Explore Industry Research
What do Gartner, Forrester, and IDC have in common? They all named Anaplan a planning leader.
Anaplan, Inc. and its related entities (collectively “Anaplan”) recognize the importance of privacy, security, and data protection to our users, customers, and partners worldwide.
This Privacy Statement (“Statement”) informs you of our privacy practices, the choices you can make, and the rights you can exercise in relation to your personal data that we collect and use when you interact with Anaplan’s websites, products, and services, when you apply for a job with Anaplan or visit our office, or when you engage with our customer support representatives.
When you interact with our websites, products, services, customer support channels, or job application process at Anaplan, we may ask you to provide some personal information. When we request this type of information, we will notify you as to why we are asking for information and how this information will be used.
We may collect information automatically from your device, such as through the website’s internet access logs and technology.
While using Anaplan product and services, customers may load various types of data to our platform. Platform data is governed by the contractual agreements between Anaplan and customers. Anaplan will not disclose or distribute any such platform data except as provided in the contractual agreement between Anaplan and the customer or as may be required by law.
We use and process your data for the following business purposes:
Anaplan will not use or disclose your personal information in ways unrelated to those described above without first notifying you and offering you a choice as to whether we may use your personal information in a different manner.
In accordance with applicable laws, personal information covered by this Statement may be transferred to and processed outside of the country in which you are resident to Anaplan or its affiliates, subsidiaries, or service providers, including to the United States, Australia, Singapore, and other countries as we deem appropriate from time to time. These countries may not have equivalent privacy and data protection laws (and, in some cases, may not be as protective). We will protect your personal data in accordance with this Statement wherever it is processed. By submitting your personal information to Anaplan, you consent to such transfers and to the worldwide processing of your personal information.
Certain recipients (our service providers and/or Anaplan group companies) who process your personal data on our behalf may also transfer personal data outside the country in which you are resident. Where such transfers occur, we will put in place a transfer agreement to protect your personal data.
EU-U.S. transfer of personal data
When we transfer personal data out of the European Economic Area (“EEA”), Switzerland, and the UK to countries that do not benefit from an adequacy decision, as determined by the European Commission, we will rely on Standard Contractual Clauses approved by the European Commission and other contractual measures to ensure that adequate safeguards are in place with respect to the data. Additionally, Anaplan will rely on the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) for transfers of personal data from the EEA, UK, and Switzerland.
Data Privacy Framework
Anaplan Inc. (“Anaplan-U.S.”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Anaplan-U.S. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regards to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Anaplan-U.S. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regards to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Anaplan-U.S. is responsible for the processing of personal data it receives, under the DPF, and subsequently transfers to a third party acting as an agent on its behalf. Anaplan-U.S. complies with the DPF Principles for all onward transfers of personal data from the EEA, UK, and Switzerland, including the onward transfer liability provisions.
Anaplan-U.S. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Anaplan-U.S. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Anaplan-U.S. commits to refer unresolved complaints concerning its handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to our U.S.-based third-party dispute resolution provider (free of charge). If you have an unresolved DPF-related privacy or data concern that we have not addressed satisfactorily, please contact our U.S.- based third-party dispute resolution provider.
For complaints regarding DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website.
APEC Cross Border Privacy Rules System
Anaplan’s global privacy practices, described in this Privacy Statement, comply with the Asia Pacific Economic Cooperation (“APEC”) Cross Border Privacy Rules system (“CBPRs”). The APEC CBPR system provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies. More information about the APEC framework can be found on the CBPRs site.
If you have an unresolved privacy or data concern related to Anaplan’s APEC Certification that we have not addressed satisfactorily, please contact our U.S.- based third-party dispute resolution provider (free of charge).
We have taken steps intended to maintain the security of your data and follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. However, no method of transmission over the internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. You should understand that the open nature of the internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. If you have any questions about security or any reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us at email@example.com.
Anaplan retains platform data according to the timeframes set forth in the relevant agreements with its customers and in compliance with applicable law. We will retain your information for as long as your account is active or as needed to provide you with services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Anaplan maintains a comprehensive written information security program that contains administrative, technical, and physical safeguards designed to prevent unauthorized access to customer data.
We display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, please contact us at firstname.lastname@example.org
Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Anaplan is not responsible for any information you choose to submit in these forums. Please request the removal of your personal information from our blog or community forum by submitting an Individual Rights Management request. In some cases, we may not be able to remove your personal information, in which case, we will let you know if we are unable to do so and why.
When you get access to the Anaplan Platform, you may also have access to community sites that allow you to subscribe using your email address and to post information under your user name. As a user, you can request deletion of your community profile by sending an email to email@example.com.
We give you the option to receive a variety of marketing communications that may include product or services information, events and conferences, blog updates, premium content, training information, or invitations to participate in user research. Subscription communications include email newsletters, software updates, etc. that may be expressly requested by you or which you consented to receive. You can manage your communication preferences at any time. If you don’t want to receive a particular type of marketing material from us, click the “unsubscribe” link in the corresponding emails, or update your preferences in our Preference Center.
Anaplan provides you with choices about the setting of cookies and other automatic data collection tools. You can learn more about our use of these tools and how to opt-out by visiting your cookie preferences, or, if located in the European Union, click here.
Our websites, products and services are not intended for use by anyone under the age of 16. Anaplan does not knowingly collect personal information from anyone under the age of 16. If you are under 16, you may not attempt to register for our events and services or send any information about yourself to us, including your name, address, telephone number, or email address. If we become aware that we have collected personal information from someone under the age of 16 without verification of parental consent, we will delete that information promptly. If you are a parent or legal guardian of a child under 16 and believe that a child has provided us with their personal information, please contact us at the email or mailing address provided at the end of this Statement.
Depending on your location and subject to applicable laws, you may have certain data protection rights. You may exercise your rights of access and request corrections, suppression, objection, and deletion under applicable data protection laws in accordance with the process outlined below.
Subject to limited exceptions under applicable law, if you are a natural persons residing in Virginia, Colorado, Connecticut or Utah acting only in an individual or household context (not for commercial or employment purposes), you may have the right to (i) request to access or obtain a copy of personal information we hold about you, (ii) request that we correct inaccurate personal information, and (iii) request that we delete certain personal data we have collected from you, subject to certain exceptions under the law. We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. We will not discriminate against you if you exercise any of these rights under applicable laws.
To exercise your rights, please submit a Individual Rights Management request or call +1 (833) 312-0166. For your protection, we may only process requests with respect to the personal information associated with the email address that you use to send us your request, and we may need to verify your identity before processing your request. We will respond to your requests within the timelines prescribed by applicable law.
If you are a California resident, you can find information about how we use your personal data and about your privacy rights in the California Privacy Notice section of this Statement.
Subject to limited exceptions under applicable law, Anaplan acknowledges that you may have the right to access, update, correct, and delete your personal information.
Please be advised that if we act as data processor/service provider to process personal information, we do so on behalf of our customers under the terms of a service agreement or similar agreement, and the information you have requested therefore is under the control of that customer. Accordingly, an individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his or her question to the applicable customer. If the customer requests Anaplan to remove the personal data to comply with data protection regulations, Anaplan will assist the customer with such removal in accordance with customer’s instructions and subject to Anaplan’s ability to access the data as needed to respond to the request.
This Notice supplements information contained in Anaplan’s Privacy Statement and is applied solely to residents of the State of California (“consumers” or “you”). Anaplan adopts this Notice and Statement to comply with the California Consumer Privacy Act of 2018 and its regulations (CCPA). Any terms defined in the CCPA have the same meaning when used in this Notice and Statement. This Notice and Statement does not reflect our collection, use, or disclosure of California residents’ personal information where an exception under the CCPA applies.
Please see the “What personal information we collect and how we collect it” section earlier in this Statement to understand the sources from which we get personal information.
We listed below categories of personal information we collect about California residents and that we have collected in the preceding 12 months. These categories correspond with the following categories listed in the CCPA’s definition of personal information:
Please see the “To whom do we disclose personal information” section earlier in this Statement to understand how we may disclose your personal information.
We only collect sensitive personal information, as the CCPA defines this term, if you voluntarily disclose it to us. Please see “Howe we use your personal information” above for information about the purposes for which we use your personal information. We do not “sell” or “share” (as the CCPA defines these terms) personal information about you. We obtain your consent and direction before disclosing personal information to our advertising partners.
Additional subject rights:
If you are a California resident, you have the following rights:
To exercise your California privacy rights, submit a request using one of the methods described below, and provide the information required.
To exercise any privacy rights, please submit a Individual Rights Management request or by calling +1 (833) 312-0166. For your protection, we may only process requests with respect to the personal information associated with the email address that you use to send us your request, and we may need to verify your identity before processing your request. We will respond to your requests within the timelines prescribed by applicable law.
When a business sells your personal information, you have a right to opt out of such a sale. Anaplan does not sell, and in the preceding 12 months did not sell, California residents’ personal information. Anaplan does not have actual knowledge that it sells the personal information of minors under 16 years of age.
Only you, or someone legally authorized to act on your behalf, may make a request related to your personal information. You may designate an authorized agent by taking the steps outlined under "Authorized Agent" further below. In your request or in response to us seeking additional information, you, or your authorized agent, must provide sufficient information to allow us to reasonably verify that you are, in fact, the person whose personal information was collected which will depend on your prior interactions with us and the sensitivity of the personal information being requested. We may ask you for information to verify your identity and, if you do not provide enough information for us to reasonably verify your identity, we will not be able to fulfil your request. We will only use the personal information you provide to us in a request for the purposes of verifying your identity and to fulfill your request.
You can designate an authorized agent to make a request under the CCPA on your behalf if:
If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please ensure that the authorized agent sends an email to firstname.lastname@example.org with the subject line “California request to delete” and including the attachment of both the user in question and the Authorized agent’s ID with a notarized letter verifying the relationship (e.g., parent or guardian), and including detailed information about the requested data to be deleted.
If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4121 to 4130, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.
This comprehensive Statement from Anaplan provides you with details about how you may either opt-out or opt-in to the use of your personal information by third parties for direct marketing purposes.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please feel free to contact our U.S.-based third party dispute resolution provider (free of charge).
Alternatively, you can contact the data protection supervisory authority in your jurisdiction for assistance. Contact details for data protection authorities in the EEA and the UK are available here, and for Swiss Federal Data Protection and Information Commissioner (FDPIC) here.
We may update this Statement from time to time in response to changing legal, technical, or business developments. When we update it, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We encourage you to periodically review this page for the latest information on our privacy practices.
Should you have questions or comments related to this Privacy Statement, please contact us at email@example.com or by sending your mail to:
Europe, Middle East, and Africa (EMEA) Privacy Office
338 Euston Road, Regents Place
London, NW1 3BT United Kingdom
Americas Privacy Office
50 Hawthorne St.
San Francisco, CA 94105 United States
Asia Pacific (APAC) Privacy Office
Anaplan Asia Pte Ltd
5 Temasek Boulevard
15-07 Suntec Tower 5, Singapore, 038985
Anaplan Data Protection Officer (DPO)
Anaplan Nederlands B.V.
5211 AK ’s-Hertogenbosch, Netherlands