Updated October 2023

Privacy Policy

This privacy policy describes the personal data (defined below) that Samsara Inc. and its affiliates (“Samsara”, “we”, “us” and/or “our”) collect about you, how we use and protect this personal data, and the choices you can make about how we may use your personal data. Your privacy and the security of your personal data matters to us, so please get to know our privacy practices and contact us should you have any questions about your personal data.

If you are a visitor located in the EEA, the UK or Switzerland, please note that Samsara complies with the General Data Protection Regulation (EU Regulation 2016/679) (“EU GDPR”), its incorporation into the laws of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 (“UK GDPR”) and/or the Swiss Federal Act on Data Protection (“FADP”), as applicable (together, the “GDPR”). Your rights in relation to the GDPR are detailed below. If you have any questions, please contact privacy@samsara.com.

If Samsara products collect information about you (e.g., as an employee of a Samsara customer), please note that this privacy policy covers only those instances when the purposes and means of processing your personal data are determined by us (e.g., when we are a “controller” as defined by the GDPR). It therefore does not apply to any of your personal data which we may process on behalf of our customers (e.g., when we are a “processor” as defined by the GDPR). Please therefore directly contact the relevant controller (e.g., your employer, if you are an employee of a Samsara customer) for more information about their privacy practices.

COLLECTION AND USE OF PERSONAL DATA

Personal Data. “Personal data” is any information that relates to an identified or identifiable individual or as otherwise defined by an applicable data protection law or regulation. Samsara may collect a variety of personal data about you in a number of ways: 

  • Personal data you provide directly. We may collect personal data that you provide directly, such as when you access our website, create a user account with us, register our products, or otherwise give us your name, email address, etc. You may also choose to submit personal data to us via other methods. E.g., in response to marketing or other communications; through social media or online forums; through participation in an offer, program or promotion; in connection with an actual or potential business relationship with us; or by giving us your business card or contact details at trade shows or other events. When you contact Samsara, we may also keep a record of your communication to better support you in the future. From time to time, we may offer referral programs to refer prospective customers to us. Please refer a prospective customer and provide their personal data to us only if you have their permission. If you later find out you did not have such consent, please inform us as soon as possible.

  • Personal data we collect automatically. We may automatically collect information about how you use and engage with our business (e.g., via our websites and/or applications), products and/or services over time, and some of this may be personal data. In addition, we may use cookies and other technologies to function effectively. For more information, please refer to the “Cookies and Similar Technologies” section of this privacy policy below.  

  • Personal data we collect from other sources. As mentioned above, we may receive your personal data via a referral. In addition, we may supplement other personal data we have collected with information from third parties or other publicly available sources. If the products and/or services you use are offered by one of our partners and you registered with such a partner, we may also receive your personal data from them. If applicable, you should also therefore carefully review our partner's privacy policy, which may have different terms.

Categories of personal data we typically collect. Depending on your interaction with our business, we may collect:

  • Personal identifiers, such as your real name, alias, postal address, unique personal identifier, online identifier, government-issued identifiers, email address, phone number, account name, or other similar identifiers.

  • Internet activity information, such as Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, the web page that directed you to our services, the date and time of your visit, information about how you engage with us (e.g., the links or buttons you click and pages you view of our website or applications), whether an email was opened, and other standard server log information.

  • Commercial information, such as records of products or services purchased, obtained, or considered, or other purchasing or consumption histories or tendencies.

  • Professional information, such as your title. 

Sensitive personal information. We do not collect any “sensitive personal information” as defined by the California Consumer Privacy Act of 2018 as amended by The California Privacy Rights Act of 2020 (together with its implementing regulations, the “CPRA”). Accordingly, we do not use, disclose, sell, or share “sensitive personal information.”

How we use personal data we collect. We collect, use, and store your personal data for the reasons set out below.

  • Where the processing is necessary for us to administer our relationship with you. For example: 

    • creating and administering orders for you (including, if necessary, processing payments)

    • registering, maintaining and managing your account (e.g., email preferences) or for interacting with our business (e.g., via our website, telephone, video conferencing and/or email)

    • providing you with support and responding to your queries, feedback, claims and/or disputes

    • when visiting our offices or attending events

  • Where necessary for Samsara's legitimate interests, and where our interests are not overridden by your data protection rights. For example:

    • developing product or service features or functionalities, including when you give us feature feedback and suggestions

    • managing and improving our website, systems and infrastructure 

    • identifying, developing, and marketing products and services that we believe will interest you

    • communicating with you regarding our business, products and services, including promotional offers and suggested products, services, or new features or functionalities which may be of interest to you 

    • protecting the security of our premises, assets, systems, customers, customer end users, and intellectual property and enforcing company policies

    • undertaking mergers, acquisitions, reorganizations, or disposals, as permitted/required in accordance with local law

    • protecting our legitimate business interests and legal rights, including use in connection with legal claims, compliance, regulatory, auditing, investigative and disciplinary purposes (including disclosure of such information in connection with legal process or litigation) and other ethics and compliance reporting requirements

  • Where necessary to comply with a legal obligation. For example:

    • tax law and similar obligations (e.g., tax and national insurance reporting, filing and withholding)

    • responding to court orders, subpoenas or other legal processes with which Samsara is required to comply

    • complying with legal, regulatory and other requirements

We may provide you with more specific notices for some of the processing described above and, if we require your consent, will ask for this at the appropriate time.

To the extent that we process any special categories of personal data relating to you, we will do so because: (i) the data has been manifestly made public; (ii) the processing is necessary for the establishment, exercise or defense of a legal claim; (iii) the processing is necessary for reasons of substantial public interest; and/or (iv) you have given your explicit consent to us to process that information (where legally permissible).

HOW LONG DO WE STORE YOUR DATA?

Personal data is maintained on our servers or those of our service providers or other partners and is accessible by authorized employees, representatives, agents, and service providers who require access for the purposes described herein. We will retain personal data only for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

TRANSFER AND DISCLOSURE OF PERSONAL DATA

We may sell or share (as defined by the CPRA) some of the categories of personal data outlined above with our partners in order to understand your use of Samsara’s websites or market Samsara’s services to you. You may opt out of these activities by clicking here. In the 12 months prior to the most recent effective date of this Privacy Policy, we have not sold or shared personal data that was covered by the CPRA during that time period.

We may also disclose or transfer the categories of personal data outlined above in certain circumstances, including:

  • to a buyer or other successor, in the event of a merger, acquisition, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets;

  • to our subsidiaries, affiliates, agents, contractors, service providers and other partners we use to support our business and/or collaborate with (e.g., analytics, advertising, email, session replay, teleconference, and data storage and collaboration service providers and partners); provided they are generally bound by contractual obligations to keep such personal data confidential and only use it for the purposes of providing the services for, or with, us based upon your chosen settings, configurations, and/or purchases;

  • to comply with any court order, law or legal process, including to respond to any government or regulatory request;

  • to enforce or apply our Terms of Service and/or any other agreement that governs the sale, use or purchases of our products and/or services; and

  • to protect the rights, property or security of Samsara, our employees, our users and/or others.

Please note that some of our products and services may be offered jointly with partners. If you register with our partner, Samsara may also receive your personal data from them, and Samsara may share your personal data with our partners for these joint offerings. If applicable, you should also therefore carefully review our partner’s privacy policy, which may have different terms.

COOKIES AND SIMILAR TECHNOLOGIES

Some personal data may be collected by us or our partners through cookies, pixel tags, or software development kits (“SDKs”), and other similar technologies for a variety of purposes. E.g., for analyzing trends, administering our website and your communications with us, tracking users’ movement and behavior on our website, gathering information about our user base (such as location information on IP addresses, displaying advertising on our websites, and to manage our advertising on other sites). Cookies, used by most websites, are text files stored on a user's browser containing information about the user (e.g., information about devices and networks used to access our website). Pixel tags (also known as “web beacons” or “clear GIFs”) are very small images or small pieces of data embedded in images that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, whether an email was viewed, and similar information from your computer or device. SDKs are computer code that mobile app developers can include in their apps to enable data to be collected and related functionalities to be implemented. To learn more about the cookies that may be served on our website and services, and how you can control our use of cookies and third-party analytics, please read and review our Cookie Policy.

ONWARD TRANSFER OF PERSONAL DATA

To facilitate our global operations, and in accordance with applicable laws, we may transfer your personal data to, and access your personal data from, our offices, subsidiaries, affiliates and service providers in the various countries in which we or they operate (including the United States of America). This may be to a country other than the one in which it was provided or collected. When we transfer your personal data, we do so in compliance with applicable data protection laws. We take steps to protect personal data in whatever country it is stored in, transferred to or accessed from. You may request additional information, including in respect of transfer mechanisms, by exercising your rights as set out below. 

Where Samsara is unable to rely on an adequacy decision for the purposes of the GDPR, we rely on other transfer mechanisms. For example, to comply with applicable data protection laws around international data transfer mechanisms from the European Union or the United Kingdom to the United States, we have entered into European Commission approved Standard Contractual Clauses (“SCCs”) and routinely review whether and which additional safeguards to offer to provide adequate protection. 

Samsara further remains self-certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), which were developed specifically to establish a way for companies to comply with data protection requirements when transferring personal data from Europe to the United States. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov.

  • Regarding the collection, use, and retention of personal data transferred from the European Union, the United Kingdom, and Switzerland to the United States, Samsara complies with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce. Samsara has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Samsara has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

  • In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Samsara commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Samsara at privacy@samsara.com or by using one of the addresses noted below in the “Contact Us” of this privacy policy.

  • Samsara has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

  • If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.

  • All personal data that is subject to this privacy policy and is received from individuals who are resident in the European Union, the United Kingdom, and Switzerland is covered by Samsara’s participation in the Data Privacy Framework unless governed by another adequate transfer mechanism as detailed herein. Samsara will comply with the Data Privacy Framework in respect of such personal data.

  • Samsara is accountable for personal data received under the Data Privacy Framework and subsequently transferred to a third party as described in the Data Privacy Framework located at https://www.dataprivacyframework.gov/. Pursuant to the Data Privacy Framework, Samsara remains liable for the transfer of personal data to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damages.

  • Samsara is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

  • As further explained in the Data Privacy Framework Principles, a binding arbitration option is also available to you in order to address residual complaints not resolved by any other means.

SECURITY

We are committed to keeping personal data secure, and we have implemented contractual, technical and organizational measures to protect personal data against its unauthorized access, use, and disclosure. Such measures have been implemented taking into account the state of the art of the technology, their cost of implementation, and the risks presented by the processing and the nature of the personal data. When we provide your personal data to third parties, including service providers, we require those companies to protect the personal data they receive.

Nevertheless, although we have tried to make our products and services secure and reliable, the confidentiality of any communication or material transmitted to or from us cannot be guaranteed. We therefore urge you to exercise caution when conveying any personal data over the Internet. As when disclosing any information on the Internet, you should remain mindful that such information might be accessible by the public and, consequently, may be collected and used by others without your consent. You should also recognize that your use of the Internet and any other means of communication with us is solely at your own risk.

THIRD PARTY WEBSITES AND FEATURES

As a convenience to you, Samsara may provide links from our websites, products and/or services to other websites maintained by independent third parties. We are not responsible for the privacy practices of independent third parties. We encourage you to be aware of when you leave this website, and to read the privacy policies of any other websites that you may visit.

Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. Currently, we make reasonable efforts to take action in response to Global Privacy Control ("GPC") signals.

OUR POLICY TOWARD MINORS

Our website, products and services are not directed to minors under 16 and we do not knowingly collect personal data from minors or sell or share such data as defined by the CPRA. If we learn that we have collected personal data of a minor under 16 we will take steps to delete such information from our files as soon as possible.

DATA PROTECTION RIGHTS, AND HOW TO EXERCISE

You may have a right to know what personal information Samsara has collected about you, and you may have a right to access and to obtain a copy of this personal data. If you believe that any personal data we hold about you is incorrect or incomplete, you may also request the correction of it.

You may also have the right to:

  • object to the processing of your personal data;

  • request the deletion of your personal data;

  • request a restriction on the processing of your personal data; and/or

  • withdraw your consent, where Samsara obtained your consent to process personal data (without this withdrawal affecting the lawfulness of any processing that took place prior to the withdrawal).

Samsara will honor such requests for access, correction, deletion or restriction and/or any withdrawal or objection as required under the applicable data protection laws and regulations (including the GDPR and CPRA). However, please note that such rights are not absolute: they do not always apply, and exemptions may be applicable (e.g., such exemptions noted in Cal Civ. Code §1798.105 or in Chapter III of the EU GDPR). Samsara may, in response to any such request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we ask you to verify your identity, we may ask you for supporting information. If we do not comply with your request, we will explain why.

You may exercise any of your rights in this section without discrimination by us. We will not deny you products or services, charge different prices or rates, or provide a different level or quality of products or services based on your exercise of any rights in this section, unless the difference is reasonably related to the value provided by your data.

To exercise the above rights with Samsara, you may send an email to privacy@samsara.com. You can also raise any concerns by contacting our Data Protection Officer at dpo@samsara.com. An authorized agent can also exercise these rights on your behalf by contacting privacy@samsara.com.

If you are not satisfied with our response, you have the right to make a complaint to the data protection authority in the jurisdiction where you live or work, or in the place where you think an issue in relation to your data has arisen. The contact details of each Data Protection Authority in the EU can be found at the following website: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. You may contact us if you require assistance finding contact information for Data Protection Authorities outside of the EU.

As highlighted above: if you are personnel of a customer that uses Samsara products or services, or otherwise have had your personal data collected via Samsara products or services by or on behalf of our customers, please note this privacy policy does not apply to such personal data. Please therefore refer to such applicable party who has ordered Samsara products or services if you wish to exercise your rights as well as our App Privacy Policy, as applicable.

DATA PROTECTION OFFICER

To communicate with our Data Protection Officer, please email dpo@samsara.com

CHANGES AND OTHER UPDATES

We may amend our privacy policy from time to time to reflect changes in our practices, technologies, legal requirements and other factors. We therefore encourage you to revisit this page periodically to read the current version of it to stay informed about our collection, processing and sharing of your personal data. Please note, should we amend our privacy policy we will update the "updated" date at the bottom of this privacy policy.

CONTACT US

If you have any questions regarding this privacy policy or our privacy practices, or would like to review or update your personal data, you may email us at privacy@samsara.com or call us at +1-888-506-8009 (toll-free in the United States). You can also contact us by writing to us at the following address:

Samsara Inc. Attention: Legal Department – Privacy Issues 1 De Haro Street San Francisco, CA 94107 USA

You can also contact us by writing to us at the following addresses:

Samsara Networks Limited (also as a Representative of Samsara Inc., Samsara Deutschland GmbH, Samsara France SAS, Samsara Nederland B.V., and Samsara Poland Sp. z.o.o for the purposes of the UK GDPR ) Attention: Legal Department – Privacy Issues Floor 4, 1 Alie Street London E1 8DE United Kingdom

Samsara Deutschland GmbH (also as a Representative of Samsara Inc., Samsara Networks Mexico, S. de R.L. de C.V. and Samsara Networks Limited for the purposes of the EU GDPR) Mühldorfstraße 8 Attention: Legal Department – Privacy Issues 81671 München Germany

Samsara Nederland B.V. Attention: Legal Department – Privacy Issues Barbara Strozzilaan 101, Suite 2.01 1083HN Amsterdam Netherlands

Samsara Poland Sp. z.o.o. Attention: Legal Department – Privacy Issues Plac Konesera 12 #113 and #114 03-736 Warszawa, Poland

Samsara France SAS Attention: Legal Department – Privacy Issues 1-7 Cours Valmy - le Belvédère - 92800 Puteaux France

Samsara Technologies Canada ULC Attention: Legal Department – Privacy Issues 1600 - 925 West Georgia Street Vancouver, BC V6C 3L2 Canada

Samsara Networks Mexico, S. de R.L. de C.V. Attention: Legal Department – Privacy Issues Av. Río San Joaquín 498, Piso 3, Ampliación Granada, Miguel Hidalgo C.P. 11529, Ciudad de México México

Samsara Networks Taiwan Ltd 台灣森萬聯有限公司 Attention: Legal Department – Privacy Issues 18F, No. 80, Section 1, Zhongxiao West Road Zhongzheng District Taipei City 100 Taiwan (R.O.C.)

Effective: October 2023