Trust and Security
UiPath is a global software company offering an end-to-end platform for automation that has its main offices in Romania and the United States of America.
UiPath SRL is incorporated in Romania at 4 Vasile Alecsandri Str. and 11 Constantin Daniel Str., Building A, 010613, 1st District, Bucharest, Romania.
UiPath Inc. is incorporated in the United States of America at 452 5th Avenue, 22nd Floor, New York, NY, 10018.
UiPath generally acts as controller with respect to your Personal Data and determines the purpose and manner in which your Personal Data is processed as described below. At times, UiPath may act as a processor, and will process Personal Data on your behalf, as further detailed in this Policy.
UiPath cares about protecting the right to privacy of individuals, and, while we may rely on local laws, we aim to uphold the Personal Data protection standards of the GDPR even for non-EU UiPath entities, as practically possible. Terms like “personal data”, “processor”, “processing”, “controller”, and other terms defined by the GDPR are used in this Policy in accordance with the definitions given by the GDPR and are sanctioned in accordance with the GDPR.
When you use our Services, we will collect information about you which can identify you directly (name, email) or indirectly (IP address, or other online identifiers). We may also collect anonymous information and aggregated data regarding user behavior, navigational information, device information, which helps us improve and tailor our Services and understand usage trends.
During its activity UiPath may process different types of Personal Data belonging to a variety of data subjects such as customers, potential customers, business partners, etc. The type of Personal Data that may be processed about you depends on your relationship with UiPath, and on the applicable processing purpose.
Please note that, if you are enrolled by a legal entity or you have enrolled by yourself with an e-mail address registered under the domain of a legal entity, we will deem that you are acting on behalf of that entity which is either a customer or a partner of UiPath, as their employee. Therefore, we will process your Personal Data on behalf of the employer, and we may need to make the Personal Data or your activity within the Services available with the employer, upon the latter’s request. Where the scope of the processing exceeds the purpose of contract performance, we will request your consent.
Providing our Services
Customer Enrollment and Provision of Services. If you are a customer, we may process your name, job title, company, signature, e-mail address, country and other Personal Data, as necessary to execute and perform the agreement underlying to the Services. The purpose includes license management, account activations, contracts and accounts management, providing the Services, and associated communications.
Account Creation and Management. When you create an account with UiPath to use the associated Services, we process your name, e-mail address, username, country, language, employment status, employer, job title, industry, and other Personal Data that is needed to grant you access to the Service and maintain the account.
Please keep in mind that due to the nature of some of our Services, such as Academy, Community Forum and UiPath Marketplace, your profile and your activity may need to be visible to other users. Moreover, by using a corporate email address or by choosing an affiliation in your profile, your profile data, learning progress and other usage data may be shared with the owner of the domain (e.g. your employer). You can always choose to use a personal email address instead of a corporate one, and not to include an affiliation in your profile.
Social Media Accounts. When you use your social media accounts to connect to UiPath, you agree to share with UiPath your social media profile data such as your name, telephone number, friends list, photo, birthday, gender, location, interests, and other Personal Data you make available there.
Where the Services support voice command (e.g., through Google Assistant, by enabling Google App Actions), the underlying Personal Data will only be used for the purpose of providing the Service. We process this information based either on your consent, on the need to perform the contract we have with you or your employer, or on the legitimate interest of us or of your employer; and for the purpose of creating and managing your account, delivering the Services, and providing you with information related your use of the Services.
UiPath on-premises Services. UiPath does not have access to Personal Data you use with the on-premises Services.
Third-Party Products. Our Services may integrate with third-party products. Any Personal Data you use with third-party products may be visible to the third-party providers and will be processed in accordance with their own privacy documentation, and UiPath will bear no liability thereof.
If you request our support, we will process the Personal Data needed for support, such as name, email address, country, company, job title and device ID, in accordance with our Support Terms. We may also process voice data upon your consent, when support is offered via call center or remote.
We want to limit the usage of Personal Data to what is necessary for support purposes, so we rely on you to limit the disclosure and stick to sharing only technical data.
Access to our Websites
When you visit our websites, we will request your consent to collect your Personal Data, including, without being limited to, browser information, device used, IP address, user experience on the website, name, email, phone number, job level, field of expertise, employer, industry, country, or Twitter username and LinkedIn Profile URL. We will use it to provide you with relevant news, improve your experience on our website, or respond to your inquiries.
When you use our websites to report an abuse, a security incident, or to ask for the deletion of your accounts, we will process your name and e-mail to respond to your request.
Participation to Events and Contests
If you attend UiPath events, we will process your Personal Data to register you, to provide information on events, or to ask for your feedback, based on your consent. If you enroll in our contests and campaigns, we will process your Personal Data to register you and provide the prize, based on your consent, on our legal financial obligations, or on our legitimate interest to comply with our internal financial policies.
The Personal Data we will process may include, without being limited to, name, surname, e-mail address, telephone number, location, social media account, job title, company, voice, image, and even ID information, if necessary for compliance with applicable laws and policies.
Please note that when we organize events, contests, or campaigns co-branded or sponsored by us and our partners (resellers, solution providers, etc.), this will be clearly indicated in the applicable documentation. If you sign up, your Personal Data may be collected by, or shared with, UiPath and our partners.
In order to manage access to our events, you will be issued a name badge that you might be asked to show at the entry in the various areas of our events. Our badges usually contain a barcode or QR code that provides the Personal Data that you made available during the registration process. Our partners or sponsors may directly request information about you or may ask to scan your badge. Badge scanning is entirely optional, and you can at any time refuse to have your badge scanned. In all cases, if you allow other event participants, sponsors or partners to scan your badge, these participants may contact you about their products and services.
We may be taking pictures and video record our events, including events organized by third parties, based on our legitimate interest to document our events and market their success. If you have any concerns regarding the photos/recordings of you from an event, you can always reach out to our photographers, organizing staff, or contact us at email@example.com.
With your consent, we may process your personal information to post testimonials on our website or social networks.
If you attend one of our events as a speaker, we will process your image and voice (photos, videos), name, title, company, information about your professional life and education, as well as your presentation slides, if the case. We will always ask for your consent before making this data public through our website, social media, or other channels.
If you want to become a UiPath partner (e.g., business partner, Academic Alliance partner, Academy partner, etc.) we will process your Personal Data, such as full name, company, institution, job title, position or occupation, location, email, telephone number, industry, location, and other necessary information, in order to perform the underlying partner agreement.
Our Marketing Activities
We may process your Personal Data, such as name, e-mail address and telephone number, and other data that was either provided by you, collected from your interactions with our Services, or received from third party sources, for the purpose of sending you marketing communications through e-mail, telephone, or mail. We only do so if you allowed us to use your personal data this way, in compliance with the applicable privacy laws.
Marketing communications include sending information about the Services you use or have shown interest in, Services similar to those you already use, new product releases, service developments, alerts, updates, terms, events, special offers and associated campaigns and promotions or prices, and may be performed either via targeted marketing e-mails or through our sales representatives, in accordance with the applicable laws.
You may at any time choose not to receive marketing communications from us by clicking on the unsubscribe link included in the e-mail, by indicating so when we call you, or by filling in this form. Please note that if you opt out from marketing communications, we may still contact you regarding your use of our Services and to respond to your questions or requests.
When you apply for a job at UiPath, or when we reach out to you for recruitment purposes, we may process your Personal Data such as name, surname, CV data, work experience, education, LinkedIn profile, and other information included in your application, based on your consent, or on our legitimate interest, for the purpose of recruiting the best candidates for our job openings.
When you enter the monitored spaces in our buildings and facilities, we may process your Personal Data, such as video footages, images, voice (of you and your belongings), based on our legitimate interest, for the purpose of ensuring the security and safety of our buildings, facilities, staff ,visitors, property, and information located or stored on the premises.
We use automated decision making and profiling for the following purposes:
to comply with our export control regulations, denying access to our Services to individuals or companies identified as restricted parties by the relevant authorities or regulatory bodies
to maximize your experience with our Services and to make available personalized offers by building individual profiles using the Personal Data you provided to us, navigational information, information regarding the use of our services and information provided by our partners about you.
for statistical purposes and to help us improve the way we promote our Services with the help of Personal Data, such as online behavior data.
for recruitment, in order to ensure that candidates who are selected for further recruitment stages have the right to work in a specific geo-location or have obtained the required score for the logical and reasoning tests.
You can oppose to this anytime by filling in this form.
We prohibit children to access our Services and therefore we do not employ profiling or automated decision making on children Personal Data.
As a global company, UiPath may share data with its affiliates, third-party processors, or business partners around the world. UiPath applies caution when contracting with processors or other controllers and performs the relevant activities and puts all the safeguards in place, as required to comply with the GDPR in relation to Personal Data transfers.
With UiPath affiliates
We share personal data with our affiliates as necessary to provide the Services or perform usual business activities. Personal data shared with our affiliates is granted GDPR level of protection. The list of UiPath affiliates can be found here.
With UiPath service providers
For the purposes described in this Policy we use the services of various contractors, mainly digital service providers, such as Salesforce, Atlassian, Microsoft 365, Marketo. These contractors process specific categories of Personal Data on our behalf to help us organize events, manage business information and contracts, store data, analyze and organize data.
We have contractual agreements with our contractors to ensure that your Personal Data is protected and used only as necessary to perform the contracted services. Some of our contractors are also controllers on their own, carrying out processing activities while using their services and products, which include online advertising technologies, search engine, cloud computing.
Some of the contractors are third parties who are not intended to process the Personal Data but may have access to it upon fulfilling their tasks or interacting with us, such as technical maintenance companies, financial entities, or legal auditors.
With UiPath partners and distributors
As necessary to maintain an efficient selective channel system with the purpose of creating a retail environment where the commercialization of the Services is performed only by the UiPath authorized partners and distributors and customers’ demand is properly satisfied, we may share certain customers’ data (such as business contact details) with such UiPath authorized partners and distributors. We take appropriate measures, have contractual safeguards and we conduct internal assessment to ensure that the sharing of Personal Data is proportionate, transparent limited to the purpose and beneficial for you, that there are no privacy risks with all data privacy laws being observed during the processing.
If legally required
We may also provide personal data to third parties in the following situations:
as requested by public authorities, auditors or institutions competent to exercise inspections on UiPath, based on their legal obligations, such as data protection authorities or authorities for consumer protection, which may ask us to provide information;
to comply with a legal requirement or to protect the rights and assets of UiPath or other entities or people, such as courts of law, or enforcement authorities;
to third parties’ acquirers, as part of a change of control, merger or acquisition or similar procedures, if your Personal Data would be part of the transaction.
We will store your Personal Data for a limited period of time, as necessary to achieve the purposes of the Personal Data processing, as described in this Policy, and in accordance with our legal and contractual obligations, or industry practices. This means that we retain different categories of data for different periods of time depending on the type of data, the category of data subject to whom the data relates, and the purposes for which we collected the data.
Once the retention period expires for a specific category of data, UiPath will delete, archive, anonymize or destroy it, in accordance with its internal policies and procedures, unless prohibited by the applicable law.
You may request to have all your information deleted at any time by filling in this form.
We may process Personal Data from children that attend our workshops or educational programs organized to spread the RPA knowledge and develop educational partnerships. UiPath commits to comply with the applicable legislation with respect to such processing.
UiPath constantly evaluates and upgrades the security measures implemented as to ensure a secure and safe Personal Data processing. More information on the security measures implemented by can be found here.
You have the following rights in respect to your Personal data under the GDPR, which you may exercise at any time by submitting a request on our website here.
The right of access
The right to request the rectification or erasure of personal data
The right to request the restriction of processing
The right to withdraw your consent for processing
The right to object to the data processing
The right not to be subject to a decision based solely on automated processing, including profiling
The right to data portability
The right to file a complaint with the Data Protection Authority (ANSPDCP) and the right to address to the competent courts of law.
You may use the same form to exercise your right to opt-out of sale of personal information, if you are a resident of the state of California, as provided by the CCPA.
For any other questions regarding your rights please write to us at firstname.lastname@example.org.
If you do not agree with the changes, please contact us or deactivate your account.