Last updated November 11, 2019
This policy together with our Terms of Use of this website and any other documents we mention in this policy is meant to inform you on which personal data about you we collect, use, disclose, share or otherwise process when you are using this website, our products and our services. Please read this policy carefully to understand our views and practices on how we protect your personal data.
UiPath and our existing or future affiliates (collectively “UiPath” or “we”) are the controllers with respect to your data. This means that we determine the purpose and manner in which your personal data is processed, as specified in this Policy.
UiPath is the entity deciding for what purpose and through what means your data is processed. If you live in the USA, your data controller is UiPath Inc. while if you live in the EU your data controller is UiPath SRL and other UiPath entities in the EU. See here more about who and where we are.
UiPath SRL, is a legal entity organized and existing under the laws of Romania with registered office at 4 Vasile Alecsandri Street, 11 Daniel Constantin Street, 5th floor, building A, district 1, Bucharest, Romania is the contact entity for any questions regarding how your personal data is being processed.
`If you want to know more information regarding UiPath entities and locations please visit https://www.uipath.com/contact-us.
UiPath cares about protecting your right to privacy in all the regions where we operate and while complying with local laws, we are committed to implementing the personal data protection standard imposed by the GDPR across all UiPath entities.
Personal data is the information related to a natural person and which can be used to identify that person such as name, email address, telephone number, social media usernames, location data or business titles.
Personal data is data about you which you provide to us when interacting with UiPath through our website and by using our products and services and which helps us know who you are.
This means that when you use our products, services and website, we will collect certain information about you (“personal data”) which can identify you directly (name, email) or indirectly (IP address or other online identifier). We also collect anonymous information and aggregated data regarding user behavior, navigational information, device information, which helps us tailor our services and understand usage trends. For more information about the data we collect when you are using our website please check our Cookie Policy.
The personal data we process, as well as the purposes and legal basis for such processing, will differ depending on your relationship with UiPath:
Your UiPath account is a single sign on which helps you log into several UiPath platforms using the same credentials. If you decide to log in with Facebook or other social media account, remember that UiPath will have access to your Facebook profile data.
UiPath uses Auth 0 as an identity provider for authentication services and identity management. This will help you access other UiPath websites easier, by using the same credentials and provides you with more security when accessing your account. In order to connect to UiPath, your email and name are required. Thus, your UiPath account is dependent on your e-mail address.
Please remember that when you use social media accounts to connect to UiPath, you agree to have your social media profile data, such as your name, telephone number, friends, photo, birthday, gender, location, interests, shared with UiPath, through an Application Programming Interface (API).
When you create an Academy account we process certain personal data about you as a result of agreeing with the Terms & Conditions of use. These data are used to manage your account, to share or confirm your progress and to keep you updated.
Academy is built on Content Raven 360 platform, which is a processor on behalf of UiPath. For more information check Content Raven’s Privacy Policy here.
When you use UiPath Certification platform we collect and we may share with your employer some personal data about you.
When you download UiPath Community Automation Cloud, personal data is required in order to perform the terms and conditions of use and for managing your account.
For personal data used in your automations with UiPath Community Automation Cloud the Data Processing Agreement included in the terms of use will apply.
When you download UiPath Trial RPA Enterprise Platform or when you join our Insider Preview Program, personal data is required in order to perform the terms and conditions of use. Personal data is not required and should not be used in your automations when using the Trial RPA Enterprise Platform.
When you reach out to us for becoming a user of the UiPath Automation Hub we process some personal data about you.
In order for you to become a user of the Automation Hub and for us to support you in identifying the best processes to automate, we process your name, email, job level, location, business expertise, phone number based on your express consent. We use the data provided by you to send you communications about Automation Hub.
When you use UiPath Forum,we process personal data about you for managing your account and for sending you updates and news. Please remember that the Forum is public, when providing your real name, photo and location.
If you decide to log in with Google, please have in mind that your Google profile information will be shared with UiPath.
UiPath Forum is developed on the Discourse platform, which is a processor on behalf of UiPath. Please find here the Privacy Policy of Discourse.
Please have in mind that when deleting your Forum account we may still keep your activity in an anonimyzed manner for business continuity purposes.
If you request technical support we will require some identification data from you. Please try not to send us any personal or confidential information, except from your identification data and relevant technical data when asking for technical support.
Salesforce is a processor on behalf of UiPath and provides our ticketing platform. Please read more about the Privacy Policy of Salesforce here.
If you are a customer we process personal data about you for contract negotiations and contract performance purposes.
In order to negotiate and perform the contract with you as a UiPath customer, we process personal data about you such as your name, job title, company, signature, e-mail address, country and other personal data necessary for providing you with our products and services and for communicating with you related to these products or services.
In order to subscribe to our release notes about our products we process your email based on your consent.
When you use the Mobile Orchestrator App, we process your e-mail in order to receive and respond to your feedback.
We process this personal data based on our legitimate interest to process and solve your request, in order for you to enjoy a better service.
When you attend UiPath events, we require your personal data for registration. In our event terms and conditions we make it clear that we like to make videos and take photos. Please let us know if you do not want to appear in them at privacy@uipath.com or by reaching out to the organisers.
For organizing these events we use the services of different contractors which are data processors on our behalf or which are data controllers themselves. Please check their privacy policies when registering to our events.
When UiPath is a sponsor or partner at events organized by third parties, UiPath may receive your personal data, such as name, email, company name, if you agreed to receiving communications and having your data shared with UiPath.
Please note that some of these Events may be co-branded or sponsored by us and third parties, such as partners and solution providers, that resell, use or complement our products or services. Such Events clearly indicate when such partnership exists. If you sign up for these Events, your personal data may also be collected by and shared with those third parties.
We encourage you to familiarize yourself with those third-party privacy policies to understand how they will handle your personal data.
As a participant in our Events, you will be issued a name badge that you might be asked to show at the entry in the various areas of our Events. We do this in our legitimate interest to manage the access to our Events.
Our badges usually contain a barcode or QR code that provides personal data that you made available during the registration process (name, title, company, email, etc.). Our Events partners or sponsors may directly request information about you at their conference booths or presentations or may scan your badge (if you allow them to do so). Allowing them to scan your badge is entirely optional and they may use your personal data to contact you after the Event or for other purposes that you agree with them. The use of your personal data in this case will be subject to the privacy policies of those companies and we take no responsibility for such use. We recommend that you review these privacy policies before providing your data or accepting to have your badge scanned.
Badge scanning is entirely optional, and you can at any time refuse to have your badge scanned. In all cases, if you allow other Event participants (including UiPath delegates), sponsors or partners to scan your badge, these participants may contact you about their products and services.
Photos and videos at our events
We may be taking pictures and video record our Events (including Events organized by third parties where we have booths or presentations). Given that these Events are public areas and that we do not intend to focus on you as an individual (unless you are cial guest, such as a speaker), we do this based on our legitimate interest to document our Events and market their success.
If you have any concerns regarding the photos/recordings of you from an Event or if you want us to stop using photos/recordings of you in new material, please contact us at privacy@uipath.com. We will then no longer use your personal data in new information material. We will also remove you from already published material wherever possible. You can always object to being photographed or recorded during the Event by reaching out to our photographers or organizing staff.
Testimonials
We may process your personal information to post testimonials on our website or social networks but will first obtain your consent to use your name and testimonial.
Speakers
We will process your image and voice (photos, videos), name, title, company, information about your professional life and education, as well as your presentation slides (if the case) if you attend one of our Events as a speaker. We may make this data public through our website, social media or other channels(. We will ask for your consent to do so, however since our intention is to market our Events, we may refuse to appoint you as a speaker if you do not agree to such use.
In order for you to participate in UiPath’s campaigns and contests and in order for us to provide you the prizes, we process personal data, including sensitive data such as your ID information, for compliance with applicable laws and policies.
If you have a UiPath Connect profile,you can have access to and you can create activities and assets using RPA as well as share your RPA achievements with other RPA users. The profile are public, except for your e-mail. In order to create and manage your profile/account we will require certain personal data about you, as part of complying with the terms and conditions and in order for you to enjoy all features of the platforms.
Bevy is the platform which we use for the development of UiPath Connect and which is a processor on behalf of UiPath. Check here its Privacy Policy.
If you have a business partnership with UiPath or in order to become a business partner of UiPath we require and process certain personal data from you as the partner’s representatives, which enables you to use our partner portal.
Zinfi is the platform which we use for the development of the Partner Portal and which is a processor on behalf of UiPath. Check here its Privacy Policy.
Allbound is the platform which we use for the development of the Partner Technology Portal and which is a processor on behalf of UiPath. Check here its privacy Policy.
If you visit our website, we collect personal data about you with your consent in order to send you relevant news and to improve your experience on our website.
For joining the Academic Alliance Program and becoming a partner we process certain categories of personal data about you. If you are using personal data with UiPath products or services, please make sure that you have the necessary consents for doing this.
Our website is developed on the Hubspot platform. Please check its Privacy Policy.
The UiPath Learning Platform is built on Raven 360, which is a processor on behalf of UiPath. Please check here its Privacy Policy.
In order to understand the navigational trends on our website we use third-party analytics tools which collect information which your browser sends when you visit our web page. Here are tools which we use and information about their privacy policies:
When you visit our website and if you accept our cookies we collect certain data about your navigation on our website, which helps us improve our services and our online presence.
We may use the personal data you provide to us, as well as the personal data we collect about you from your interactions with our products and services, and from third party sources, for marketing purposes, i.e, to keep you informed about events, new product releases and service developments, alerts, updates, terms, special offers and associated campaigns and promotions or prices. Before we do so, however, we will, in accordance with the applicable privacy laws in your country, offer you the opportunity to choose whether or not to have your personal data used in this way. We may also contact you regarding products or services similar to those you have already used/purchased or are in the process of using/purchasing.
Our sales representatives may also use your phone number or email address to contact you directly by phone, in connection with our products and services, upcoming events or other promotions, in accordance with the laws applicable in your country.
In all cases, and irrespective of your country, you may at any time choose not to receive marketing communications from us by clicking on the unsubscribe link included in each e-mail you may receive, by indicating so when we call you, by unsubscribing or by contacting us directly at privacy@uipath.com.
We do our best to tailor your website visit, marketing experience and our communications to your expressed interests and we conduct our marketing as permitted by applicable law. Please note that if you opt out from marketing communications, we may still contact you regarding your use of our products and services and to respond to your questions or requests.
Personal data used for direct marketing and sales activities will be retained for as long as we have an active relationship with you. We treat you as an inactive contact if (i) you have made a deletion request; and (ii) you have not interacted with us or updated your preferences and contact information in the past 12 months.
As a result of our obligations regarding export control regulations, we will deny access to our services or products if you or your company are among the ones listed on the relevant websites.
For our business purposes we build individual profiles in order to send you relevant offerings. You may be denied access to our services in order to comply with our export control regulations.
In order to send you information about our products, events, news and activities, tailored to your interests we build individual profiles from the personal data you provided to us (such as name, company, job title, social media), from navigational information, information regarding the use of our services and information provided by our partners about you. Based on our legitimate interest to promote our products and services, we may also use third party platforms such as LinkedIn, in accordance with their own terms and conditions of use.
We do this in order to maximize your experience with our products and to make available to you personalized offers of your liking.
We also use personal data, such as online behavior data, for statistical purposes, in order to help us improve the way we promote our products.
You can oppose to this anytime by writing at privacy@uipath.com
We do not use profiling or automated decision making on children’s personal data.
For the purposes described in this policy we use the services of various contractors, mainly digital service providers. Some of them were mentioned in the section 3 above. Other sub-processors we use for our day to day business operations are: Atlassian, Microsoft 365, Marketo, Slack. These contractors process specific categories of personal data on our behalf to help us organize events, manage business information and contracts, store data, analyze and organize data. We also share your personal data with UiPath affiliates. Please find here the location of our affiliates.
In order for you to benefit from quality services and products we engage contractors to process data on our behalf. These contractors are bound by confidentiality and other contractual requirements to keep your data safe and secure. When the law requires, data is also shared with public authorities.
With each of these contractors we have contractual agreements which ensure that your personal data is protected and that the processing of personal data is protected and used only as necessary to perform the contracted services. Some of our contractors are also controllers on their own, carrying out processing activities while using their services and products, which include online advertising technologies, search engine, cloud computing.
Some of the contractors are third parties who are not intended to process the personal data but may have access to it upon fulfilling their tasks or interacting with us, such as technical maintenance companies, financial entities or legal auditors.
UiPath is a global company so your data is shared with UiPath’s affiliates or with UiPath’s processors around the world. We make sure that your data is kept and transferred safely, by respecting European legal requirements for data transfers.
In the context of completing the purposes presented to you in this policy, your personal data may be transferred abroad to states in the European Union (“EU”), European Economic Area (the “EEA”) or to third countries.
Any transfer performed by UiPath will respect the legal requirements laid down by the European data protection legislation.
In what concerns data transfers to third countries, we make sure that appropriate safeguards are in place in order to keep your data secure.
UiPath Inc. is subject to the enforcement and investigatory powers of the U.S. Federal Trade Commission (FTC).
UiPath Inc. adheres to the principles stated by the Privacy Shield Framework, for personal data processed from EEA, UK and Switzerland. UiPath also uses other mechanisms to ensure the adequate protection of personal data such as the Standard Contractual Clauses approved by the European Commission. Please check for UiPath in the list available here.
UiPath may be required, as mentioned in section 6 above, to disclose personal data as a result of lawful requests made by public authorities, including to meet national security and law enforcement requests.
If UiPath has not managed to handle your complaint addressed at privacy@uipath.com in a satisfactory manner, you can raise a concern to the attention of your data protection authorities (“DPAs”) or the Swiss Federal Data Protection and Information Commissioner, which will establish a panel in order to investigate and resolve complaints raised under the Privacy Shield. UiPath will comply with the recommendations provided bythis panel, by the DPAs or by the Commissioner with regard to data transferred from the EEA, the UK andSwitzerland, as appropriate.
If you have exhausted all other means to resolve your complaint regarding a potential breach of UiPath’s obligations under the Privacy Shield Framework and if you are located in the EEA, the UK or Switzerland, you may invoke binding arbitration, as specified here.
UiPath is liable for third parties processing personal data on its behalf. However, UiPath reserves the right to prove that the non-compliance was not a result of UiPath’s actions or was not in UiPath’s control.
For any inquiries about this section please reach out to privacy@uipath.com.
UiPath will store your data only for the period of time necessary or required by law. If you have entered into a contract with UiPath we will store your data for up to 5 years or as long as it is required by law, after the termination of the agreement with us.
We will store your personal data only for the period of time necessary in order to achieve the purposes described to you in this policy and in accordance with our legal obligations, our contractual obligations or the industry practices.
We will make sure not to keep excessive or irrelevant data, such as data which is out of date. We will also constantly review the periods of time for which the different categories of data we process are retained.
After the duration of the processing expires and UiPath no longer has legal or legitimate reasons to process your personal data, the data will be deleted in accordance with its procedures, which may involve archiving, anonymizing or destroying it. For using UiPath products and services we store your data up to 5 years from the termination of our agreement with you, except for the cases when legal requirements state otherwise.
We sometimes process personal data from children in order to spread the RPA knowledge and develop educational partnerships.
Under certain circumstances we process personal data from children attending our workshops or educational programs, respecting all applicable legislation and taking the relevant consents.
UiPath cares about the security of your personal data. Therefore, UiPath implements an information security framework in accordance to industry standards.
UiPath constantly evaluates and upgrades the security measures implemented as to ensure a secure and safe personal data processing. UiPath is ISO 27001 certified, regarding the security of information management. Among the measures implemented by UiPath for personal data protection are: physical security measures, access control, organisational security measures and incident management procedures.
If you refuse to have your personal data processed, depending on your relationship with us, we might not be able to provide you with our products or services, send you newsletters, information about our events or other offerings, we won’t be able to enter into a contract with you, or otherwise interact with you as described in this policy.
You can always contact UiPath at privacy@uipath.com to ask for your rights regarding the processing of your personal data by UiPath, such as the right to access your personal data, to receive a copy, to oppose to marketing communications, to have your data rectified or deleted. You can always use this form: https://www.uipath.com/legal/personal-data .
You may exercise your rights at any time.
For any questions regarding your rights please write to us at privacy@uipath.com. Also, in case you wish to withdraw your consent given for direct marketing purposes you have the possibility to use the “unsubscribe” option provided to you in every marketing communication. You can also exercise your rights by submitting a request through our website, here.
Any California resident has the right to request a company doing business in California not to sell any personal information about them. This right is referred to as the right to opt-out.
“The term “resident,” as defined in the law, includes (1) every individual who is in the State for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the State who is outside the State for a temporary or transitory purpose. All other individuals are nonresidents.”
17014 of Title 18 of the California Code of Regulations
If you are a California resident whose personal information we process, you have the right to request us not to sell your personal information. However, UiPath does not sell your personal data and only shares your personal data as directed by you, based on your consent or with its processors which only process personal data on behalf of UiPath.
For more information about your rights please write to us at privacy@uipath.com, or submit a request through our website, here.
This Privacy Policy may be changed and updated by us from time to time as it could become necessary.
We will post the updates here so we encourage you to check this page.
We will notify you of any substantial changes to this Privacy Policy and will ensure that the notification is made in a way which ensures that you acknowledge them, for example by use of the email address that you have provided to us, or any other appropriate means that ensure effective communication.
If you do not agree with the changes, please contact us or deactivate your account.
You may address any question regarding this document to who may be contacted using the following contact details: privacy@uipath.com or complete the online form available here.
Please find our Privacy Policy translated and adapted to the local jurisdictions as relevant, in French, German, Japanese.
Last updated January 10, 2020
Information notice on processing personal data for recruitment purposes
This notice together with our Privacy Policy and Terms of Use of this website and any other documents we mention here are meant to inform you on what personal data about you we collect, use, disclose, share or otherwise process when you are applying for a job at UiPath or when UiPath contacts you for recruitment purposes. Please read this policy carefully to understand our views and practices on how we protect your personal data.
UiPath and our existing or future affiliates (collectively “UiPath” or “we”) are the controllers with respect to your data. This means that we determine the purpose and manner in which your personal data is processed, as specified in this Policy.
UiPath SRL, a legal entity organized and existing under the laws of Romania with registered office at 4 Vasile Alecsandri Street, 11 Daniel Constantin Street, 5th floor, building A, district 1, Bucharest, Romania, is the contact entity for any questions regarding how your personal data is being processed.
If you want to know more information regarding UiPath entities and locations, please visit https://www.uipath.com/contact-us.
UiPath cares about protecting your right to privacy in all the regions where we operate and while complying with local laws, we are committed to implementing the personal data protection standard imposed by the GDPR across all UiPath entities.
Personal data is the information related to a natural person and which can be used to identify that person such as name, email address, telephone number, social media usernames, location data, CV, social media profiles or business titles.
This means that when you apply for a job at UiPath, we will collect certain information about you (“personal data”) which can identify you directly (name, email) or indirectly (IP address or other online identifiers). We also collect anonymous information and aggregated data regarding user behavior, navigational information, device information, which helps us tailor our services and understand usage trends. For more information about the data we collect when you are using our website please check our Cookie Policy.
UiPath processes your name, surname, CV data, work experience, education, LinkedIn profile and other information included in your application, based on your consent, for the purpose of processing your job application (recruitment and selection).
UiPath processes your results to our logical and reasoning test in our legitimate interest to assess whether you are fit for a specific position.
For the purpose of meeting our own security obligations, based on our legitimate interest, with your acknowledgement and in accordance with our internal policies, if you are selected to work at UiPath, we may perform background checks, as permitted by the local applicable laws, with a third party vendor. For this purpose, UiPath processes your name, surname, information from previous employers, information from previous schools and information from public registries, as applicable for the role you will perform at UiPath.
For more information about how UiPath processes your personal data for other purposes please see our global Privacy Policy available here.
If UiPath believes that you could be a valuable member of our team, UiPath processes your name, surname, work experience, educational experience and other information available on your LinkedIn profile, depending of your willingness to interact with UiPath, based on our legitimate interest to recruit the best candidates for our job openings.
In order to automate our recruitment process, we may use technology for making sure that candidates who are selected for further recruitment stages have the right to work in a specific geo-location or have the requested score for the logical and reasoning test.
For the purposes described in this information notice we use the services of various contractors, mainly digital service providers. These contractors process specific categories of personal data on our behalf to help us manage the recruitment process, store the data, perform the background checks if applicable and communicate with you. We also share your personal data with UiPath affiliates. Please find here the location of our affiliates.
With each of these contractors we have contractual agreements to ensure that your personal data is protected and that the processing of personal data is protected and used only as necessary to perform the contracted services.
Some of the contractors are third parties who are not intended to process the personal data but may have access to it upon fulfilling their tasks or interacting with us, such as technical maintenance companies, financial entities or legal auditors.
In the context of completing the purposes presented to you in this policy, your personal data may be transferred abroad to states in the European Union (“EU”), European Economic Area (the “EEA”) or to third countries, such as USA, depending of your location.
Any transfer performed by UiPath will respect the legal requirements laid down by the European data protection legislation.
In what concerns data transfers to third countries, we make sure that appropriate safeguards are in place in order to keep your data secure.
We will store your personal data until you withdraw your consent or for a maximum period of 2 years after which your data shall be destroyed or anonymized.
We will make sure not to keep excessive or irrelevant data, such as data which is out of date. We will also constantly review the periods of time for which the different categories of data we process are retained.
UiPath constantly evaluates and upgrades the security measures implemented as to ensure a secure and safe personal data processing. UiPath is ISO 27001 certified, regarding the security of information management. Among the measures implemented by UiPath for personal data protection are: physical security measures, access control, organisational security measures and incident management procedures.
When we process your personal data, it is very important to know that you have the following rights:
You may exercise your rights at any time.
For any questions regarding your rights please write to us at privacy@uipath.com. Also, in case you wish to withdraw your consent given for direct marketing purposes you have the possibility to use the “unsubscribe” option provided to you in every marketing communication. You can also exercise your rights by submitting a request through our website, here.
You may address any question regarding this document to who may be contacted using the following contact details: privacy@uipath.com or complete the online form available here.
