Simplify & secure Kafka at scale—see what’s new in Confluent Platform 8.0 | Register Now
Confluent, Inc. and its subsidiaries (“Confluent,” “we,” “our,” or “us”) understand that privacy is important to visitors to our websites (our “Sites”) and users of our products and services (our “Products”). This Privacy Notice ("Notice") explains how we collect, use, and share your personal information, and how you can exercise your privacy rights.
If you are unable to access this Notice due to a disability or any physical or mental impairment, please contact us using the contact details in the How to Contact Us Section and we will arrange to supply you with the information you need in an alternative format that you can access.
This Notice covers personal information we process:
(1) When you visit our Sites, and in the usual course of business, such as in connection with our events, sales, and marketing activities (collectively, "Visitors"); and
(2) When you register to or otherwise use Confluent Products whether as an individual, as an
applicant, team member, or employee of our customers (collectively, "Users").
This Notice does not apply to Sites or Products that display or link to different privacy policies.
This Notice also does not apply where Confluent processes personal information of our
customers on their behalf; our collection and processing of such personal information is
governed by our agreements with those customers.
Quick Links
We recommend that you read this Notice in full to ensure you are fully informed. However, to
make it easier for you to review those parts of this Notice, which apply to you, we have divided
up the document into the following sections:
1. WHO WE ARE
2. PERSONAL INFORMATION WE COLLECT
3. OUR USE OF COOKIES AND SIMILAR TECHNOLOGIES
4. OUR USE OF PERSONAL INFORMATION
5. SHARING OF PERSONAL INFORMATION
6. YOUR CHOICES ABOUT PERSONAL INFORMATION
7. U.S. STATE DATA PRIVACY
8. CALIFORNIA DISCLOSURES
9. HOW WE STORE AND PROTECT PERSONAL INFORMATION
10. CHILDREN PRIVACY
11. CHANGES TO THIS NOTICE
12. HOW TO CONTACT US
1. WHO WE ARE
Confluent is a company headquartered in Mountain View, California. Confluent is pioneering a fundamentally new category of data infrastructure focused on data in motion. Confluent’s cloud-native offering is the foundational platform for data in motion – designed to be the intelligent connective tissue enabling real-time data, from multiple sources, to constantly stream across the organization. With Confluent, organizations can create a central nervous system to innovate and win in a digital-first world.
2. PERSONAL INFORMATION WE COLLECT
The information we collect depends on the context of your interactions with Confluent and the choices you make (including your privacy settings), the Products and features you use, your location, and applicable law.
(i) Information You Provide to Us
WHEN YOU VISIT OUR SITES
Certain parts of our Sites may ask you to provide personal information voluntarily. We collect and store personal information that you directly provide us through our Site, through interactions on social media, participation in a survey or promotion, application for a job, when downloading white papers on our Sites, and at events. We will collect certain personal information so that we may fulfill your request or keep in touch in connection with our sales
and marketing activities (always in accordance with your marketing preferences). Information we collect includes:
WHEN YOU USE OUR PRODUCTS
If you are a User, you or your employer, may provide certain personal information to us through the use of Confluent Products - for example, when you register for a Confluent account to access and use our Products, when you consult with customer support, or send us an email or communicate with us in any way. Personal information we collect may include:
(ii) Information We Collect Automatically.
WHEN YOU VISIT OUR SITES
When you visit our Sites or interact with our emails, we gather certain technical information from your browser or device automatically and store it in log files. In some (but not all) countries, including countries in the European Economic Area ("EEA"), UK and Switzerland, this information is considered personal information under data protection laws. To the extent that this automatically collected data includes, or is linked to, personal information, we will treat the data in accordance with this Notice.
This information we collect includes:
For more information please see the “Our Use of Cookies and Other Technologies” and “Product
telemetry data” sections below.
WHEN YOU USE OUR PRODUCTS
When you use our Products, we collect certain technical information from your browser or
device automatically. This information includes:
(iii) Information We Collect from Third-party Sources.
We may occasionally receive your personal information from third party sources including our affiliates, marketing and research partners, and companies such as DiscoverOrg (contact database), Hootsuite (social media management platform), Kickfire (company database), and LinkedIn.
Users of our Products may also provide your personal information when they identify you as a billing, support, or technical contact, or when inviting you to use our Products or attend our events. If you integrate or link a third-party service with our Sites or Products, we may receive personal information about you from that third-party service based upon the settings and permissions you've established with such third party service, and that third party service's privacy practices.
The types of information we collect from third parties may include contact information, demographic data, and content and communications. We use this information to maintain and improve the accuracy of the records we hold about you, identify new customers, and provide a more tailored advertising experience. We may combine this information with other information we collect about you through our Sites and Products.
When you are asked to provide personal information, you may decline. But if you choose not to provide information that is necessary to provide certain Products, those Products may not be available or function correctly.
Finally, you have the option to create a Confluent Cloud account and log into such account using Google sign-in services. Google sign-in services will authenticate your identity and provide you with the option to share with us certain information, such as your full name, nickname, e-mail address and picture. Confluent receives this data from Google as part of the creation, authentication and authorization framework in connection to your Confluent Cloud account.
3. OUR USE OF COOKIES AND SIMILAR TECHNOLOGIES
Our Sites and related online services use cookies and similar technologies to enable certain functionality and help collect information about your visit. We use the following technologies, over which you have certain options: “Cookies” are small text files, typically containing a unique string of letters and numbers, stored on your hard drive by a Site. When you return to the Site using the same browser, the Site can read the cookie and thereby gather information about your usage over time. Among other things, we use cookies and other technology to see which areas and features are popular and to count visits, which helps us to improve our Site, our Products, and your experience. Most Web browsers are set to accept cookies by default. If you prefer, you can usually set your browser to remove cookies and to reject cookies. If you choose to remove reject cookies, this could affect certain features or services of our Site or other Products. For specific opt out links and to manage your preferences in relation to first and third party cookies please see our Cookie Notice.
Web Beacons. We may collect information using Web beacons. Web beacons are electronic images that may be used on our Site, Products, or in our emails. We use Web beacons to deliver cookies, count visits, understand usage and campaign effectiveness, and to tell if an email has been opened and acted upon.
Google Analytics: We use cookies served by Google Analytics to collect limited data directly from your browser to enable us to better understand your use of the Sites and Services, including making use of the demographics and interests reports services of Google Analytics. Further information on how Google collects and uses this data can be found at https://policies.google.com/technologies/partner-sites. You can opt-out of all Google supported analytics within the Services by visiting https://tools.google.com/dlpage/gaoptout.
Analytics and Advertising. We work with third parties to provide analytics and advertising services in connection with our Sites and Products. These third parties use cookies, web beacons, or similar technologies to automatically collect some of the information described above from visitors of our Sites and Products over time and across third party Web sites and mobile applications for purposes of analytics and advertising. We use the analytics information to analyze and improve our services. Our advertising partners use the information to try to understand your interests and show you relevant advertising about products and services from and on behalf of us and others. Our third-party analytics and advertising partners may provide you with options to opt-out of certain information collection. For additional information about online interest-based advertising, our use of cookies and other similar tracking technologies, and how to opt-out of having your information used for these purposes by many of these third- parties, please see our Cookie Notice.
Telemetry data. If you prefer that we do not collect certain telemetry data, including IP Address, through ksqlDB or Health+, you can turn off the collection of this data as detailed in our More Information page. Please note that if you initiate a support request, you may be required to provide us with certain log information or other data about your systems, servers, and clients to allow us to provide such support services.
Do Not Track. There are many ways through which web browser signals and other similar mechanisms (for example, “Do Not Track”) can indicate your choice to disable tracking, and, while we and others give you choices described in this Notice, we do not currently honor these mechanisms.
4. OUR USE OF PERSONAL INFORMATION
Confluent processes personal information for the following business purposes, and if you are a resident in the EEA or UK, on the legal basis identified below:
5. SHARING OF PERSONAL INFORMATION
We may share or disclose your personal information to the following categories of recipients:
6. YOUR CHOICES ABOUT PERSONAL INFORMATION
Depending on your location, your jurisdiction, and subject to applicable law, you may have the rights below with regard to the personal information we control about you. We will respond to your requests within the appropriate timeline under applicable law.
Communications preferences. You can stop receiving promotional emails from us by clicking on the “unsubscribe link” provided in such emails or by contacting us at the contact details set forth below. In addition, you can make changes to your preferences in our Preference Center. We make every effort to promptly process all unsubscribe requests. If you opt out, we may still send you transactional communications (e.g., non-promotional emails such as emails about training and events you registered to attend and technical or security notices).
Privacy Rights (EEA residents). EEA residents are afforded certain privacy rights by relevant privacy laws, such as the General Data Protection Regulation ("GDPR")
European Data Protection Rights (EEA Residents) If the processing of personal information about you is subject to European Union data protection law, you have certain rights with respect to that data:
If you reside in a U.S. state which has a data privacy law currently in effect (including but not limited to: California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia), please refer to the state in which you reside to learn more about additional terms and rights that may apply to you.
California
The California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), requires us to provide California consumers with some additional information regarding how we collect, use, and disclose your personal information, and the rights available to California consumers under the CCPA. The terms used in this section have the same meaning as in the CCPA.
As described in detail in Section 2 ("Personal Information We Collect") of this Notice, we may collect the following categories of information about you through the Confluent Product or when you visit our sites:
The sources from which we collect personal information are described in Section 2 ("Personal Information We Collect") of this Notice. The business and commercial purposes for which we collect this information are described in Section 4 ("Our Use of Personal Information") of Notice. The categories of third parties to whom we "disclose" this information for a business purpose are described in Section 5 ("Sharing of Personal Information") of this Notice
Sales and Sharing of Personal Information
Confluent does not sell personal information as the term “sell” is traditionally understood (i.e. for money). However, the CCPA defines "sale" very broadly. It includes the disclosure of a California resident's personal information in exchange for anything of value. Like many websites and apps, our Sites and related online services use cookies and similar technologies to enable certain functionality, help collect information about your visit, and, if you choose to enable such cookies, show you relevant advertising about products and services from and on behalf of us and others, as described in Section 3 ("Our Use of Cookies and Similar Tracking Technologies"). The use of such cookies which disclose or make available a California resident’s personal information (including IP addresses, cookie IDs, and mobile IDs) to third parties including advertising partners may be considered a “sale” of personal information under the CCPA (given its broad definition of "sale"), or a "share" of personal information under the CPRA amendments (which is defined as the disclosure of personal information for the purposes of cross-context behavioral advertising).
According to how the terms "sale" and "share" are defined under the CCPA, in the year before this section was last updated, we may have "sold" or "shared" the following categories of personal information to third parties: identifiers (like your IP Address) and other electronic network activity (such as browsing history). We may have "sold" or "shared" these categories of personal information to the third parties listed in Section 5 ("Sharing of Personal Information") of this Notice.
We do not knowingly sell or share personal information of California residents who are under 16 years of age.
California Privacy Rights
If you are a California resident, you may have the following rights under the CCPA, subject to certain limitations and exceptions under applicable law:
You have the right to receive your personal information in a portable and commonly used format.
Additional U.S. States
This section applies to residents of certain U.S. states which also have an applicable data privacy law currently in effect, including but not limited to: Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia. Depending on your U.S. state of residency, you may have the following privacy rights (as and to the extent applicable):
Please note that the rights listed above in this Additional U.S. States section only apply to residents who are acting in an individual or household context only, and do not include residents acting in a commercial or employment context.
Making Rights Requests
If you are a resident of one of the above U.S. states and would like to exercise any of your rights described above, please submit your rights request by using this form or by e-mailing us at privacy@confluent.io. To protect the personal data that we maintain, we may verify your identity when you make a request.
Please note that the rights described above are not absolute, and where an exception under applicable law applies, we may be entitled to refuse requests in whole or in part. For example, where responding to your request involves disproportionate effort, when we are unable to verify your identity or if the rights and freedoms of another individual would be negatively affected.
In certain states (such as California), an authorized agent may submit a rights request on your behalf. We may require an authorized agent to verify their authority to submit a request on your behalf, or we may require you to verify your own identity or confirm with us that you provided the agent with permission to submit the request. We will only use the information provided for verification to confirm the requestor’s identity or authority to make the request, and for our compliance records.
We endeavor to respond to a verifiable request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period (up to a total of 90 days) in writing.
California law allows California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a. request, please put “Shine the Light” in the “Request Details” portion of your request on the form above or in the subject line, if submitted by e-mail. Note that there are restrictions on the number of times you can exercise some of these rights. You may designate an authorized agent to make a request on your behalf. The agent must provide proof of your authorization. We may deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf. We may need to verify your request before completing it. For example, we may ask you to confirm data points we already have about you. We will only use Personal Information provided in a request to verify the requestor’s identity or authority.
If you are a California resident under 18 years old and a registered user of one of the Sites, you can request that we remove content or information that you have posted to our Sites. Fulfillment of the request may not ensure complete or comprehensive removal (e.g., if the content or information has been reposted by another user). To request removal of content or information, please contact us at privacy@confluent.io.
9. HOW WE STORE AND PROTECT PERSONAL INFORMATION
Storage and processing. Your information collected through the Sites and our Products may be stored and processed in any country in which Confluent or its subsidiaries, affiliates, or service providers maintain facilities including your region, the United States, United Kingdom, European Economic Area, Canada, Singapore, India, Hong Kong, Israel, Japan, Malaysia, Singapore, South Korea, United Arab Emirates, Australia, amongst others. Our processing locations are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps designed to ensure that the data we collect under this Notice is processed according to the provisions of this Notice and applicable law wherever the data is located.
International data transfers. When we transfer personal information from the European Economic Area, the United Kingdom, or from Switzerland to the United States or other countries which have not been determined by the European Commission to have laws that provide an adequate level of data protection, we use legal mechanisms, including contracts, designed to help ensure your rights and protections. Specifically, our website servers are located in the United States and our affiliates, partners, third parties and service providers operate in the United States, United Kingdom, European Economic Area, Canada, Singapore, India, Hong Kong, Israel, Japan, Malaysia, Singapore, South Korea, United Arab Emirates, Australia, amongst others. This means when we collect your personal information, we may process it in any of these countries. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Notice. The safeguard Confluent primarily relies upon is the European Commission-approved standard contractual clauses. For more information about these mechanisms, please contact us using the contact details provided in the “How to Contact Us” section below.
Keeping your information safe. Confluent cares about the security of your information and takes reasonable and appropriate technical and organizational measures designed to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction of personal information. However, no security system is impenetrable, and we cannot guarantee the security of our systems or your information. For this reason, you should be mindful of the information you provide to us.
Lawful basis for processing personal information (EEA only). If you are located in the European Economic Area (EEA), Confluent, Inc. is as a rule the data controller of your information. For more details on the legal bases used for the processing of your personal information, please see section 4 "Our Use of Personal Information".
Our legal basis for collecting and using the personal information above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you. If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will indicate this at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as the possible consequences, if any, if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of a third party), we will indicate to you at the relevant time what those legitimate interests are. If you have questions about the legal basis for processing or want to find out more, please contact us using the details at the end of this Notice in the Section "How to Contact Us".
Retention. We retain personal information for as long as we have an ongoing legitimate business need to do so. For example, we retain your account information for as long as your account is active or as needed to provide you with Products you have requested or authorized, including maintaining and improving the performance of the Products and protecting system security. We also retain personal information as needed to maintain appropriate business and financial records, protect our legal interests, resolve disputes, or comply with legal or regulatory requirements. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or if this is not possible (for example, because your personal information has been stored in backup archives), then we will store your personal information using appropriate security measures and take appropriate steps designed to isolate it from any further processing until deletion is possible.
Our Sites are not intended for or directed to children under the age of 14. We do not knowingly collect personal information directly from children under the age of 14 without parental consent. If we become aware that a child under the age of 14 has provided us with personal information, we will delete the information from our records.
Additionally, our Sites are not intended for or directed to the residents of Colorado, Connecticut, Delaware, Maryland, or New Jersey who are under the age of 18 years. For these states, if we become aware that anyone under the age of 18 has provided us with personal information, we will delete the information from our records.
Confluent may modify or update this Notice from time to time to reflect the changes in our business and practices. Please review this page periodically. If we make any changes to this Notice, we will notify you by changing the "Last Updated" date above. If we make any material changes, we will provide you with additional notice or obtain consent as may be required by applicable law.
If you have any questions, complaints, or concerns about how your information is handled, please email us at privacy@confluent.io.
Our main address is 899 West Evelyn, Mountain View, CA 94041, USA.
Our EU representative’s contact information is Confluent Germany GmbH c/o Osborne Clarke, Innere Kanalstraße 15, D-50823 Cologne, Germany and may also be reached at privacy@confluent.io.
Our United Kingdom representative’s contact information is Confluent Europe Ltd. - EMEA, 1 Bedford Street London WC2E 9HG and may also be reached at privacy@confluent.io.
If you would like to exercise any of your rights for yourself or on behalf of someone else, please use this form or e-mail us at privacy@confluent.io.