The Planview Privacy Statement

Last modified: July 19, 2024
Planview Trust Toggle Expansion Expand Collapse All

What this Privacy Statement covers

Planview, Inc. and our subsidiaries (separately or together, “Planview”) value privacy and understand our responsibilities when processing* personal information / personal data (“PII” in the following). This Privacy Statement explains our use of PII and how you can exercise your individual rights related to our processing operations.

*Processing means any type of operation or set of operations which is performed on PII, such as but not exclusively collection, storage and use.

Planview operates in the business-to-business industry and does not focus on consumer individual users or the collection of consumer data. As a SaaS cloud service provider we are offering a variety of different software solution services, and additional professional services, for company’s and professionals.

This Privacy Statement covers product-specific information about how we process PII when providing our services, the information we collect on our websites, or by any other interaction with individuals, how we secure PII, with whom we share it, and how individuals can contact us to exercise their rights.

Any reference to a Planview website includes all Planview websites as well as those of our subsidiaries. Planview maintains the same privacy practices with respect to PII that is collected off-line. This Privacy Statement does not apply to the practices of third parties that Planview does not own or control, nor to consumer individuals.

We encourage you to periodically review this Privacy Statement to stay informed about how we process PII, as it may be updated with regards to the legal development of privacy, or any other changes of the measures and practices we adopt.

For any additional questions or information regarding our privacy practices in this statement, please let us know by sending an email to Planview privacy – [email protected].

Our commitment to our customers

Compliance with security and privacy is a part of our business DNA. That’s why we adhere to stringent standards as ISO/IEC 27001 and 27701, and undergo independent validation of compliance. We also perform annual SOC 2 Type I and/or II reports and penetration tests of our services. Planview is also subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Planview’s business is located in various geographical locations and we are therefore subject to a broad range of privacy regulations and standards depending on where processing activities take place, such as the AB-375 California Consumer Privacy Act (CCPA) and other US privacy regulations within specific business industries, the General Data Protection Regulation 2016/679 (GDPR) for EU, amongst others. Adherence to global standards along with regularly performed security evaluations, internal privacy policies, specific instructions and regular training of employees, serves as safeguards to ensure technical and organizational measures are in place to protect PII in our possession.

Our role in different relations

Our role varies depending upon the type of processing activities we perform.

  • For service delivery – Planview is a data processor for its software services. Customers purchasing or subscribing to our Services are data controllers.
  • For marketing purposes – Planview is a data controller for our marketing activities. We may either have a legitimate interest of processing PII or ask for your consent for these operations.
  • For Planview’s own administration and facilitation of Services – Planview is a data controller for Contract Billing and Payments Data (for Planview’s internal CRM system), disclosed Information (from third parties, e.g. Credit Reference Agencies or from Public Directories, for internal CRM system), user behavioral data (for measuring the use of the service and support), and user performance data (for measuring the use of service to tailor better features and support).
  • Planview communities and communication forums – Planview is a data controller when providing access and participation on our communities and communication forums (for example, message boards and blogs). In these cases, we process PII as necessary to provide the access to our platforms in line with the applicable Terms of Use and Community Guidelines. PII may also be used for marketing purposes on the basis of a legitimate interest of ours.
  • For Planview’s engagement with third-party vendors – Planview is a data controller when processing PII of any employees, contractors or other agents or representatives of its third-party vendors (together “vendor employees”) necessary for the entering into and performance of our agreements with such vendors.

Purposes of data collection; Why, when and how we collect data

From the first moment you interact with Planview, we may be collecting data. Sometimes you provide us with data. Sometimes data about you is collected automatically. Data is occasionally also collected from third parties which Planview collaborates with and uploaded to Planview systems. Such data comprise general information of companies and business representatives, often named individuals identified as appropriate contact of the business.

Data is collected by Planview when

  • You browse any page on one of our websites,
  • You complete a form on one of our websites,
  • You use one of our services,
  • You view and sign contracts via digital signature tools,
  • You contact us for support matters,
  • You integrate third-party applications with our services,
  • You interact with partners and other third-parties that provide us data,
  • You interact with us for the provision of services as a vendor employee, and/or
  • We engage with third parties to receive information about business representatives

For service delivery; Planview products

Users of our Planview Services sign up for access to the subscribed product that Planview is providing. A few fields of user information are mandatory and must be stated for the service to work at all. Full name, email and country of residence is required. Name is needed for the ability to identify users, email is needed for authentication, and country is needed for financial reasons (VAT) and trade compliance.

Users may add any other information and PII relating to themselves (or others) as they find relevant. Planview will not have any implication with whatever information a user provides to the service and system.

PII is stored during the time user is utilizing the service. A user is always able to adjust or delete its PII. Users are permanently deleted from an account by the account administrator, which the customer is solely responsible for.

Planview will have access to information about user data and also IP-addresses. Such information is necessary for the administration of the services in case there’s a need for support or troubleshooting. Our portal for Data Subjects Access Requests (DSAR portal) ensures users can exercise their rights as a registered.

Planview may also collect information of your work in our services, or when you visit our website, through the use of automatic data collection tools such as cookies (described below) and other commonly used information-gathering tools.

For marketing purposes

In order to serve you with relevant information regarding our services, and to respond to any requests you may have, we collect information about you when signing up for a user account, a webinar or seminar, or when downloading content such as eBooks or whitepapers from our website. We may also receive information about you if shared by our partners, or collect it from public sources such as LinkedIn. This information may comprise all or some of these PII’s; your name, contact information (phone and fax numbers, street address, and email address), company name, work title and payment data.

If you are a user of our services and we are processing your PII as a data processor, we will not use your data for marketing and advertising purposes without your prior consent unless you are a designated contact point or representative of a customer and we are legally authorized to do so. Your consent is not a condition for the provision of our services to our customers, and you may at all times withdraw your consent or opt-out/unsubscribe to the processing of your PII for marketing purposes, as applicable.

We retain this information as you wish to receive information from us. We ensure the information we have is accurate and updated by regular control mechanisms. You may – at any time – require us to delete, rectify, restrict or object to any PII we hold about you. We use a data portal for Data Subjects Access Requests (DSAR portal) where you can exercise your rights as a registered.

FOR PLANVIEW COMMUNITIES AND COMMUNICATION FORUMS

Users of our communities and communication forums sign up for accessing to the different platforms that Planview provides. Some user information is mandatory and must be stated for access permissions. We collect basic PII such as name (to identify you as a user) and email (for authentication purposes). PII is stored during the time you are utilizing the platform. You may – at any time – require us to delete, rectify, restrict or object to any PII we hold about you. We use a data portal for Data Subjects Access Requests (DSAR portal) where you can exercise your rights as a registered.

FOR VENDOR ENGAGEMENT

When entering into an agreement with our third-party vendors, to ensure that the contractual obligations are binding on both parties, we need to collect the vendor representatives’ signature, alongside their name, company name and work title. Moreover, if you are a vendor employee, we may collect relevant information about and directly from you when you are providing services to Planview, such as your name, contact information, employment details (e.g. company name, work title, demographic and location data), and any email content and transmission data which are exchanged for the provision of the services.

Learn more about what information we collect and process

Show • Learn more about what information we collect and process

How and why we use your data

A growing body of data protection regulations specify how we can process your data. The regulations may vary between country, state or region. Considering such variations, we may need a specific reason, and a legal basis (among other requirements), for processing your data.

  • To enable you to use our product

    Planview is a data processor for the Planview software services. Our customers are the data controllers for the processing activities in scope. Customers shall give explicit instructions of how we may process their data in a Data Processing Agreement (DPA).
  • To improve our services and websites

    We conduct continuous testing and interact with feedback platforms, we are managing landing pages, perform heat mapping, traffic optimization, and data analysis and research. We have a legitimate interest of developing, ameliorating and improving our services for the benefit of our customers and users.
  • For customer support

    We are contractually committed to communicate with users and assist with support if required. We do this based on our legitimate interest to fulfill our contractual obligations towards our customers.
  • For direct marketing purposes

    To be able to provide you with information about our products, new features, and enhanced services. We have a legitimate interest to process your data to develop, ameliorate and improve our services. In some cases, we may request your consent for marketing purposes.
  • To receive services from our vendors

    To allow you to provide us services on behalf of your employer or contracting entity (our vendor), thereby executing our agreement with them. We have a legitimate interest in executing our agreements with our vendors, including our right to receive the purchased services.

For service delivery

For our services, we need information about you to be able to identify you, communicate with you and respond to requests. We also provide you with information of new features, functionalities and services. We are collecting metadata related to you for improving your user experience of our services, and for us to be able to provide you with a better, more user-friendly product. We believe you benefit in your work with our services thereby.

For marketing purposes

For marketing, we use the information we collect about you to communicate with you about our products and services. We are collecting metadata related to you for improving your user experience of our services, and for us to be able to provide you with a better, more user-friendly product.

FOR PLANVIEW COMMUNITIES AND COMMUNICATION FORUMS

For our communities and communication forums, we need the information we collect to be able to identify you and authenticate you when accessing these platforms. Other uses may include providing you with service and support, communicating with you and responding to your requests, and sending you information in relation to new products and services. We are collecting metadata related to you for improving your user experience of our platforms, and for us to be able to provide you with a better, more user-friendly platform. We believe you benefit in your work with our services thereby.

Data sharing

Planview shares information for business purposes only on a need-to-know basis and only with its own employees and affiliates; the customer from which Planview received the information; Planview agents, consultants, sub-processors, and third-party service-provider companies, that have agreed to take measures to safeguard your information and other entities authorized to have access to such information under applicable law or regulation.

If data transfer is required, Planview ensures that such transfer complies with the applicable privacy and data protection regulation, including adopting the necessary technical and organizational measures to guarantee an adequate level of protection to the transferred information. Except as described in this Privacy Statement, Planview will not share the personal information you provide to Planview with non-Planview third parties without your permission except as required by law.

Links to non-Planview websites

The website may provide links to unaffiliated, third-party websites for your convenience and information. If you access these links, you will leave the Planview website. Planview has no control over these websites and is not responsible or liable for the policies and practices followed by third parties. The PII you choose to provide, or that is collected by these third parties, is not covered by this Privacy Statement. If you link to or otherwise visit any other websites managed by third parties, we encourage you to review the privacy policies posted at those sites before submitting your personal information.

You can find more information below on the categories of PII we process from you and the categories of recipients with whom we may share that information, as well as the purposes for which we process it. Please know that the information we process from you at any given time may comprise all or some of these categories of PII, depending on several factors such as the data you provide to us, the data you make publicly available, your own actions (e.g. deleting your PII on our products and services, or deleting cookies or other similar tracking technologies from your browser) or your account administrator’s actions (e.g. deleting a user).

Category of Personal Data Categories of Recipients Purpose of use of Personal Data
Identifiers (such as your name, mailing address, email address, telephone number, professional job title etc.) Planview subsidiaries and affiliates; business partners who we partner with to jointly market or sell our products; event sponsors; service providers (including cloud service providers, security providers and data storage providers, together “Platform Service Providers”); marketing services providers; event services providers; data analytics providers; other users of our website if you post content to interactive areas of the website, such as other customers and prospects.

To operate, maintain and improve our Website

To register you for Events you sign up for with us and populate profiles for you in our records

To provide you with information about products or services that you request from us

To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including without limitation, our Website Terms of Use

To notify you about changes to our Website or obtain any required consent

To allow you to participate in interactive features of our website, when you choose to do so

To conduct industry analysis, benchmarking, analytics, marketing and other business purposes

To track your browsing behaviour, such as the pages you visited over time, for analytics and advertising purposes

To communicate with you for marketing purposes, in accordance with your marketing preferences

To promote our products, services or Events on our social media accounts

To allow you to participate in interactive features of our Website, when you choose to do so

To allow you to provide us services, if you are a vendor employee

Commercial information (such as events attended, title, products or services purchased and website preferences) Planview subsidiaries and affiliates; business partners; event sponsors; Platform Service Providers; marketing service providers; event service providers; advertising service providers; data analytics providers
Device, internet, and electronic network activity information (such as IP address, usage patterns, traffic data, location data, logs and other communication data and the resources that you access, as well as information about your device and internet connection, including your operating system and browser type) Planview subsidiaries and affiliates; Platform Service Providers; marketing service providers; advertising service providers; data analytics providers
Geolocation data (such as your country and city of residence) Planview subsidiaries and affiliates; Platform Service Providers; marketing services providers; data analytics providers
Audio, electronic, visual and similar information (such as photographs or recordings of selected events or conferences) Planview subsidiaries and affiliates; business partners; event sponsors; marketing service providers; creative service vendors; publicly on social media networks; Platform Service Providers
Professional or employment related information (such as job title and employment history) Planview subsidiaries and affiliates; business partners; event sponsors; Platform Service Providers; marketing services providers; advertising service providers; event service providers; data analytics providers
User Content (such as content or material you post on our Website, blogs, forums, threads or other interactive features of our websites) Planview subsidiaries and affiliates; Platform Service Providers; social media networks; other users of our website if you post content to interactive areas of the website

Learn more about for what purpose do we need your personal data and how do we use information about you

Show • Learn more about for what purpose do we need your personal data and how do we use information about you

How we use cookies and web analytics tools

Cookies are small text files that store information about your interactions with a particular website, either temporarily (known as a “temporary” or “session” cookie and deleted once you close your browser window) or more permanently on the hard drive of your computer (known as a “permanent” or “persistent cookie”). Cookies can make it easier to use a website by allowing servers to access certain information quickly:

  • Session cookies can be used to help a user’s browser navigate a website more smoothly and may show up if the user comes from a website with which the subsequent website has some relationship (e.g., a website of an affiliated company) and can give helpful information.
  • Persistent cookies can be used to customize a website for a user, such as by storing passwords, preferences, and registration and account information so that users do not have to re-enter this information each time they visit a website.

Planview uses Cookies both on its websites and in its software services.

Use of analytics tools and cookies on our websites

Planview uses web analytics services and similar technologies to analyze how users use the Planview websites. We also use your interactions on the website and the information you provide us with through registration forms to provide you services that better suit your preferences. This information is also used to assess our business performance, and our marketing effectiveness.

Our website may use both session cookies and persistent cookies to store information that allows us to improve our customer service to you and provide you with the ability to navigate the website more easily. To make our website easier to use, we combine information collected via cookies with personally identifiable information.

For detailed information regarding the cookies that we issue and to manage your cookie preferences, please visit our Privacy Preference Center.

Use of analytics tools and cookies on Planview software services

Planview’s software services only use strictly necessary cookies. Accordingly, these limited number of Cookies cannot be switched off. For more information on the use of Cookies on each of our software services, including the list of Cookies used and its purposes of use, please consult the Cookie Banners, or the Privacy Settings available on our software services.

Use of social media widgets

We use social media widgets as dynamic information sharing tools on our website to engage in dialogue, share information and media, and collaborate with our visitors. Your activity on these social media sites is governed by the security and privacy policies of those third-party sites.

Learn more about the cookies and analytics tools we use

Show • Learn more about the cookies and analytics tools we use

How we secure your data

Planview utilizes a risk-based information security management system incorporating a defense-in-depth strategy with preventative and detective controls at each of the layers where customer data is stored, processed or transmitted.

This includes:

  • Penetration tests and vulnerability scans
  • Tight control of access to environments where customer data is processed or stored
  • Encryption of data in transit using the Transport Layer Security (TLS) protocol
  • Encryption of data at rest using the Advanced Encryption Standard (AES) algorithm
  • A security management system built around the ISO 27001 standard
  • A Privacy Management Program built around the ISO 27701 standard
  • A dedicated team of information security professionals with decades of experience securing customer data
  • Individuals with access to PII are advised of, and understand, their responsibility to follow good data protection practices
  • Providing regular training on best practices for data protection
  • Regularly reviewing processes/procedures that involve access to PII
  • Privacy by Design is adopted for all new and/or modified systems and process
  • Agreements and mechanisms for transfers of PII to non-EU countries are in place
  • Market-leading endpoint security solutions that provide heuristic-based analysis of files and activity to prevent attacks, even when attackers use files that don’t match known signatures

We use a variety of appropriate physical, technical and administrative measures to safeguard and protect the information we receive and collect, including encryption techniques.

PII collected for the use of our services are stored within EU for EMEA customers, in the US for North and South American customers, and in Australia for Pacific customers.

We have specific internal authorized restrictions for our employee’s access to customer data and instructions in place for our different business areas.

We process information only in ways compatible with the purpose for which it was collected. As a user, password shall be used to help protect your accounts and PII. It is your responsibility to keep your password confidential.

We perform privacy and security assessments of all our vendors and suppliers that processes personal data on behalf of us.

Questions about our security measures can be raised with Planview’s security team [email protected].

Third parties who process your data

A software as a service solution is built upon an infrastructure of several components. The third-party vendors we use are infrastructure facilitators that provide for communication, security control and monitoring of use in order for the services to function and protect the information therein. If our customers had the ability to consent to the transfers of the very few third-party suppliers used, we wouldn’t be able to provide the services at its current state.

When we do this, it is sometimes necessary to share data. Your data is shared only when strictly necessary and according to acknowledged legally required safeguards and good practices detailed in this Privacy Statement.

Additionally, we may also share your PII with other third-party entities, when such data communications are necessary or adequate (i) under applicable law, (ii) to comply with court orders or reply to requests of public authorities, notably data protection supervisory authorities, (iii) to comply with our customers’ instructions for the processing of your PII, when we are acting as data processors, or (iv) based on your consent.

For service delivery

All Planview customers shall enter into a Data Processing Agreement with us to ensure an adequate level of protection for PII during the delivery of Planview services, and to make sure international transfers within Planview systems on behalf of customers and under their instructions, are compliant. Information of how we process PII, including use of specific third parties and transfers is stated therein. Planview is also required to cooperate with EU Data Protection Agencies with regards to privacy matters of any kind.

Any transfer of PII to a third party (regardless of physical location) or between our systems located in different countries, must first be reviewed to ensure compliance with the requirements imposed by the privacy regulations we are subject to. In particular, these transfers are often linked with robust contractual agreements between the parties to ensure its lawfulness, and that the necessary technical and organizational measures are in place to protect the transferred information.

PII collected on Planview sites and through our services may be processed in the US or any other country in which Planview or its subsidiaries or service providers maintain facilities. These activities are also subjected to the necessary measures to protect the transferred information. For detailed information of our sub processors, location and where such processing activities takes place, please contact Planview privacy –Planview privacy – [email protected]

For marketing and sales purpose

In accordance with Planview’s general data transfer procedures and applicable safeguards, we only share information in the context of marketing and sales for business purposes, on a need-to-know basis and exclusively with:

  • Our own employees and affiliates.
  • The customer from which Planview received the information.
  • Planview agents, consultants, subcontractors, and third-party service-provider companies, that have agreed to take measures to safeguard your information.
  • Other entities authorized to have access to such information under applicable law or regulation.

PII collected on Planview sites and through our services may be stored and processed in the US or any other country in which Planview or its subsidiaries or service providers maintain facilities. These activities are also subjected to robust contractual agreements, and the necessary technical and organizational measures to protect the transferred information. For detailed information of our sub processors, location and where such processing activities takes place, please contact Planview privacy –Planview privacy – [email protected]

FOR PLANVIEW COMMUNITIES AND COMMUNICATION FORUMS

To provide our communities and communication forums, Planview may partner up with selected third parties who facilitate the service and ensure the correct functioning of these platforms. Sometimes, the PII collected through our platforms may be processed in the US or any other country in which Planview or its subsidiaries or service providers maintain facilities. In these cases, Planview is responsible for robust contractual agreements are put in place with these third parties to ensure compliant protection of your PII. For detailed information of our partners, location and where such processing activities takes place, please contact Planview privacy –Planview privacy – [email protected]

FOR VENDOR ENGAGEMENT

To ensure the effectiveness of our vendors’ services provision across our sites, platforms and products, we may need to share your information on a need-to-know basis and exclusively with:

  • Our own employees and affiliates.
  • The vendor from which Planview received the information.
  • Planview agents, consultants, subcontractors, and other third-party service-provider companies, that have agreed to take measures to safeguard your information.
  • Other entities authorized to have access to such information under applicable law or regulation.

Sometimes, the PII we collect from you when you are providing services to us may be stored and processed in the US or any other country in which Planview or its subsidiaries or service providers maintain facilities. In these cases, Planview is responsible for maintaining robust contractual agreements in place to ensure compliant protection of your PII, and for implementing the necessary technical and organizational measures to protect the transferred information. For detailed information of our sub processors, location and where such processing activities takes place, please contact Planview privacy –Planview privacy – [email protected]

Learn more about the third parties who process your data

Show • Learn more about the third parties who process your data

How we transfer your data internationally

Planview may share data with third parties to support our operations for Service Delivery, Marketing and Sales purposes, and in the context of our Communities and Communication Forums or of the provision of services from our vendors. Depending on the infrastructure, operation and geographic location of these third parties, our partnerships may lead to international transfers of your data.

International data transfers may also take place when you interact with our Customer Support team. To ensure continuous availability and responsiveness this team is structured to provide assistance within different time zones and, in doing so, we may connect you with representatives located across various regions of the globe. This set-up is used to ensure a more timely and accessible resolution to your request.

Planview performs impact assessment of data transfers and adopts the necessary measures to mitigate risks to ensure transfers are conducted safely and lawfully. All international transfers of data are covered by robust contractual agreements and protected by appropriate technical and organizational measures. Subject to specific regulatory requirements for a certain region where Planview operates, we may also rely on additional safeguards to sufficiently protect your data.

Standard Contractual Clauses

For our Service deliveries, Planview uses EU-based data centers for hosting EMEA customer data and, in some cases, UK-based data centers to host UK customer data. In the event our customers share data with Planview resulting in an international data transfer to a country which does not ensure an adequate level of protection under the GDPR, Planview shall enter into the European Commission approved Standard Contractual Clauses to protect personal data. Moreover, when applicable, Planview shall also adapt Standard Contractual Clauses to protect personal data subject to Swiss law or enter into the UK Data Transfer Addendum.

Planview has a comprehensive and robust data protection security program in place that supplements the Standard Contractual Clauses, including the use of strong encryption methods. All systems, as well as all operational activities by Planview employees, are monitored to ensure confidentiality, availability, and resilience of the services, including restoration in the event of a breach. Regular testing, assessments and reviews of the security measures are performed to evaluate its effectiveness. Planview partners with the most acknowledged companies of data center providers, cloud service providers, analytic platforms and incident detection and response providers to facilitate and monitor the services. Planview is certified for ISO 27001 and 27701 and conducts SOC 2 third-party audits on an annual basis.

Planview believes the SCC’s in combination with additional safeguards in place ensure customer data remains protected in alignment with the GDPR requirements. However, Planview follows the development and guidance’s from the EU Supervisory authorities and the EDPS closely for additional supplementary arrangements as updated.

Data Privacy Framework

Planview, Inc and its U.S. subsidiaries PV Delaware LLC and Clarizen Inc. comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), including the Supplemental Principles, as set forth by the U.S. Department of Commerce (collectively, the “Data Privacy Framework”).

Furthermore, Planview, Inc and its U.S. subsidiaries have certified to the U.S. Department of Commerce that they adhere to the EU-U.S. Data Privacy Framework Principles (EU-US. DPF Principles) regarding the processing of personal data received from the European Union relying on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) relying on the UK extension to the EU-U.S. DPF. Planview, Inc and its U.S. subsidiaries have also certified to the U.S. Department of Commerce that they adhere to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) regarding the processing of personal data received from Switzerland relying on the Swiss-U.S. DPF.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Planview commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

Planview is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). If there is any conflict between the terms in this statement and the EU-U.S. DPF Principles, and/or the Swiss-U.S. DPF Principles, the Principles shall govern. For more information about the DPF Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Subject to the DPF Principles, you have the right to access your data as well as to limit the use and disclosure of your data. Planview ensures you can exercise your rights as described in this Privacy Statement and you can submit a request to us at any moment via our Data Subject Access Request portal.

If we receive data in the context of the DPF and subsequently transfer this data to a third-party acting as an agent on our behalf, we shall remain liable under the DPF Principles if that agent processes the data in a manner inconsistent with the Principles, unless we can prove that we are not responsible for the event giving rise to the damage.

Inquiries and complaints: Subject to the DPF, Planview is committed to resolving any complaints about our processing of personal data under the DPF Principles. Any inquires or complaints concerning our compliance with the DPF will be handled via our Data Subject Access Request portal.

Additionally, individuals may exercise their rights of choosing whether their personal information is (i) used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals, or (ii) disclosed to a third party (other than a third-party acting as an agent to perform tasks on our behalf and under our instructions and with whom we’ve entered into a contract) by submitting a request through the same Data Subject Access Request portal.

Alternatively, regular mail may also be directed to our European Union‑based subsidiary, Planview International AB, by addressing it to:

Planview International AB.
Klarabergsgatan 60
111 21 Stockholm
Sweden

Planview has appointed a Data Privacy Officer who can be contacted at [email protected].

Planview will respond to any inquiries and complaints within forty-five (45) days.

Under certain circumstances as described by the DPF you may invoke binding arbitration. For more information on these conditions, please review the guidance provided by the Data Privacy Framework Program at: https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2

Planview may be required to disclose your data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In the context of our Service Delivery, we will notify Customers of any such request unless otherwise prohibited by law or a legally binding order of such body or agency. In case we are prohibited by law from providing such notification, we shall use commercially reasonable efforts to obtain a waiver of the prohibition to enable such communication. In the event we do not consider the disclosure request to be legally binding, we shall not disclose any Customer data unless otherwise instructed by the Customer.

Planview reserves the right to update this section of the Statement from time to time in line with the DPF.

Learn more about how we transfer your data internationally

Show • Learn more about how we transfer your data internationally

How long we store your data

As data processors we keep customer information and PII as long as the service agreement with the customer is valid and in force. We keep backup logs stored for a limited time after termination for the sake of our customers convenience.

If a user of an account is deleted, all PII of the user is also deleted. Such measure can be managed by either the user himself or the customer account administrator. No assistance for such measures is required from the Planview Customer Support.

As data controllers we store PII of our users for marketing purposes as well as to keep you updated on our features and products. We also store your PII if you have provided this to us by interacting with us through different marketing channels. We keep our marketing records updated and correct by regular monitoring and by executing annual controls for accuracy. You may at any time unsubscribe from any communication from us without cost.

We are also data controllers for the processing and storage of PII of vendor employees, which we store only for the duration of our agreement with the vendor, unless legally required to keep certain data for a longer period due to tax and bookkeeping regulations.

We work to ensure any new and/or modified systems that collect, process, or use PII are built only after giving adequate consideration to privacy issues and their impact, including completion of one or more data protection impact assessment(s) (DPIA).

Data minimization, pseudonymization, and anonymization for both services and marketing and sales operations will be used, if possible.

Learn more about operation processes we are committing to

Show • Learn more about operation processes we are committing to

Your privacy choices and rights

A data processor must assist the data controller in fulfilling his obligations towards a registered natural person (data subject). Since we are data processors for our services, it is the data controller whom you shall contact if you want to exercise your rights as a registered user. For any other processing activities for which we act as the data controller, however, you may contact us directly to exercise your rights.

  • When using our services

    Please note that you can adjust, add, or restrict your own personal data at any time. Any other requests to exercise your rights as a registered user should be directed to the data controller who is providing you access to our services.
  • For marketing and sales operations, administration and facilitation of our Services, Planview communities and communication forums, and our engagement of third-party vendors

    Planview is a data controller. As a registered user, you may exercise your rights stated below directly towards us.

Access: You have the right to be informed about what PII we hold on you, where we received it from, and for what purpose we want to use it, as well as to obtain additional information about the processing (such as the recipients or categories of recipients that we transfer your PII to, and the period for which your PII will be stored). You may also request access to your PII, as well as obtain a copy of the data undergoing processing.

Rectification: You have the right to have your inaccurate or incomplete PII rectified and/or completed without undue delay. If you are using our services, you can at any time correct and adjust your PII.

Erasure/Deletion: You have the right to have your PII deleted without undue delay in specific circumstances as legally described, including when your PII is no longer necessary for the purposes for which we originally collected them, or when you withdraw consent and we have no other legal basis to process that information.

Restriction: You have the right to request the restriction of our processing of your PII in specific circumstances as legally described, such as when you contest the accuracy of your data. In this case, we will keep storing our data but cease any other processing activities, unless you consent to them or they are legally allowed.

Objection/Opt-out: You have the right to object at any time to the processing of your PII for direct marketing purposes. If we are processing your PII for other purposes based on our legitimate interests, you may also object to the processing of your information at any time and on grounds relating to your situation, in which case we will cease our processing activities unless we have compelling legitimate grounds which override your rights and interests.

Portability: You have the right to receive any PII you provided to us in a structured, commonly used and machine-readable format and to transmit those data to another data controller, when we are processing it based on your consent or on a contract with you.

Our legal basis for processing – the legitimate interest: You have the right to know why we consider having a legitimate interest of processing your PII. You also have the right to object to this and restrict us from processing your data further by unsubscribing to direct marketing, as stated above.

Our legal basis for processing – consent: If we are processing your PII based on your consent, you have the right to withdraw this consent at any time. Please be advised that this does not affect the lawfulness of any processing carried out prior to the withdrawal.

Contact: If you want to exercise your rights as a data subject, please contact us at the Data Subjects Access Requests DSAR portal. For other privacy matters, please contact our Data Privacy Officer at Planview privacy –[email protected], or Planview Klarabergsgatan 60, 111 21 Stockholm SWEDEN.

Complain: If you want to file a complaint to the supervisory authority, you should contact 1) the authority in your own country if you are an EU citizen, or 2) the Swedish Integritetsskyddsmyndigheten (IMY) www.imy.se if you are a non-EU citizen. You also have the possibility, under certain conditions, to invoke binding arbitration*.

*Binding arbitration is a means of resolving a dispute that is private, less formal, less costly and less time-consuming than traditional litigation. We agree to submit a dispute to an impartial arbitrator authorized to resolve the controversy by rendering a final and binding award.

Learn more about your rights as a registered data subject

Show • Learn more about your rights as a registered data subject

How you can hold us accountable

We are dedicated to maintaining transparency and open lines of communication for anyone with questions or concerns regarding the processing of their PII. You have two options for reaching out to Planview with questions or concerns.