Privacy Policy

Customer Agreement Customer Agreement
Data processing Addendum Data processing Addendum
Privacy Policy Privacy Policy
Sub-processors Sub-processors
Cookie Policy Cookie Policy
Transfers of Personal Data Transfers of Personal Data

Purpose

This privacy policy (“Policy”) describes how Coveo Solutions, Inc. and its relevant affiliates (“Coveo” or “we” or “us”) collect, use, disclose, transfer, store and otherwise process personal information relating to you (“Personal Information”) in the course of its activities described below.

Coveo as a Service Provider

Coveo provides cloud-based services to its customers pursuant to a written agreement (“Cloud Service”). Our customers and their authorized users upload and store personal information on the Cloud Service (“Customer Personal Information”). Coveo processes Customer Personal Information in its cloud-based solutions on behalf of its customers and only in accordance with their written instructions. Coveo is acting as a “processor” or as a “service provider” with regard to Customer Personal Information. Therefore, this Policy does not apply to Customer Personal Information.

For detailed information related to a Coveo customer using Coveo Cloud Service as a “controller”, you should contact the Coveo customer directly or refer to their privacy policy. In particular, if your Personal Information has been submitted to us on behalf of a Coveo customer and you wish to exercise your rights under applicable privacy laws, please direct your requests to the Coveo customer. If you contact Coveo for these purposes, we are required to inform the relevant Coveo customer of your request (to the extent that we can identify them from the information you have provided).

We recommend that you read this Policy in full to ensure that you are fully informed about the manner in which we collect and use or otherwise process your Personal Information. You can also refer to a specific section of this Policy by clicking on the relevant link below:

Personal Information We Collect
How We Use Your Personal Information
Cookies and Other Technologies
How we disclose your Personal Information
How We Protect Your Personal Information
Retention of Personal Information
Your Privacy Rights International Transfers
Contacting us
Modifications to the Policy
California Residents

Personal Information We Collect

Personal Information we collect directly from you

Information you provide

You might need to provide Personal Information in order to access or use our resources or services. This may include situations where: you request assistance of our support services; you act as an authorized user for our Cloud Service and related services (professional services, support, training, customer success); you express an interest in obtaining information regarding our Cloud Service or related services; you are using the “Contact Us” section on our websites; you download content from the Coveo resources center; you contact Coveo for a demo of the Cloud Service, an event or a webinar; you use Coveo’s chat; you answer a survey or a questionnaire or you voluntarily provide feedback; you visit our offices or where you participate in our events, contests or sweepstakes. In such situations, you might provide Personal Information such as: your first and last name; your telephone number; your business email address; your job function/title; your country; your organization name; your work location; and whether or not you are acting on behalf of a current customer.

You may also be required to provide us with Personal Information such as the payment and billing information of your company, when subscribing to our Cloud Services or related services or when participating in an event.

Information we automatically collect

When you visit our websites, we will automatically collect information on your browsing behavior, through the use of cookies and other tracking technologies as described in the Coveo Cookie Policy. This may include the amount of time spent on a page, whether you are a unique or repeat visitor, and the pages or features you engage with. We also collect information about you when you visit our websites, which includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit pages, operating system, and date/time stamp.

We may also collect and process information relating to the configuration, the use and the consumption of our Cloud Service by our customer’s authorized users. This might include information obtained from APIs (Application Programming Interface); information about authorized users such as email addresses, user names, IP addresses (or proxy server information), user identifier, time stamp associated with your usage, browser information, operating system type and version, internet service provider, device identifier, device model, user agent, business function, logs, page and files viewed and, more generally, the interaction of the authorized users with the Cloud Service.

We may eventually collect information regarding your use of some of our training resources on Coveo Level Up. This may include browsing information, as well as information regarding your use of our training resources (e.g. training completed, time spent on each training item, quiz answers, etc.).

Personal Information we collect from other sources

Coveo may also collect Personal Information from other sources, such as from third-party providers from whom we have purchased contact lists or with whom we participate at an event. We may also collect Personal Information from our partners. This may include your first and last name, your company, your job position, your professional email address or your professional phone number.

You may choose to connect with third-party applications when you use our Cloud Service, such as YouTube. In those circumstances, we will process your Personal Information (the email address you use to access our Cloud Service) to enable your use of the third-party application through the Cloud Service and in accordance with this Policy. Your use of third-party applications shall also be subject to the third-party’s privacy policy, such as the Google Privacy Policy (http://www.google.com/policies/privacy).

How We Use Your Personal Information

We may use your Personal Information for the following purposes:

to handle contact and assistance requests. If you have contacted us for information regarding our Cloud Service and related services, for assistance, for partnerships or for any other information, we will process your Personal Information based on our legitimate interests to the extent necessary to fulfill your request ;
to operate and maintain our websites and services. For instance, we may use your browsing information for this purpose. This processing is based on our legitimate interests if you have not entered into a contract with us;
to provide you with personalized recommendations when you are visiting our websites. By using Personal Information for this purpose, you may expect to be presented with more engaging and relevant content than without the use of personalization. We use legitimate interest as a legal basis for this processing;
to improve our websites. We process your information, including device and usage information, to track your browsing behavior for analytics purposes. This eventually allows us, based on our legitimate interests or on your consent, to improve our websites as well as the overall user experience;
to provide the Cloud Service and related services. We process your Personal Information: at your request, to send you customer service-related communications, including online services; to provide you with technical product support, professional services, customer success support to fulfill our contract with your employer, based on our legitimate interests; for operational and security purposes. We may process your Personal information to detect and prevent fraud or bugs on our website and Cloud Service to the extent necessary for our legitimate purposes;
to provide and improve training on our Coveo Level Up platform ;
to send you communications. We may inform you about Coveo’s latest product announcements, software updates, security and technical notices, and upcoming events or provide tailored advertising about us to the extent that you have provided us with your consent while interacting with our websites or related services, based on our legitimate interests or otherwise as permitted by applicable privacy laws;
to assess new customer opportunities. We process your Personal Information, in particular, contact information collected via different means to identify new customer opportunities, based on our legitimate interests, on your consent or as otherwise permitted by applicable laws;
to assess new partner opportunities. We collect and process your Personal Information, specifically contact information and Coveo content you have interacted with, based on our legitimate interests or as otherwise permitted by applicable laws;
to gather insight on the effectiveness of our marketing campaigns and advertisements and improve/optimize our conversion rates;
to manage events participation. If you have registered to participate in an event, a contest, a webinar or other marketing event, we will process your Personal Information (mainly business contact information) based on our legitimate interest to manage your participation in the event.
to request your feedback. We might process your Personal Information to collect your feedback on your use of the Cloud Service or related services, based on our legitimate interests or on your consent;
to manage payments. We may process your Personal Information to collect and perform payments based on our legitimate interests to perform a contract with your company; and
to comply with legal obligations. We process your Personal Information to cooperate with government authorities or competent courts, to respond to lawful requests, to communicate with you where required by privacy laws or for auditing purposes.

Cookies and Other Technologies

Coveo’s websites may use “cookies” and other technologies. For more information about those technologies, please visit our Cookie Policy.

How we disclose your Personal Information

We only disclose and share your Personal Information as follows:

With affiliates. Coveo may share Personal Information about you with its affiliates. For example, Coveo shares your business contact information as well as the communications you have with Coveo for customer relationship management purposes. In such case your Personal Information will be processed in accordance with this Policy.

With service providers. Coveo discloses your Personal Information with service providers with whom it has contracted in order to provide services on behalf of Coveo. These providers will access and process your Personal Information only as instructed by Coveo. This may include customer relationship management, marketing purposes, billing purposes, data analysis, information security, technical support or customer services.

With business partners. From time to time, Coveo may partner with other companies to support its business. This may include resellers, referral partners or social networks. In such instances, your Personal Information will be processed separately by those partners and will be subject to the respective partner’s or sponsor’s privacy policy. For instance, if you purchase or specifically express interest in a jointly-offered product, promotion or service from Coveo, Coveo may share Personal Information about you collected in connection with your purchase or expression of interest with our joint partner(s). Coveo does not control its business partners’ use of your Personal Information, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may choose not to purchase or specifically express interest in a jointly offered product or services.

Where required by laws. Coveo may share your Personal Information where it believes in good faith that it is necessary to respond to lawful requests, to protect its rights and property, to protect the interests of its customers or to enforce the terms of its terms of use.

Where necessary for business transaction purposes. If Coveo goes through a merger, an acquisition, a sale of all or a portion of its assets, your Personal Information may be included in the assets involved in the transfer.

How We Protect Your Personal Information

Coveo takes reasonable technical and organisational measures to safeguard your Personal Information against loss, theft and misuse, as well as against unauthorized access, disclosure, alteration and destruction. Coveo ensures that its personnel processing Personal Information is bound by appropriate obligations of privacy and confidentiality.

Retention of Personal Information

Coveo will retain your Personal Information for the period necessary to fulfil the purpose for which it was intended, as outlined in this Policy unless a longer period is required by law.

Your Privacy Rights

You may have certain rights relating to your Personal Information, subject to domestic data privacy laws. This may include:

the right to access and receive a copy of your Personal Information, or specific pieces of Personal Information, in a readable format;
the right to know the categories of sources from which your Personal Information was collected;
the right to know the categories of third-parties with whom your Personal Information was shared;
the right to rectify inaccurate or outdated Personal Information we hold about you and to ensure that it is complete;
the right to erase your Personal Information, under specific circumstances;
the right to restrict the processing of your Personal Information;
the right to ask us to transfer your Personal Information to another controller, when technically feasible, in a format commonly used;
the right to object to the processing of your Personal Information, when the processing of your Personal Information is based on our legitimate interests or when used for direct marketing purposes. In particular, if you do not want to be on our mailing list, you can opt out anytime here.
the right not to be subject to a decision based solely an automated decision-making, including profiling, which produces legal effects or otherwise significantly affects you (“Automated Decision Making”) ; and
the right to lodge a complaint before a regulator or a supervisory authority about our processing of your Personal Information.

Coveo does not currently perform Automated Decision Making on our websites nor on related services.

In order to exercise your rights with regard to your Personal Information in our possession, please contact coveoprivacy@coveo.com. Coveo will treat your request in accordance with applicable domestic laws.

Coveo will not discriminate against you for exercising your rights described above or offer you financial incentives related to the use of your Personal Information.

International Transfers

Coveo has facilities and employees in different countries around the world. This includes Canada, the European Union, the United Kingdom and the United States. We may also partner with third parties located outside of your state or province in order to conduct our business. Therefore, your Personal Information may be transferred and/or accessed outside your country or province of residence. When we send your Personal Information across borders, we will process it only for the purposes outlined in this Policy and we will take steps to ensure that your Personal Information is adequately protected abroad.

Transfers outside of the European Economic Area or the United Kingdom

Coveo relies on appropriate transfer mechanisms when transferring your Personal Information from the European Economic Area or the United Kingdom to a third country. Please visit this page for more information.

Coveo continues to abide by the Privacy Shield framework even though it does not rely on it as a transfer mechanism pursuant to the General Data Protection Regulation (“GDPR”). Please visit this page for more information.

Contacting us

If you have any questions about this Policy or Coveo’s privacy practices, please contact our Data Protection Officer (“DPO”) by clicking here or by mailing Coveo Privacy at:

Spaces Levi's Plaza, 1160 Battery Street East, Suites 100, San Francisco, CA, 94111, United States, if you reside in the United States of America, Mexico or a country in Central or South America or the Caribbean;
3175 Chemin des Quatre-Bourgeois, Suite 200, Quebec City, QC, G1W 2K7, Canada, if you reside in Canada, a Country in Asia or the Pacific region;
Beech Avenue, 54-80 1119 PW, Schiphol-Rijk, the Netherlands, if you reside in a country in Europe, the Middle East or Africa.

Modifications to the Policy

Coveo may update this Policy from time to time in order to reflect changing practices or requirements of applicable privacy laws. The legend at the top indicates when this Policy was last revised. We encourage you to regularly review this Policy to stay informed of Coveo’s processing of your Personal Information.

California Residents

The California Consumer Privacy Act (“CCPA”) requires additional disclosure for California residents. This section solely applies to California consumers. Coveo does not sell Personal Information as set out under the CCPA. We may share Personal Information with service providers or business partners with whom we have signed an agreement regarding the use of your Personal Information. Please refer to the section "How we disclose your Personal Information" for more information on the third-parties with whom we share your Personal Information.

In the last 12 months, Coveo has collected and disclosed for a business purpose, as outlined in this Policy, the following Personal Information:

identifiers (e.g. name, alias, postal address, unique personal identifier, email address, IP address, online identifier, account name);
professional or employment-related Information (e.g. name of your employer, position, office location, presentations, testimonials in connection with our business activities);
commercial information (e.g. transaction information, financial details and payment information);
approximate location information (e.g. IP address, city, country);
internet or other electronic network activity information (browsing history, search history, information regarding your interaction with our websites or Cloud Service);
education information;
audio, electronic, visual and similar information, such as images and audio, video or call recordings created in connection with our business activities;
inferences drawn from any of the above categories of information to create a profile about a consumer’s preferences, characteristics or behaviors in relation to our websites or Cloud Service.

The sources from which we collect Personal Information are outlined above and the purposes for which we process your Personal Information is described in the section "How We Use Your Personal Information"

For information regarding the exercise of your rights, you can refer to the "Your Privacy Rights" section of this Policy. You may use an authorized agent to submit a consumer request on your behalf in which case Coveo will require a copy of your written authorization to submit the request on your behalf.

As a California resident, you also have a right to opt-out of the sharing of your Personal Information. You may opt-out of the sharing of Personal Information by:

selecting the option to opt-out of the use of cookies in the cookie settings banner;
turning on a Global Privacy Control in your web browser or browser extension. For more information on valid Global Privacy Controls, please refer to this website: https://oag.ca.gov/privacy/ccpa.
clicking on the “unsubscribe” link at the bottom of a Coveo commercial message;
opt-out of the use of your email address here.