have collected your Personal Information through our website or through other channels (such as if you have exchanged contact information with one of our Sales representatives or partner constituents, or have included your Personal Information in an event registration form), and we have a permission to do so, we will use your Personal Information to inform you about other Intralinks services and products that might be of interest to you and to gather feedback from you on our website and our Service. We use this information because Intralinks has a legitimate business interest to promote its products and services. We will keep your Personal Information for a reasonable length of time that lets us understand how people use our Service and the impact of any marketing offers that we make.
We also collect information about website users through “cookies.” Cookies are small pieces of information sent by a web server to a web browser which allow the server to uniquely identify the browser on each page. For further information about Cookies, please see our "Cookies" section below.
What information does Intralinks collect about users of its Service and how is this information used?
This section applies to users of the Intralinks Service. If you only use our public website, this section does not apply to you. If you, your employer or a third party decide to purchase our Service, we will use your Personal Information for purposes of providing the Service to you. We will also provide your Personal Information to trusted partners and our affiliates who work on behalf of Intralinks and use your Personal Information to help Intralinks provide the Service. Such partners include database providers (such as Oracle), data analytics providers (such as Amazon Web Services) and other suppliers who assist with providing technical support (such as RightNow (Oracle) and IntegrityNet). We use this information because we have a legitimate business interest in performing the contract that we have entered into with you, your employer or a third party and in providing, managing and administering our Service.
Setting Up the Service
When you first sign onto the Service, you will be presented with your “profile,” which contains the information supplied to us. You will be able to update or correct any of the Personal Information in your profile. As the Service is intended for business purposes only, unless your place of work is also your home, you should only enter business contact information. We use this information to provide the Service and to identify how you'd like to use your account. We use this information because it is necessary to provide you with an account and because we have a legitimate business interest in enabling you to update your preferences and settings online.
Once your Personal Information has been entered into your profile, this information is added to the participant list for each Exchange or Workspace you have been authorized to access. Other participants of your Exchange(s) or Workspace(s) may then have access to your Personal Information. You may receive certain emails relating to your use of the Service, such as email alerts related to Exchanges or Workspaces on which you are a participant and other email communications relating to the Service. Emails will be sent to the email address(es) listed in your profile.
Your Personal Information is also added to Intralinks' global directory of current and former users of the Service (the “GUD”). If you are selected to join another Exchange or Workspace in the future, your user ID will be authorized to access that Exchange, and your Personal Information will be added to the participant list for that Exchange or Workspace. Our clients also have the ability to maintain one or more “business groups,” which are contact lists comprised of all users that have used the Exchanges or Workspaces that they have managed. Your Personal Information may be added to one or more of these business groups.
We use your Personal Information as set forth above to provide, manage and facilitate your use of the Service, whether now or in the future. We use this information because we have a legitimate business interest in performing the contract that we have entered into with your employer, or with the affiliate or partner of your employer (as applicable). We will keep this information for as long as you remain an Intralinks account holder.
Reports and Analytics
As a function of the Service and in order to conduct internal analysis of use of the Service, Intralinks also will maintain a history of your access to the Service, and certain actions taken by you while accessing the Service (e.g. access to Exchanges, Workspaces and documents, including time, date and length of access). This includes maintaining a log of users' IP addresses, the websites from which users access the Service, the type of web browsers used to access the Service and the browser's settings that may affect Service performance. The information described in this paragraph is referred to as “Usage Log Information.” It may also be combined with Usage Log Information about other users of an Exchange or Workspace you are permissioned into to provide an overall view of how the Exchange or Workspace is used.
Usage Log Information will be recorded and used internally within Intralinks and may also be made available to managers of Exchanges, owners of Workspaces, Service licensees or to your employer or entity on whose behalf you are accessing the Service.
We use this information because we have a legitimate business interest in understanding how our Service is accessed, how it is used and whether there are any potential security issues arising from such use. We will keep this information for a reasonable length of time that allows us to provide the Service, to perform the contract that we have entered into with your employer, or with the affiliate or partner of your employer (as applicable) and to understand how people use our Service.
We share Usage Log Information, as well as information about your browser and other local computer settings, with Exchange managers and Workspace owners in order to troubleshoot or avoid potential access problems. We also use this information (in addition to your contact information) to contact you in relation to providing you with support, including where you have already contacted us via telephone, email or our "Chat with Us" function. Where necessary, we disclose this information to trusted support providers (such as RightNow (Oracle)) who will undertake this role on our behalf.
We need this information to provide you with support requested. We use and disclose this information to provide the Service and provide relevant support services. We use this information because we have a legitimate business interest in ensuring that you receive an effective Service from us. We will keep this information for a reasonable length of time that lets us understand any technical issues that users have with our Service.
Exchange Managers and Workspace Owners
If you have been designated by your organisation as an Exchange manager or Workspace owner, we will use your Personal Information when we are undertaking work on behalf of your organisation, for example adding participants for the first time to an Exchange or Workspace. We use your Personal Information because it is necessary for our contract with your organisation that we interact with you in order to comply with your organisation's instructions. We will keep this information for as long as your organisation has a relationship with us.
If you are a user of the Service and we have a permission to send you marketing messages, we will use your Personal Information to contact you about our services and products. We will contact you either by email or phone. We also use Usage Log Information to better tailor these communications to you by identifying those features and aspects of our services that are most relevant to you based on your historic usage.
You may decline to receive mail or email from us by selecting the opt-out link which will be contained in any such email that you receive, or by contacting us using the details at How can I change, update or delete my contact information or request that I not be contacted for non-support purposes?
Sale or Merger of Intralinks
We will also disclose personal information (1) in response to lawful requests by public authorities (including to meet national security or law enforcement requirements) and, where applicable, in accordance with our internal policy on access by government or regulatory authorities and (2) in our sole discretion if we believe that such disclosure is appropriate in connection with an official government or regulatory investigation or in response to a perceived significant threat to a person's health or property.
Intralinks may also process your Personal Information if necessary in the defence of a legal claim. We will not delete Personal Information if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.
What information could Intralinks otherwise collect about me?
If you have been designated by your organisation as being a contact for billing or payment purposes, we will use your Personal Information to process your organisation's order, issue invoices to your organisation and take payment from, or make payment to, you (including refunds if applicable). We use this information because it is necessary for our contract with your organisation that we collect information from its representatives to process payments or give or receive refunds. We will keep information relating to payments for the length of the contract between us and for ten (10) years afterwards.
Reviews and Feedback
If you are a user of an Exchange or Workspace and you contact Intralinks to provide feedback or reviews of your experience, we will use your Personal Information (as well as your feedback/review) to understand and respond to customer feedback. We use this information because we have a legitimate business interest in understanding customer feedback and in responding to your communications in a consistent way. We will keep this information for a reasonable length of time that lets us understand and assess people’s experience of our Service.
How does Intralinks protect the security of my Personal Information?
What about transfer of my Personal Information to other countries?
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, including to countries outside of the location(s) of your business, such as the United States and countries within Europe, Latin America and the Asia-Pacific region. Where such transfers of your Personal Information are made they will be made in accordance with applicable law.
Transfer of Information to Other Countries – Users in European Economic Area (EEA)
We store your Personal Information on cloud servers located in the United States. In addition, we use suppliers in the United States that support the provision of our Service. The transfer of this information is governed by a contract including standard contractual clauses (SCCs) approved by the European Commission.
Where our U.S. affiliates process information about EEA users, the transfer of this information is governed by the EU-U.S. Privacy Shield Framework. Please see "Does Intralinks participate in the EU-U.S. Privacy Shield Framework?" for more information.
Our Customer Support team may, depending on the time that support is requested by a user, be provided by personnel located in our affiliates' offices outside the EEA or by third-party contractors located in the Philippines (IntegrityNet) and India (Integreon). The transfer to our affiliates and third-party subcontractors is governed by SCCs approved by the European Commission.
We are happy to provide you with copies of the SCCs, which you can request at email@example.com.
How can I change, update or delete my Personal Information, or request that I not be contacted for non-support purposes?
You can change or update your Personal Information at any time, regardless of whether you are a current or former user of the Service, by logging into the Service with your user ID and password and accessing your profile. All Personal Information except your name, company name, and email address can be changed by you through your profile. If you wish to change your name, company name, or email address as listed in your profile, you must call our Customer Care line for assistance. A full list of Customer Care numbers can be found here.
You may request that we remove your Personal Information from Intralinks’ GUD. However, by doing so, you will automatically lose all access rights to the Service. You may have your Personal Information removed from Intralinks’ GUD by calling us at +1 888 546 5383 or emailing us at firstname.lastname@example.org. Please note that your Personal Information may be re-added to Intralinks’ GUD in the future if you are asked to participate in another Exchange or Workspace, as described above.
You also may decline to receive mail or email from us that does not relate directly to your access to or use of the Service or a particular Exchange. If you wish to receive “support-only” contact at any time, please call us at +1 888 546 5383 or email us at email@example.com.
What rights do I have about the use of my Personal Information?
If you are a resident of the EEA, you have certain rights regarding Intralinks’ use of your Personal Information.
Some of these rights, e.g., the right to be forgotten or the right to request that we transfer your information to another company, will only apply in certain circumstances. Generally, these rights will not be available if there are outstanding contracts between us, if we are required by law to keep the information or if the information is relevant to a legal dispute.
We have listed the rights you have over your Personal Information and how you can use them below. These rights are subject to restrictions under European data protection law and, subject to the exemptions in that law, may only apply to certain types of information or processing.
We need your consent for some of the ways we use your Personal Information, e.g., for marketing or processing special categories of information about you. You can remove that consent at any time.
You can ask us to confirm if we are processing your Personal Information and if we are, you can ask for access to that information and details regarding:
why we are using your information;
what information are we using;
who we have shared the information with;
the period for which your information will be stored, or how we determine that period;
your right to object to our processing of your information, your right to have your information erased or the processing of your information restricted;
your right to lodge a complaint with a data protection supervisory authority;
the source of your information where it has not been provided by you;
the existence of any automated decision-making processes using your data or any profiling;
the transfers of your information to countries outside of EEA and the safeguards in place; and
your right to a copy of the information about you which is being processed by us.
You can ask us to correct your information if it's wrong.
You can ask us to delete some of your information.
You can ask us to restrict how we use your information.
You can ask us to help you move some of your information to other companies.
You have a right to ask that we provide your information in an easily readable format to another company.
You can ask us to stop using your information, but only in certain cases.
You have the right to complain to the relevant supervisory authority.
You also have a right to object to us processing your information in certain circumstances. You can ask us to stop processing your information at any time. In certain circumstances we may not be able to do this or may not be required to do this. For example, if there are outstanding contracts between us, if we required by law to keep the information or if the information is relevant to a legal dispute then we may not stop processing your information.
Does Intralinks use "cookies"?
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.
We use the following cookies:
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
Analytical/performance cookies. These cookies collect information about how you use our website. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. These cookies are sometimes placed by third-party providers of web traffic analysis services, such as Google Analytics.
Functionality cookies. These cookies remember choices you make and are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookies. These cookies collect information about your browsing habits such as the pages you have visited and the links you have followed. We will use this information to make our website more relevant to your interests. They are also used to make advertising more relevant to you, as well as to limit the number of times you see an advert. These cookies are usually placed by third-party advertising networks. They remember the other websites that you visit and this information is shared with third-party organisations, for example advertisers.
We use Google Analytics. For information on how Google processes and collects your information in regard to this product and how you can opt-out, please see here.
We also use Google AdSense to publish advertisements. When you view or click on an advert a cookie will be set to help better provide advertisements that may be of interest to you on this and other websites. You may opt-out of the use of this cookie by visiting Google’s Advertising and Privacy page.
We also use Navegg technology to understand your browsing habits such as the pages you have visited and the links you have followed, through targeting cookies analysis. For information on how Navegg processes and collects your information in regard to this product and how you can opt-out, please see here.
Most internet browsers are automatically set up to accept cookies. However, you can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. Please refer to the help and support area on your internet browser for instructions on how to block or delete cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
You also have the right to complain to the local data protection authority within the EEA (DPA). You can find the details of your local DPA here.
California Consumer Privacy Act (CCPA) Notice
Information Collected. We collect the following categories of Personal Information:
- Identifiers, such as (but not limited to) name and online identifiers;
- Personal information, as defined in the California customer records law, such as (but not limited to) contact information and financial information;
- Characteristics of protected classifications under California or federal law, such as (but not limited to) age, gender, and marital status;
- Commercial information, such as transaction information;
- Internet or network activity information, such as browsing history and interactions with our websites;
- Geolocation data, such as device location;
- Audio, electronic, visual and similar information, such as call and video recordings;
- Professional or employment-related information, such as work history, prior employer and reference contact information; and
- Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.
Depending on a California consumer’s particular interactions and relationship with us, we may not collect each of the above categories of Personal Information about each consumer.
Sources of Personal Information. We collect this Personal Information directly from California residents themselves, as well as from other sources, such as public databases, your employer and its employees, our affiliates, third-party sources of demographic information, and social media platforms.
Purposes. We use this Personal Information to operate, manage, and maintain our business, to provide our products and services, to communicate with our customers, prospective customers, vendors, employees and other associated entities and persons, and to otherwise accomplish our business purposes and objectives. Our business purposes and objectives include, for example, developing, improving, supporting, servicing and maintaining our products, services, customer relationships and employee relationships; personalizing, advertising, and marketing our products and services; conducting research, analytics, and data analysis; maintaining our facilities and infrastructure; undertaking quality and safety assurance measures; conducting risk and security controls and monitoring; detecting and preventing fraud; performing identity verification; performing accounting, audit, and other internal functions, such as internal investigations; complying with law, legal process, and internal policies (including responding to requests from California residents under the CCPA); maintaining records; and exercising and defending legal claims.
Disclosures of Personal Information. We may disclose the categories of Personal Information listed above to our affiliates and to third parties, such as our service providers, for our operational business purposes.
Depending on a California consumer’s particular interactions and relationship with us, we may not have disclosed each of the above categories of Personal Information about each consumer.
Sales of Personal Information. We have not “sold” Personal Information for purposes of the CCPA.
For purposes of this CCPA Notice, “sold” or “sale” means the disclosure of Personal Information for monetary or other valuable consideration but does not include, for example, the transfer of Personal Information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.
If you are a California resident, you have the following rights:
Right to Know. You have the right to request that we disclose to you the following information covering the 12 months preceding your request:
- The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
- The specific pieces of Personal Information we collected about you;
- The business or commercial purpose for collecting Personal Information about you; and
- The categories of Personal Information about you that we otherwise shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such Personal Information.
Right to Request Deletion. You have the right to request that we delete Personal Information we collected from you.
Right to Be Free from Discrimination. You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.
Does Intralinks participate in the EU-U.S. Privacy Shield Framework?
Intralinks, Inc. is a participant in the EU-U.S. Privacy Shield Framework, operated by the U.S. Department of Commerce (the Privacy Shield). Our certification can be found here.
A full list of companies who have self-certified with the Privacy Shield is available at https://www.privacyshield.gov/list.
Intralinks' commitment to the Privacy Shield Principles
Intralinks, Inc. complies with the EU-U.S. Privacy Shield (the Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States in reliance on Privacy Shield. Our certification can be found here.
The commitments contained in this notice only apply to personal data received by Intralinks from the EEA. Individuals whose personal data is received by Intralinks from other jurisdictions do not have the rights set out in this notice.
Types of personal data collected and purposes for collection and use
Intralinks processes certain personal data it receives from the EEA for two purposes: (1) firstly it processes certain personal data on its own behalf for its internal business purposes; and (2) it also processes certain personal data it receives from the EEA on behalf of its customers. In processing each of these categories of personal data, it acts as a data controller (in relation to the first purpose) and a data processor (in relation to the second purpose) respectively. This Privacy Shield Notice explains how Intralinks processes personal data in each of these circumstances.
Intralinks as a data controller
Intralinks as a data processor
The nature of Intralinks’ permission-based online services (that is, the Intralinks® platform, Intralinks® Exchanges or Intralinks® Workspaces (together, the Services)) provided to Intralinks' customers means that we will process information that end users have uploaded, stored or shared using the Services, the content of which is not known to Intralinks. While much of this information will be financial, corporate or institutional in nature, it will at times include personal data which Intralinks processes following its customers' instructions.
As a data processor, Intralinks will also process personal data relating to those end users who have been permitted by Intralinks' customers to access Intralinks Services. Such data will be used to provide and operate the Services, and to provide analytics and reporting information to Intralinks' customers.
Intralinks does not control or own such data and handles such data as a data processor only. It processes such data as governed by the written agreements in place with its customers and to the extent necessary to comply with applicable law.
Types of third parties to whom we disclose personal data and the purposes for such disclosure
Intralinks as a data controller
As a data controller, Intralinks may further disclose personal data which has been transferred from the EEA to the third parties who are set out in our Privacy & Cookies Policy.
Intralinks as a data processor
As a data processor, Intralinks may further disclose personal data which has been received from the EEA as instructed by the data controller. We may also disclose personal data to our third-party service providers who work on behalf of or with Intralinks under confidentiality agreements. These companies may use personal data to help Intralinks provide the Services for our customers.
If Intralinks were sold to or merged with another company, personal data processed as part of the Services may be transferred to a prospective successor or successor of the company, or to a subsidiary or affiliate of Intralinks.
Disclosures in response to lawful requests by public authorities
Intralinks may also disclose personal data (1) in response to lawful requests by public authorities (including to meet national security or law enforcement requirements) and, where applicable, in accordance with our internal policy on access by government or regulatory authorities and (2) in our sole discretion if we believe that such disclosure is appropriate in connection with an official government or regulatory investigation or in response to a perceived significant threat to a person's health or property.
If you do not wish Intralinks to pass your personal data that is processed as a Data Controller to a third party who subsequently uses your data for its own purposes (such as one of our marketing partners), you can contact us via the details set out in Contact us below.
Intralinks' liability for third parties
If a third party providing services on Intralinks' behalf processes personal data from the EEA in a manner inconsistent with the Principles, Intralinks will be liable, unless we can prove that we are not responsible for the event giving rise to the damage.
Data integrity and purpose limitation
When Intralinks is acting as a data processor, Intralinks will process personal data in compliance with the instructions of its customers, who act as data controllers in respect of such data and will be responsible for ensuring that the personal data is appropriate and only processed for limited purposes. In addition, when its provision of services to a customer ceases, Intralinks will, as agreed with the customer, comply with Intralinks' policy for the secure deletion of personal data processed on behalf of that customer.
You have certain rights under the Principles to access personal data about you that Intralinks processes as a data controller. To access such personal information contact us by email at firstname.lastname@example.org. We will respond to your request in accordance with the Principles.
Where Intralinks is acting as a data processor, we will pass each request that we receive from an individual to access, correct, amend or delete personal data relating to them (Request) to the relevant data controller and will not respond to the Request itself. Intralinks, to the extent instructed by a data controller and in accordance with its customer agreements and applicable law, will assist a customer in complying with Requests by providing relevant information and support to the relevant customer to enable it to comply with the Request.
FTC's investigatory and enforcement powers
Intralinks' commitments under the Privacy Shield, and compliance with the Principles, are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
If you have any complaint regarding Intralinks' compliance with the Principles please contact us by email at email@example.com. We will respond to your complaint within 45 calendar days of receipt of your email.
Where your complaint relates to personal data that we process on behalf of our one of our customers, we may pass your complaint to the relevant customer and will tell you we have done so.
Independent dispute resolution body
If you feel that Intralinks has not satisfactorily resolved your complaint or has failed to respond to your complaint within 45 days, you may bring your complaint to the attention of your local data protection authority within the EEA (DPA). The DPAs will establish a panel to act as an independent dispute resolution body who will investigate and resolve complaints brought under the Privacy Shield free of charge to you. Intralinks commits to cooperate with this panel as an independent body to resolve disputes relating to its compliance with the Principles. Intralinks will comply with any advice given by DPAs where they take the view that specific action is necessary to comply with the Principles and will provide the DPAs with written confirmation that such action has been taken.
You can find the details of your local DPA here.
If you are located in the EEA and have not been able to resolve your complaint by any other mechanism, you may, in certain circumstances, be able to seek resolution via binding arbitration. For additional information about the arbitration process, please visit the Privacy Shield website.
You can find the details of your local DPA here: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.
If you have a question about our adherence to the Principles or our participation in the Privacy Shield please contact us by email at firstname.lastname@example.org.