Updated December 2024
Privacy Policy
Additional Links
In the event of any discrepancy between this version and subsequent translations, this English version shall control.
This privacy policy describes the personal data (defined below) that Samsara Inc. and its affiliates (“Samsara”, “we”, “us” and/or “our”) collect about you, how we use and protect this personal data, and the choices you can make about how we may use your personal data. “Personal data” is any information that relates to an identified or identifiable individual, or as otherwise defined by an applicable data protection law or regulation. This includes personal data that is collected when you access our website (“website”) as well as specific personal data that is or may be collected through our Apps and Products (each as is defined in our Terms of Service or relevant contract with our customer). If you are applying for an internship or other form of employment at Samsara, please review our separate Samsara Candidate Privacy Notice for information about how we would process your personal data in such circumstances. If you have any questions, please contact privacy@samsara.com or visit our “How to Contact Us” section for more information about how you can otherwise contact us.
BEFORE YOU READ THE REST OF THIS PRIVACY POLICY IT IS IMPORTANT TO NOTE THE FOLLOWING:
If you are a visitor located in the European Union (“EU”), the United Kingdom (“UK”), or Switzerland, this privacy policy describes your data protection rights under the General Data Protection Regulation (EU Regulation 2016/679) (“EU GDPR”), its incorporation into the laws of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 (“UK GDPR”), and/or the Swiss Federal Act on Data Protection (“FADP”), as applicable (together, the “GDPR”), including the right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the “Data Protection Rights and How to Exercise” subsection.
If you are a visitor located in California, United States of America (“USA”), this privacy policy describes your data protection rights under the California Consumer Protection Act of 2018 as amended by the California Privacy Rights Act of 2020 (together with its implementing regulations, the “CPRA”), including the right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the “Data Protection Rights and How to Exercise” subsection. Please note that Samsara does not, as a controller or business (as defined in the paragraph below), collect any “sensitive personal information” as defined by the CPRA. Accordingly, we do not use, disclose, sell, or share your sensitive personal information. In the twelve (12) months prior to the most recent effective date of this privacy policy, we have not sold personal data that was covered by the CPRA during that time period. For more information on what data we collect and how it is used, please proceed to the applicable section below.
PURPOSE AND SCOPE
Some data protection laws in various jurisdictions (such as the GDPR) distinguish between “controllers” and “processors” of personal data. A controller decides why and how to process personal data. A processor only processes information on behalf of a controller based on the controller’s instructions; the processor does not make decisions about personal data. The term “processor” shall also include a “service provider” and the term “controller” shall also include a “business” as defined in the CPRA or analogous terms in the applicable data protection laws.
This privacy policy covers instances when the purposes and means of processing your personal data are determined by us (i.e., when we are a controller) as well as instances where the purposes and means of processing personal data are determined by our customers (i.e., when we are a processor and our customers are the controllers), as set out and further explained below.
This privacy policy covers the following:
Samsara as the Data Controller
Samsara as the Data Processor
Data Protection Officer Contact Information
Changes and other Updates to this Privacy Policy
How to Contact Us
SAMSARA AS THE DATA CONTROLLER
Personal Data Collected by Samsara. Samsara as a controller may collect a variety of personal data about you in a number of ways, such as:
Personal data you provide directly. We may collect personal data (e.g., name, email address, username, and phone number) that you provide directly, such as when you access our website, create a user account with us (e.g., creating an admin account in the Samsara dashboard or registering for the developer or partner portals), register our products, visit our offices, attend an event, or otherwise give us your name, email address, or other information. You may also choose to submit personal data to us via other methods, such as: in response to marketing or other communications; through social media or online forums; through participation in an offer, program or promotion; in connection with an actual or potential business relationship with us; or by giving us your business card or contact details at trade shows, networking opportunities, or other events. When you contact, communicate, or otherwise engage with Samsara, we may also keep a record of such communication. From time to time, we may offer referral programs to refer prospective customers to us. Please only refer a prospective customer and provide their personal data to us if you have received their prior permission to do so. If you later find out you did not have such permission, please inform us as soon as possible.
Personal data we collect automatically. We may automatically collect information about how you use and engage with our business (e.g., via our website), and some of this may be personal data. In addition, we may use cookies and other technologies to function effectively. For more information, please refer to the “Cookies and Similar Technologies” subsection of this privacy policy below.
Personal data we collect from other sources. As mentioned above, we may receive your personal data via a referral, resellers, or partners. In addition, we may supplement other personal data we have collected with information from third parties or other publicly available sources. If the products and/or services you use are offered or made available by one of our partners and you registered with such a partner, we may also receive your personal data from them. If applicable, you should also therefore carefully review our partner's privacy policy, which may have different terms.
Categories of Personal Data We Typically Collect as a Controller. Depending on your interaction with Samsara as a controller, we may collect the following categories of personal data:
Personal identifiers, such as your first name, surname, alias, postal address, unique personal identifier (e.g., account name, user ID for our developer or partner portals, online identifier, government-issued identifiers), email address, phone number, or other similar identifiers.
Internet activity information, such as Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, the web page that directed you to our services, the date and time of your visit, information about how you engage with us (e.g., the links or buttons you click and pages you view of our website), and other standard server log information.
Commercial information, such as records of products and/or services purchased, obtained, or considered, or other purchasing or consumption histories or tendencies.
Professional information, such as your title and other professional contact information.
How We Use Personal Data We Collect. We collect, use, and store your personal data as a controller (namely, your personal identifiers, Internet activity information, commercial information, and professional information) for the reasons set out in the chart below. Please note that to the extent we were to collect and/or process any “special categories of personal data” as defined by the GDPR, relating to you in our capacity as a controller, we would only do so because: (i) such personal data has been manifestly made public; (ii) the processing is necessary for the establishment, exercise, or defense of a legal claim; (iii) the processing is necessary for reasons of substantial public interest; and/or (iv) you have given your explicit consent to us to process that information (where legally permissible). If you have any questions, please refer to the contact details in the “How to Contact Us” section below.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Formatted Table</title>
<style>
table th {
text-align: left;
font-weight: bold;
}
</style>
</head>
<body>
<table>
<thead>
<tr>
<th>Purpose</th>
<th>Legal Basis</th>
</tr>
</thead>
<tbody>
<tr>
<td valign="top">
<p>Create and/or administer orders for you (including, if necessary, to process payments and other administrative matters).</p>
<p>Register, maintain, and manage your account (e.g., email preferences) or for interacting with our business (e.g., via our website, telephone, video conferencing, and email) as well as creating admin accounts in the Samsara dashboard.</p>
<p>Communicate with you regarding our business, administrative notices, the availability and provision to you or your organization of our products and/or services, including sending you important business communications related to your current relationship with us (e.g., renewals, registrations, and transaction information).</p>
<p>Provide you with support and respond to your queries, feedback, claims, and/or disputes.</p>
<p>Allow you to visit our offices or attend events.</p>
</td>
<td valign="top">
<p>It is necessary for us to process your personal data in order to provide you with the products and/or services with regards to a contract, or to take steps at your request prior to entering into a contract with you or a customer of Samsara.</p>
</td>
</tr>
<tr>
<td valign="top">
<p>Provide a chatbot on the website to reply to your questions.</p>
</td>
<td valign="top">
<p>When you interact with our chatbots, we rely on your consent, which may also require you to accept cookies. Such consent can be managed via our <a href="https://www.samsara.com/uk/legal/cookie-consent/">Cookie Consent</a> page and more information can be found in our <a href="https://www.samsara.com/uk/legal/cookie-policy">Cookie Policy</a>.</p>
</td>
</tr>
<tr>
<td valign="top">
<p>Develop features or functionalities, including when you provide feedback and/or suggestions.</p>
<p>Manage and improve our website, systems, and infrastructure.</p>
</td>
<td valign="top">
<p>We have a legitimate interest in developing and improving our websites, systems, and infrastructure, as well as maintaining the security and functionality of them.</p>
</td>
</tr>
<tr>
<td valign="top">
<p>Identify, develop, and market products and/or services that we believe will interest you.</p>
<p>Send you marketing communications, such as promotional offers and suggested products and/or services, as well as new features or functionalities which may be of interest to you.</p>
</td>
<td valign="top">
<p>We have a legitimate interest in promoting our products and services, and in keeping you informed about updates and offerings that may be relevant to you. You may manage your preferences by selecting the opt-out link at the bottom of our marketing emails or through the <a href="https://www.samsara.com/uk/resources/content/email-preferences-center/">preference center</a>.</p>
</td>
</tr>
<tr>
<td valign="top">
<p>Undertake mergers, acquisitions, reorganizations, or disposals, as permitted and/or required in accordance with applicable laws and regulations.</p>
<p>Protect our business interests and legal rights, including use in connection with legal claims, compliance, regulatory, auditing, investigative and disciplinary purposes (including disclosure of such information in connection with legal process or litigation), and other ethics and compliance reporting requirements.</p>
<p>Respond to court orders, subpoenas, or other legal processes with which Samsara is required to comply.</p>
<p>Comply with legal, regulatory, and other requirements.</p>
<p>Protect the security of our premises, assets, systems, customers, customer end users, intellectual property, and to enforce company policies.</p>
<p>Prevent fraud or information security risks. For example, we may use your personal data to monitor login attempts to identify possible fraudulent activity or information security risks.</p>
<p>To authenticate App and Product users.</p>
</td>
<td valign="top">
<p>We have a legitimate interest in managing and facilitating corporate transactions and changes in our business structure.</p>
<p>We have a legal obligation in protecting our legal rights and ensuring compliance with legal and regulatory obligations.</p>
<p>When we have a legal obligation under EU/UK laws, we process the data in order to comply with applicable law and regulations.</p>
<p>When we have a legal obligation under laws outside the EU/UK, we have a legitimate interest in protecting our business interests and legal rights, as well as the interests and legal rights of our users.</p>
</td>
</tr>
<tr>
<td valign="top">
<p>Develop features or functionalities, including when you provide feedback and/or suggestions to improve the Apps and Products.</p>
<p>Review and analyze how the Apps and Products perform. For example, we may use this data to monitor the health of Apps and Products, as well as be able to diagnose and fix bugs or crashes, or to make future performance improvements.</p>
</td>
<td valign="top">
<p>We have a legitimate interest in analyzing Apps and Products activity information to enhance user experience and maintain the functionality of the underlying systems and infrastructure.</p>
<p>We also have a legitimate interest in managing, developing, and improving our Apps and Products.</p>
</td>
</tr>
<tr>
<td valign="top">
<p>Other types of purposes from time to time.</p>
</td>
<td valign="top">
<p>We will use your personal data for any other purposes where you have given consent for such uses.</p>
</td>
</tr>
</tbody>
</table>
</body>
</html>
Samsara’s Legitimate Interests. There are instances where we have a legitimate interest to use your personal data as a controller as set out in the table above. Our legitimate interest(s) will vary depending on what we are using your personal data for. Where we process personal data on the basis of a legitimate interest, then – as required by applicable data protection law – we have carried out a balancing test to document our interests, to consider what the impact of the processing will be on individuals and to determine whether individuals' interests outweigh our interests in the processing taking place. For example, in some cases, we are able to send you direct business-to-business marketing without your consent, where we rely on our legitimate interests. If you live in the EU, Switzerland, or the UK, you have an absolute right to opt out of such direct marketing at any time. You can do this by following the instructions in the communication where this is an electronic message, by updating your email preferences in our preference center, or by contacting us using the details set out below. You can obtain more information about the legitimate interests balancing test by using the contact details in the “How to Contact Us” section below.
How Long We Store Your Data as a Controller. Personal data is maintained on our systems or those of our service providers or other partners, and is accessible by authorized employees, representatives, agents, and service providers who require access for the purposes described herein. We will retain personal data only for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory, and/or internal policy requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, as well as the applicable legal requirements. For example, we retain prospective customer data that is subject to the GDPR for up to two years from the last method of contact with the relevant data subject, unless we have been informed to delete such data by the relevant data subject. If you have any additional questions, please see the “How to Contact Us” section below.
Security as a Controller. We are committed to keeping personal data secure, and we have implemented contractual, technical, and organizational measures to protect personal data against its unauthorized access, use, and disclosure. Such measures have been implemented taking into account the state of the art technology, their cost of implementation, and the risks presented by the processing and the nature of the personal data. When we provide your personal data to third parties, including service providers, we require those companies to protect the personal data they receive. Nevertheless, although we have tried to make our systems secure and reliable, the confidentiality of any communication or material transmitted to or from us cannot be guaranteed. We therefore urge you to exercise caution when conveying any personal data over the Internet. As when disclosing any information on the Internet, you should remain mindful that such information might be accessible by the public and, consequently, may be collected and used by others without your permission, approval, and/or consent. You should also recognize that your use of the Internet and any other means of communication with us is solely at your own risk.
International Transfer of Personal Data. To facilitate our global operations, and in accordance with applicable laws, we may transfer your personal data to, and access your personal data from, our offices, subsidiaries, affiliates and service providers in the various countries in which we or they operate (including the United States of America). This may be to a country other than the one in which it was provided or collected.You may request additional information, including in respect of transfer mechanisms, by exercising your rights as set out below. Information about the measures that we take to do this are also addressed below.
Where Samsara is unable to rely on an adequacy decision for the purposes of the GDPR, we rely on other transfer mechanisms. For example, to comply with applicable data protection laws around international data transfer mechanisms from the European Union or the United Kingdom to the United States, we have entered into European Commission approved Standard Contractual Clauses (“SCCs”) and routinely review whether and which additional safeguards to offer to provide adequate protection.
Samsara also complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Samsara has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Samsara has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit the Data Privacy Framework website.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Samsara commits to resolve complaints about our collection or use of your personal data transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Samsara at privacy@samsara.com or by using one of the addresses noted below in the “How to Contact Us” of this privacy policy.
Samsara has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. For more information, please visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.
All personal data that is subject to this privacy policy and is received from individuals who are resident in the European Union, the United Kingdom, and Switzerland is covered by Samsara’s participation in the Data Privacy Framework unless governed by another adequate transfer mechanism as detailed herein. Samsara will comply with the Data Privacy Framework in respect of such personal data.
Samsara is accountable for personal data received under the Data Privacy Framework and subsequently transferred to a third party as described in the Data Privacy Framework located at https://www.dataprivacyframework.gov/. Pursuant to the Data Privacy Framework, Samsara remains liable for the transfer of personal data to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damages.
Samsara is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
As further explained in the Data Privacy Framework Principles, a binding arbitration option is also available to you in order to address residual complaints not resolved by any other means.
Cookies and Similar Technologies. Some personal data may be collected by us or our partners through cookies, pixel tags, or software development kits (“SDKs”), and other similar technologies for a variety of purposes. These can be used for analyzing trends, administering our websites, your communications with us, tracking users’ movement and behavior on our websites, and gathering information about our user base (such as location information on IP addresses, displaying advertising on our websites, and to manage our advertising on other sites). Cookies, used by most websites, are text files stored on a user's browser containing information about the user (e.g., information about devices and networks used to access our website). Pixel tags (also known as “web beacons” or “clear GIFs”) are very small images or small pieces of data embedded in images that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer, device, or communication with Samsara. SDKs are computer code that mobile app developers can include in their apps to enable data to be collected and related functionalities to be implemented. To learn more about the cookies that may be served to you, and how you can control our use of cookies and third-party analytics, please read and review our Cookie Policy. Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. Where required, we honor requests to opt out submitted via privacy preference signals recognized under applicable law, such as the Global Privacy Control (“GPC”). For more information on the GPC and how to use a browser or browser extension incorporating the GPC signal, see https://globalprivacycontrol.org/.
Third Party Websites and Systems. As a convenience to you, Samsara may provide links from our websites to other websites and systems maintained by independent third parties. We are not responsible for the privacy practices of independent third parties; therefore, we encourage you to be aware of when you may have left this website, and to read the relevant privacy policies and terms of use of any other websites and/or apps that you may visit.
Data Protection Rights and How to Exercise. You may have the following rights where Samsara is a controller:
A right to know what personal data Samsara has collected about you, and you may have a right to access and to obtain a copy of this personal data;
A right to request the correction of your personal data if you believe that any personal data we hold about you is incorrect or incomplete;
A right to object to the processing of your personal data;
A right to request the deletion of your personal data;
A right to request a restriction on the processing of your personal data;
A right to withdraw your consent, where Samsara obtained your consent to process personal data (without this withdrawal affecting the lawfulness of any processing that took place prior to the withdrawal); and/or
A right to data portability enabling you to request us to transmit personal data that you have provided to us, to a third party without hindrance, or to give you a copy of it so that you can transmit it to a third party, where technically feasible.
You have additional rights if you are based in India, such as your right to seek the redressal of any grievances which you have under this privacy policy as well as the right to nominate an individual who may exercise your rights hereunder in relation to your personal data in the case of your death or incapacity.
You also have an additional right if you are based in France, namely the right to instruct us on the processing (e.g., retention, deletion, and disclosure) of your personal data after your death. You can change or revoke such instructions at any time.
Samsara will honor such requests as required under the applicable data protection laws and regulations (including the GDPR and CPRA) as well as those other rights outlined herein. However, please note that such rights are not absolute; they do not always apply, and exemptions may be applicable (e.g., such exemptions noted in Cal Civ. Code §1798.105 or in Chapter III of the EU GDPR). Samsara may, in response to any such request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we ask you to verify your identity, we may ask you for supporting information. If we do not comply with your request, we will explain why.
You may exercise any of your rights in this section without discrimination by us. We will not deny you products or services, charge different prices or rates, or provide a different level or quality of products or services based on your exercise of any rights in this section, unless the difference is reasonably related to the value provided by your personal data.
To exercise the above rights with Samsara, please send an email to privacy@samsara.com. You can also raise any questions, grievances of this privacy policy, and/or concerns by contacting our Data Protection Officer at dpo@samsara.com. An authorized agent can also exercise these rights on your behalf by contacting privacy@samsara.com.
If you are not satisfied with our response and are based in the EU, Switzerland, or the UK, you have the right to make a complaint to the data protection authority in the jurisdiction where you live or work, or in the place where you think an issue in relation to your personal data has arisen. This right might also apply for other jurisdictions depending upon your circumstances.
The contact details of each Data Protection Authority in the EU can be found at the following website: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection- authorities/index_en.htm.
The data protection authority in Switzerland is the Swiss Federal Data Protection and Information Commissioner (FDPIC) which can be found at the following website: https://www.edoeb.admin.ch/edoeb/en/home/deredoeb/kontakt.html.
In the UK, this will be the UK Information Commissioner whose contact details can be found at the following website: https://ico.org.uk/.
You may contact us if you require assistance finding contact information for Data Protection Authorities outside of the EU, Switzerland, or the UK.
If you are based in the United States and are not satisfied with our response, please visit http://www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
Minors under the age of 16. Samsara’s website and Apps are not directed to minors under the age of 16, and Samsara does not knowingly process personal data from minors under the age of 16 which may have been obtained via our website or Apps. However, if we were to learn that we have collected the personal data of a minor under the age of 16 via our websites or Apps, we will take steps to delete such personal data from our systems as soon as possible.
Disclosure of Personal Data. There are a few circumstances in which Samsara may disclose personal data (namely, your personal identifiers, Internet activity information, commercial information, and professional information) with certain recipients in the circumstances as outlined below.
Category of Recipient | Why? |
Buyer or other successor. | In the event of a merger, acquisition, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, your details will be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business. |
Subsidiaries, affiliates, agents, contractors, event sponsors, service providers, and other partners. | We employ other companies and individuals to perform functions on our behalf. We use them to support our business and/or collaborate with (e.g., analytics, advertising, email, teleconference, and collaboration service providers and partners), provided that they are generally bound by contractual obligations to keep such personal data confidential and only use it for the purposes of providing the services for, or with, us based upon your interaction with us (e.g., attending events and/or signing-up for our newsletters). To enforce or apply our Terms of Service and/or any other agreement that governs the sale, use, or purchases of Apps and Products. Please note that some of our Apps and Products may be offered jointly with partners. If you register with our partner, Samsara may also receive your personal data from them, and Samsara may share your personal data with our partners for these joint offerings. |
Government authorities, law enforcement, regulators, and fraud prevention agencies. | To prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law. To comply with any court order, law or legal process, including to respond to any government or regulatory request. To protect the rights, property or security of Samsara, our employees, our users, and/or others. |
Other unaffiliated third parties. | We may disclose your personal data with other recipients where you have given consent or other instructions. |
SAMSARA AS THE DATA PROCESSOR
Samsara processes a variety of personal data on behalf of its customers through its Apps and Products (as defined in our Terms of Service or relevant contract with our customer). The specific personal data processes through the Apps and Products is dependent on which Apps and Products our customers choose to utilize, and how they have configured their settings. To the extent the data processed via the Apps or Products is Customer Data (as defined in our Terms of Service or relevant contract with our customer), Samsara’s customers are predominantly the controllers and Samsara is the processor (except for the limited circumstances as detailed in the section “Samsara as the Data Controller”). Please also see Samsara’s Terms of Service or the relevant contract with our customer for more information. If you have any questions or concerns about the personal data an organization that is a customer of Samsara may process or hold about you, please kindly direct your request to that organization. Otherwise, please note that as detailed in the section “Samsara as the Data Controller” Samsara may be the controller of some limited data which has been collected via the Apps and Products, such as when we process email addresses which are used to administer an account of our Apps and Products. Please see the section “Samsara as the Data Controller” for more information about how Samsara processes such personal data.
Personal Data Processed by Samsara. Samsara as a processor may, in accordance with our customers’ instructions or otherwise legally required, process a variety of personal data about you on behalf of our customers in a number of ways, such as:
Personal data provided directly. Samsara may, on behalf of its customers, collect personal data that you provide directly, such as when you access the Apps and Products. This may include your login information or user ID, information contained within in-App and in-Product messages, documents, photos and/or videos which you choose to take with or upload to the Apps and Products, as well as registration data for the vehicle being used in conjunction with the Apps and Products.
Personal data we collect automatically. Samsara may, on behalf of its customers instructions or otherwise required by law, automatically collect information about how you use and engage with our Apps and Products over time, and some of this may be personal data. Samsara may also, on documented instruction of its customers, automatically collect information about your use of the Apps and Products as well as information about the device you are using to access the Apps and Products such as device identifiers, device type, and device operating system. Only if you are using our Dev Tools, Agent, or Launcher apps, we may also collect the inventory of installed apps on a given device. Additionally, depending on your device and/or the settings of the Apps and Products, we may collect approximate or precise location data during your use of the Apps and Products.
Personal data provided by a customer of Samsara. Samsara customers may provide, input, upload and/or supply certain information (including, without limitation, your personal data) into the Apps and Products, including, but not limited to, a driver’s license number.
Other data. Samsara on behalf of its customers also collects and/or processes other data about Apps and Products performance such as crash logs, diagnostics, and other performance related analytics data.
Categories of Personal Data We Typically Process. Depending on your interaction with Samsara as a processor, we may also collect the following on behalf of our customers:
Personal identifiers, such as your real name, alias, postal address, unique personal identifier, login information or user ID, online identifier (such as IP address), government-issued identifiers, email address, phone number, account name, or other similar identifiers.
Apps and Products activity information, such as information about your use of the Apps and Products, including your activities, information about the device you are using to access the Apps and Products such as device identifiers, device type, device operating system, and approximate or precise location data during your use of the Apps and Products. We may also collect an inventory of installed apps on a given device only if you are using our Dev Tools, Agent, or Launcher apps.
Professional information, such as your title and other professional contact information.
Photos and/or videos you choose to take with or upload to the Apps and Products.
Registration data for the vehicle being used in conjunction with the Apps and Products.
Location, such as approximate or precise location data during your use of the Apps and Products, which may constitute “sensitive personal information” under the CPRA.
Other user generated content that you or the organization that is a Samsara customer submits to the Apps and Products (e.g., in-app messages or document/file uploads), some of which may constitute “sensitive personal information” under the CPRA.
How Your Personal Data is Processed on Behalf of our Customers. When acting as a processor, Samsara will only process your personal data when it is in accordance with documented instructions from our customers to provide the features that are available in the Apps and Products, including:
App and Product functionality. We process your personal data to provide the features that are available in the Apps and Products, including but not limited to driver vehicle inspection and other reporting, route management, vehicle and trailer selection, log review and certification, dispatch communications, mobile device management (for the mobile device management solution only), or fraud prevention. We also collect and use this data to authenticate users of the Apps and Products.
Analytics. We process your personal data to gain insights into how Apps and Products perform. For example, we may use this data to monitor App and Product health, diagnose and fix bugs or crashes, or to make future App and Product performance improvements.
App and Product account management. We process your personal data to set up and manage App and Product user accounts.
Other purposes. We may process your personal data to respond to court orders, subpoenas, or other legal processes with which Samsara is required to comply.
How Long We Store Your Data. Personal data collected via the Apps or other Products is stored in accordance with the instructions outlined in either the Terms of Service, relevant contract with our customer, or as otherwise agreed to by your organization that is a Samsara customer.
Data Protection Rights and How to Exercise. If you interact with Samsara through an organization that is a customer of Samsara and you have questions or concerns about the personal data your organization holds with Samsara about you, including as it relates to data protection rights, please direct your request to that organization.
Transfer and Disclosure of Personal Data as a Processor. In accordance with our Terms of Service or relevant contract with our customer, there are a few circumstances in which Samsara may disclose personal data with other companies and individuals to perform functions on our behalf when Samsara acts as a processor. We use them to support our business (e.g., our sub-processors or service providers), provided that they are generally bound by contractual obligations to keep such personal data confidential and only use it for the purposes of providing the services for, or with, us based upon our customer’s chosen settings, configurations, documented instructions, and/or purchases. We may also disclose your data to government authorities, law enforcement, regulators, and/or fraud prevention agencies where legally compelled to do so in accordance with our principles detailed here. Your data may be shared to a buyer or other successor in the event of a merger, acquisition, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets. We do not sell or share, as defined by the CPRA, the personal data collected in our capacity as a processor. When we transfer your personal data that is included within Customer Data, as defined in our Terms of Service or relevant contract with our customer, we do so also in compliance with the customer’s documented instructions. We take steps to protect personal data in whatever country it is stored in, transferred to, or accessed from.
DATA PROTECTION OFFICER CONTACT INFORMATION
To communicate with our Data Protection Officer, please email dpo@samsara.com.
CHANGES AND OTHER UPDATES TO THIS PRIVACY POLICY
We may amend our privacy policy from time to time to reflect changes in our practices, technologies, legal requirements and other factors. We therefore encourage you to revisit this page periodically to read the current version of it to stay informed about our collection, processing and sharing of your personal data. Please note, should we amend our privacy policy, we will update the "Last Updated" date at the top of this privacy policy for ease of tracking and review.
HOW TO CONTACT US
If you have any questions regarding this privacy policy, our privacy practices, or would like to exercise your rights under applicable data privacy law (e.g., to access or update your personal data), you may contact us by emailing privacy@samsara.com, calling +1-888-506-8009 (toll-free in the United States), or writing to us at the following address:
Samsara Inc. Attention: Legal Department – Privacy Issues 1 De Haro Street San Francisco, CA 94107 USA
Samsara Networks Limited (also as a Representative of Samsara Inc., Samsara Deutschland GmbH, Samsara France SAS, Samsara Nederland B.V., Samsara Poland Sp. z.o.o, Samsara Technologies Canada ULC, Samsara Networks Taiwan Ltd, Samsara Networks Mexico, S. de R.L. de C.V., and Samsara Technologies India Private Limited for the purposes of the UK GDPR) Attention: Legal Department – Privacy Issues Floor 4, 1 Alie Street London E1 8DE United Kingdom
Samsara Deutschland GmbH (also as a Representative of Samsara Inc., Samsara Networks Mexico, S. de R.L. de C.V., Samsara Networks Limited, Samsara Technologies Canada ULC, Samsara Networks Taiwan Ltd, and Samsara Technologies India Private Limited for the purposes of the EU GDPR) Mühldorfstraße 8 Attention: Legal Department – Privacy Issues 81671 München Germany
Samsara Nederland B.V. Attention: Legal Department – Privacy Issues Barbara Strozzilaan 101, Suite 2.01 1083HN Amsterdam Netherlands
Samsara Poland sp. z.o.o. Attention: Legal Department – Privacy Issues Plac Konesera 12 #113 and #114 03-736 Warszawa, Poland
Samsara France SAS Attention: Legal Department – Privacy Issues 1-7 Cours Valmy - le Belvédère - 92800 Puteaux France
Samsara Technologies Canada ULC Attention: Legal Department – Privacy Issues 1600 - 925 West Georgia Street Vancouver, BC V6C 3L2 Canada
Samsara Networks Mexico, S. de R.L. de C.V. Attention: Legal Department – Privacy Issues Av. Río San Joaquín 498, Piso 3, Ampliación Granada, Miguel Hidalgo C.P. 11529, Ciudad de México México
Samsara Networks Taiwan Ltd 台灣森萬聯有限公司 Attention: Legal Department – Privacy Issues 18F, No. 80, Section 1, Zhongxiao West Road Zhongzheng District Taipei City 100 Taiwan (R.O.C.)
Samsara Technologies India Private Limited Attention: Legal Department – Privacy Issues Suites 1, 2 & 5, 9th Floor, Etamin Block, Prestige Tech Park, Kadubeesanahalli, Bellandur Amanikere, Bengaluru, Karnataka 560103, India