Effective Date: June 25, 2015
Okta, Inc. ("Us," "We," "Our," "Okta," or the "Company") is committed to protecting the privacy of your information. This Privacy Statement describes Okta's Web site privacy practices.
Okta complies with the U.S. – E.U. Safe Harbor Framework and the U.S. – Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Okta has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Okta's certification, please visit http://www.export.gov/safeharbor/.
Web Sites Covered
Okta's Web sites may contain links to other Web sites. Okta is not responsible for the information practices or the content of such other Web sites. The Company encourages you to review the privacy statements of other Web sites to understand their information practices.
Information Collected by Okta
Personal Information You Provided to Us. Okta collects information from Visitors to the Okta website. Okta receives and stores any information entered when expressing an interest in obtaining more information about the Okta SSO & IAM Service or registering to use the Service. When expressing an interest in obtaining information about the Services or registering to use the Services on Okta’s website, Okta may require you to provide personal contact information, such as name, company name, address, phone number, email address, and any other information necessary for us to provide Visitors with access to the various aspects of the Services (collectively, “Personal Information”). The Personal Information you provided is used for such purposes as answering questions, improving the content of the website, customizing the content, and communicating with the Visitors about Okta's Services, including specials and new features.
Personal Information Collected Automatically. As Visitors navigate or interact with Okta's website, Okta may also automatically collect information through the use of commonly-used information-gathering tools, such as cookies, Web beacons, tags, and scripts. These information gathering maybe used by our marketing partners, affiliates, analytics and service providers as described below. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
Most browsers have an option for turning off cookies, which will prevent their browser from accepting new cookies, as well as (depending on the sophistication of the browser software) allowing the Visitor to decide on acceptance of each new cookie in a variety of ways.
For more information on the list of cookies that Okta uses, please click here.
- Web Beacons
Okta uses Web beacons alone or in conjunction with cookies to compile information about Visitors’ usage of the website, interaction with emails from Okta, and to operate and improve the website. Web beacons are invisible electronic images that can recognize certain types of information on a Visitors computer, such as (1) cookies, (2) the time a particular website is viewed to the Web beacon, or (3) a description of a website tied to the Web beacon.
- IP Addresses and Browser Information
When a Visitor interacts with the website, Okta collects their Internet Protocol ("IP") addresses, browser information and operating system to track and aggregate non-personal information. For example, Okta uses IP addresses to monitor the regions from which Visitors navigate the website.
- Other Third Party Tracking
Okta engages third parties, which use web beacons, images, and scripts, to help better manage content on Okta’s website. Okta does not provide Personal Information to the third parties but may tie the information gathered from third party tracking to our Visitors’ personal information for marketing purposes.
- Log Files
As is true of most web sites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, operating system, and/or date/time stamp.
We do not link this automatically collected data to other information we collect about you.
- Behavioral Targeting/ Re- Targeting
We partner with a third party to either display advertising on our Web site or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here).
Please note this does not opt you out of being served ads. You will continue to receive generic ads.
- Local Storage Objects (LSOs)
Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use LSOs such as HTML 5. Various browsers may offer their own management tools for removing HTML5 LSOs.
Some of our pages utilize framing techniques to serve content to from our partners while preserving the look and feel of our site. Please be aware that you maybe providing your personal information to these third parties and not to Okta.
Use of Information Collected
Okta may occasionally run contests or other special promotions on the website in which visitors are asked to choose to participate for contact information (like an e-mail address) or demographic information (like a zip code, industry or country). Okta may use the data collected in these contests and promotions to send promotional material about Okta or our partners. Contact information collected from these contests and promotions may be used to administer the contest and notify winners and contact Visitors when necessary.
Except as described in the policy, Okta will not give, sell, rent, or loan any identifiable Personal Information to any third party, without a Visitor’s prior consent. Okta may disclose such information to respond to subpoenas, court orders, or legal process, or to establish or exercise their legal rights or defend against legal claims. Okta may also share such information if they believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law. Okta may also provide non-personal, summary or group statistics about our customers, sales, traffic patterns, and related Services information to reputable third-party vendors, but these statistics will include no Personal Information.
If Okta is involved in a merger, acquisition, or sale of all or a portion of its assets, Visitors will be notified via a prominent notice on Okta’s website of any change in ownership or uses of personal information, as well as any choices a Visitors may have regarding their personal information.
Protection of Information
Okta’s website offers publicly accessible blogs or community forums. Any information provided in these areas may be read, collected, and used by others who access them.
Okta has no direct relationship with the individuals whose Personal Information it processes.
Okta will retain Personal Information they process on behalf of Visitors for as long as needed to provide website services to Visitors. Okta will retain and use this Personal Information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.
Access to Personal Information
Users may update their Personal Information by editing their user information in the Service. If you're a Visitor and your Personal Information changes, or if you no longer desire information on our Service, you may have your Personal Information updated or removed from our records by emailing email@example.com or by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request within 30 days.
What Choices Do I Have?
- As stated previously, you can always opt not to disclose information, even though it may be needed to take advantage of or register for certain features of the Services.
- You may request deletion of your Okta account by sending an e-mail to firstname.lastname@example.org.
Customer Testimonials / Comments / Reviews
We post customer testimonials/comments/reviews on our web site which may contain personal information. We do obtain the customer's consent via email prior to posting the testimonial to post their name along with their testimonial. If you wish to update or delete your testimonial, you can contact us at email@example.com.
Our Web site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Social Media Widgets
Information Collected on Behalf of our Customers using the Service
Okta collects information under the direction of its customers and has no direct relationship with the individual Users/employees whose personal data it processes. Okta works with its customers to help them provide notice to their employees concerning the purpose for which personal information is collected.
We collect information for our customers. If you are an employee of one of our customers and would no longer like to use Okta's service, please contact your Employer directly. Okta may transfer Personal Information to companies that help us provide our service. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our Customers.
Okta has no direct relationship with the individuals whose Personal Information it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to their Employer. If the Employer/ Okta's Customer requests that Okta remove the data, we will respond to their request within 30 business days.
Written inquiries may be addressed to:
Chief Security Officer,
301 Brannan Street, Suite 300
San Francisco, CA 94107