Appian.com Privacy Policy and European Union Safe Harbor Privacy Statement

European Union/Switzerland Safe Harbor Privacy Statement, Australia Privacy Policy and Website Privacy Policy

European Union/Switzerland Safe Harbor Policy
This U.S-E.U. and U.S.-Swiss Safe Harbor Privacy Policy (“Safe Harbor Policy”) describes how Appian Corporation (“we”, “us” or “our”) handles personal information collected by our subsidiaries, our corporate customers and other business partners located in the European Economic Area (the EEA) and Switzerland, which is then transferred to us in the United States. We have certified to U.S.–E.U. Safe Harbor Framework and the U.S.–Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from our subsidiaries, corporate customers, and other business partners in the EEA and Switzerland (“Safe Harbor Privacy Principles”). To learn more about the Safe Harbor program, and to view our certification, visit http://www.export.gov/safeharbor.

Personal information
We may receive your personal information from our subsidiaries, our corporate customers, and other business partners in the EEA and Switzerland. We will not use any personal information sent to us other than for the purposes described at the time the information was collected without your consent.

Agents and service providers
We work with several companies to help deliver our services, including third party hosted service providers and email service providers. They are not permitted to use personal information received from us from the EEA or Switzerland for their own purposes, and are required either to subscribe to the Safe Harbor Privacy Principles, be subject to the EU Privacy Directive or another adequacy finding, or enter into a written agreement that requires them to provide at least the same level of privacy protection as is required by the relevant Safe Harbor Privacy Principles.

Security
We use reasonable physical, electronic, and administrative safeguards to protect your personal information from loss; misuse; or unauthorized access, disclosure, alteration, or destruction.

Data integrity
We take reasonable steps to ensure that your personal information that we process is accurate, complete, and current by using the most recent information provided to us.

Accessing and updating your information
You can request to review, update, or delete your personal information.

Appian’s cloud service offering
We provide a cloud service offering to our customers. If you interact with one of our customers who purchases this service, we may receive and process your personal information. When providing the cloud service offering, we act as the data processor, and act on the instructions of the customers who purchase the cloud service offering. Companies using our cloud service offering are responsible for complying with all other obligations in relation to the personal information they may collect from you.

Questions or concerns
If you have any complaints regarding our compliance with the Safe Harbor program, you should first contact us. If the complaint cannot be resolved through our internal dispute resolution process, you may submit your complaint to the American Arbitration Association.

Changes or updates
This Safe Harbor Policy may be changed from time to time as permitted under the Safe Harbor program.

Australia Privacy Policy
This Australian Privacy Policy (“Australia Privacy Policy”) applies to the operations in Australia of Appian Corporation and any entity owned or controlled by Appian Corporation (collectively referred to as “Appian”). This policy explains how Appian handles personal information and complies with the requirements of the Australian Privacy Act 1988 (Cth) (“Privacy Act”).  This policy does not cover categories of personal information that are not covered by the Privacy Act.
Appian may modify this Australian Privacy Policy from time to time to reflect Appian’s current privacy practices.

Personal Information Appian Collects
Appian collects personal information from customers, prospective customers, employees, contractors and other individuals.
The main types of personal information Appian collects relate to the contact details and organizational roles of Appian’s customers, prospective customers, suppliers and other business contacts. Typically, this information includes names, addresses, telephone numbers, e-mail addresses and job titles. In the course of providing services to Appian’s customers, Appian may collect detailed personal information that is provided to Appian by its customers.
Because of the nature of Appian’s business, it is generally impracticable to deal with individuals on an anonymous basis or through the use of a pseudonym.

How Appian Collects Personal Information
Information is collected directly from individuals through face to face meetings, forms filled out by individuals, email messages or telephone conversations.
Appian may receive a person’s personal information in performing services for its customers.  In particular, and without limiting the generality of the foregoing, Appian provides a cloud service offering to its customers. If an individual interacts with one of Appian’s customers who purchases this service, Appian may receive that individual’s personal information that is provided to Appian by these customers when using Appian’s cloud service.
Appian may also collect personal information about an individual from the individual’s use of Appian’s websites and information you provide to Appian through contact mailboxes or through the registration process on Appian’s websites.

How Personal Information is Held
Appian holds personal information in hard copy and electronic formats.

Purposes For Which Personal Information is Collected and Held

The main purposes for which Appian collects, holds and uses personal information are:

  • to provide services to Appian’s customers
  • to maintain contact with customers and prospective customers
  • to keep customers and other contacts informed of the services Appian offers and industry developments that may be of interest to them, and to notify them of service offerings, seminars and other events Appian is holding
  • for general management and reporting purposes, such as invoicing and account management
  • for recruitment purposes
  • for purposes related to the employment of Appian personnel and providing internal services to Appian’s staff
  • other purposes related to Appian’s business

Accessing personal information
A person may request to access personal information about them held by Appian. Such a request must be made in writing to the address below.

Appian will grant a person access to their personal information as soon as possible, subject to the circumstances of the request.

A request to access personal information will be rejected if:

  • the request is frivolous or vexatious
  • providing access would have an unreasonable impact on the privacy of another person
  • providing access would pose a serious and imminent threat to the life or health of any person
  • providing access would prejudice Appian’s legal rights
  • there are other legal grounds to deny the request

Appian may charge a fee for reasonable costs incurred in giving access to an individual’s personal information. The fee (if any) will be disclosed prior to it being levied.

Correcting personal information
Appian will take reasonable steps to ensure the accuracy and completeness of the personal information Appian holds. However, if a person believes that any personal information that Appian holds about them is inaccurate or out of date, they should contact Appian in writing at the following address:
Appian Corporation

Attention: Legal Department

11955 Democracy Drive, Suite 1700

Reston, Virginia 20190 (USA)

Complaints
If a person wishes to complain about a breach by Appian of this Australia Privacy Policy, a complaint may be lodged in writing by post to the address set out above.

Appian deals with complaints via Appian’s internal data privacy complaint process, under which an Appian contact officer will be allocated to assess an individual’s complaint and respond to the individual within a reasonable timeframe. Appian takes all complaints seriously and any further action after Appian’s initial response will vary depending on the nature of the complaint.

Information Security
Appian will take all reasonable steps to ensure that all personal information held by Appian is secure from any unauthorized access or disclosure. However, Appian does not guarantee that personal information cannot be accessed by an unauthorized person (e.g. a hacker) or that unauthorized disclosures will not occur.

Appian will take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for the purposes for which Appian is authorized to use it.
Transfers of Personal Information Outside Australia

Appian exchanges information, including personal information, between various subsidiary companies in the United States, Switzerland, the United Kingdom and other countries in the European Union, all as necessary to provide the services requested from Appian by its customers or for general administrative purposes.  Appian may also use facilities or contractors in the United States, Switzerland or in the European Union to process or back-up information or to provide certain services to Appian.

WEBSITE PRIVACY STATEMENT

This Website Privacy Policy (“Website Privacy Policy”) applies to your use of the website provided through the domain and sub-domains of https://www.appian.com (the “Site”). For the purpose of this Website Privacy Policy, the term “you” or “your” means you and any entity you register on behalf of to use the Site. This Website Privacy Policy describes the personal information we may collect in connection with your use of the Site and what may happen to that information. By using this Site, you signify your assent to this Website Privacy Policy. If you do not agree to this Website Privacy Policy, please do not use this Site. Information Collection and Use We may collect the information that you voluntarily submit when you register on or visit the Site. We will use the information that you provide to respond to requests that you may make to us, to contact you and/or to provide you with general information regarding Appian’s products, services and promotional offers. We may also share your data with our agents, in connection with services that these individuals or entities perform for us. These agents are restricted from using this data in any way other than to provide services for us. We may share your data to respond to duly authorized information requests of governmental authorities or where required by law. Security We and our third party hosting service providers use appropriate technical and organizational measures to protect your identifiable information against loss and unauthorized access and use. However, third parties may unlawfully intercept or access transmissions or private communications, or users may abuse or misuse your identifiable or personal information that they collect from the Site. Therefore, although we use industry standard practices to protect your privacy, we do not promise, and you should not expect, that your identifiable or personal information or private communications will always remain private. Access You may access your personal data stored on this Site, and may correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks of your privacy or where the rights of other persons would be violated. You may remove yourself from our distribution list by sending a request toremove@appian.com. Cookies A “cookie” is a small text file placed on your computer. It identifies your computer to whoever placed the cookie, and could contain information about you. The Site uses cookies so that we can better understand what information on the Site is most valuable to users. Other Sites and Public Areas We may provide links that take you to other web sites. We encourage you to review privacy and other policies at third party sites you visit, since those sites are not bound to follow this Website Privacy Policy. We may also make chat rooms, forums, message boards, and news groups available to you. Please understand that any information you disclose in such areas becomes public information. We have no control over its use and encourage you to exercise caution when deciding what information to share. Use by Minors/Children This Site is not intended for, or designed to attract, individuals under the age of 18. We do not collect information from any person we actually know is an individual under the age of 18. Modifications We may amend this Website Privacy Policy at any time and without notice, simply by posting a modification on the Site. Any modification will be effective immediately upon posting to the Site. Accordingly, please check this part of the Site from time to time to see if there has been a change. Enforcement We regularly review our compliance with this Website Privacy Policy and encourage you to notify us of any concerns regarding our compliance with this Website Privacy Policy. If a complaint or dispute cannot be resolved through our internal processes, we agree to use an independent means to resolve the issue.

Last Updated: May 8, 2014