Last Updated: January 2021
Palantir Technologies Inc. and our subsidiaries (“Palantir” or “we”) are committed to complying with data protection legislation, including the data protection regime introduced by the General Data Protection Regulation (EU Regulation 2016/679, the “GDPR”). This privacy notice contains information on what personal data we collect, what we do with that information, and what rights you have.
We process some personal data in order to run our business. There are a limited number of circumstances where we may share your information with third parties (for example, pursuant to a court order, if we are part of a merger, or with our business partners and service providers who support our business or collaborate with us). We take the security of your information seriously and take steps to keep your information secure. Please read the full Privacy and Security Statement below and you can always contact us if you have questions.
This Privacy and Security Statement does not apply to information collected on any third-party site or application (including advertising) that may link to or be accessible from our websites. We are not responsible for the privacy policies or data collection, use and disclosure practices of those sites. We encourage you to review the privacy policies of each site you visit.
Please read this Privacy and Security Statement carefully to understand Palantir’s policies and practices regarding your information and how we will treat it. By accessing or using any of our websites or services (including email communications), you agree to this Privacy and Security Statement. This Statement may change from time to time, and these changes may affect how we use the information described below, so please check the Privacy and Security Statement periodically for updates.
We collect several types of information for our business operations, including but not limited to:
Information you provide to us. When you navigate our websites or contact us, we may request or you may choose to provide us with certain information. This may include information by which you may be personally identified (“personal information”), such as name, employer, e-mail address or telephone number, and records and copies of your correspondence with us. For security purposes, we may also collect personal information from you if you visit one of our offices.
Information collected from forms on our websites. This includes information provided at the time of registering to use portions of our websites or our products and services, posting material, or requesting further services. We may ask you for information when you report a problem with our websites, products or services.
Usage details, IP addresses and cookies. As you navigate through and interact with our websites, we may automatically collect certain information about your equipment, browsing actions and patterns using common internet technologies, such as cookies and Web beacons. This may include details of your visits to our websites, including information about your connectivity, such as your IP address and browser information, location data, logs and other communication data, and the resources that you access and use on the websites. This information helps us to improve our websites and to deliver better and more personalized content and services by enabling us to estimate our audience size and usage patterns and recognize you when you return to our websites.
Email marketing. As a current or previous customer or user of our products or services, you may periodically receive emails from us containing details about features of the products you use and/or about similar products or services that we offer. Such processing may include the placing of beacons, or pixels, that let us know if you have opened our email and how long the email was open. We do this in order to see which emails are effective and which are not, so that we can improve our content and services. It helps us make sure that you are getting emails from us that you find useful and relevant. In doing so, we will not track your location or device information.
General business-related information. We may also receive other personal information from or about you in the ordinary course of our business.
We use information that we collect about you or that you provide to us, including personal information:
Legal basis for the processing. We are not allowed to process personal data if we do not have a valid legal ground. Therefore, we will only process your personal data if:
To the extent that we process any special categories of data relating to you, we will do so because:
Protecting your personal information is important to us and we neither rent nor sell your personal information to anyone. We may disclose or transfer personal information that we collect or you provide as described in this Privacy and Security Statement, including:
To facilitate our global operations, and in accordance with applicable laws, we may transfer your personal information to, and access your personal information from, our corporate offices, subsidiaries, and affiliates in the various countries in which we operate, including the United States. Non-EEA countries may not offer the same level of personal data protection as EEA countries.
If your personal data is transferred outside the EEA, we will put in place suitable safeguards to ensure that such transfer is carried out in compliance with applicable data protection rules. To ensure this level of protection for your personal information, we may use a data transfer agreement with the third-party recipient based on standard contractual clauses approved by the European Commission or ensure that the transfer is to a jurisdiction that is the subject of an adequacy decision by the European Commission or utilize another valid basis for transfer meeting the requirements for appropriate safeguards under the GDPR. You may request additional information in this respect and obtain information regarding the relevant safeguard by exercising your rights as set out below. Where Palantir transfers personal data to other group companies, we rely on the standard contractual clauses.
We strive to provide you with choices regarding the personal information you provide to us. Here are a couple of ways you can have control over your information:
We only collect and retain as much personal information as needed for specific, identified purposes described in this Privacy and Security Policy and we will not use it in any way that is incompatible with those purposes.
You may have a right to access and to obtain a copy of your personal data as processed by Palantir. If you believe that any information we hold about you is incorrect or incomplete, you may also request the correction of your personal data.
You may also have the right to:
We will honor such requests, withdrawal or objection as required under applicable data protection rules but these rights are not absolute: they do not always apply and exemptions may be engaged. We will usually, in response to a request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we do not comply with your request, we will explain why.
To exercise the above rights, you may send an email to email@example.com. If you are not satisfied with how we process your personal data, please let us know and we will investigate your concern. Please raise any concerns by contacting our Data Protection Officer at firstname.lastname@example.org.
If you are not satisfied with our response, you have the right to make a complaint to the data protection authority in the jurisdiction where you live or work, or in the place where you think an issue in relation to your data has arisen. The contact details of each Data Protection Authority can be found at the following website: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.
This section provides additional information regarding the California Consumer Privacy Act of 2018 (the “CCPA”), and supplements the disclosures and information throughout this Privacy and Security Statement. The commitments in this section apply only to individuals covered by the CCPA, and are subject to certain statutory exceptions laid out in the CCPA itself.
The personal information we generally collect, use, and disclose regarding California residents, as well as the categories of sources of such information, is described above in the section, “Notice About How We Use and Protect Personal Information.” Palantir does not sell California residents’ personal information (and will not do so without presenting an opportunity to opt-out, as would be required under the CCPA). Any disclosures of such information to third parties over the preceding 12 months have been in accordance with the permitted categories in the “Disclosure of Your Information” section above. Palantir also does not sell the personal information of minors under 16 years of age, and if it ever did would require affirmative authorization to do so.
The CCPA creates a right for covered individuals to request that a company disclose what, if any, personal information that company collects, uses, discloses, and sells about them specifically, or to request the deletion of personal information the company has collected or maintained about them. If you believe you have such a right under the CCPA and would like to exercise that right with respect to Palantir, please complete the form here or submit an email request to email@example.com with “California Request to Know” or “California Request to Delete” in the subject line. For a “Request to Know,” please specify what details you would like to know, including any specific pieces of personal information you would like to access. For a “Request to Delete,” please specify what information you would like to have deleted (which may be all your information as required by the CCPA). If you submit a request, we may ask for information necessary to verify your identity and eligibility to assert this right, and we will respond to verified requests in accordance with the CCPA. You may also utilize an authorized agent to exercise your CCPA rights on your behalf. You may not be discriminated against because you exercise any of your rights under the CCPA, and Palantir is committed to this principle.
We take your security seriously and take reasonable steps to protect and secure your personal information from unauthorized access, use, and disclosure. We have implemented adequate technical and organizational measures to protect personal data against unauthorized, accidental or unlawful destruction, loss, alteration, misuse, disclosure or access and against all other unlawful forms of processing. These security measures have been implemented taking into account the state of the art of the technology, their cost of implementation, the risks presented by the processing and the nature of the personal data, with particular care for sensitive data.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our websites, products, or services, you are responsible for keeping this password confidential. Please do not share your password with anyone.
Although we take reasonable security measures to protect your personal information, for example, by using Secure Socket Layer encryption when you transmit your password, we cannot guarantee the security of your personal information transmitted to our websites. The transmission of information via the internet is not 100% secure and we cannot ensure or warrant the security of any information you transmit to us. We are not responsible for circumvention of any privacy settings or security measures contained on the websites.
We will only retain personal data for as long as necessary to fulfil the purpose for which it may lawfully be processed or to comply with legal, regulatory or internal policy requirements.
We may amend this Privacy and Security Statement from time to time. We encourage you to revisit this page periodically to read the current version of this Statement in effect. If you have any concerns or questions about this Statement or if you would like to lodge a complaint, please contact firstname.lastname@example.org.
Our websites are not intended for children under 13 years of age. If you become aware that your child has provided us with personal information without your consent, please contact us at email@example.com and we will work to delete it. We do not knowingly collect personal information from children under 13.
To communicate with our Data Protection Officer, please email firstname.lastname@example.org.
If you have any questions or comments about this Privacy and Security Statement, please contact us by emailing us at email@example.com
or by writing to us at:
Palantir Technologies Inc.
Attention: Legal Department, Privacy Statement Issues
100 Hamilton Ave., Suite 300
Palo Alto, CA 94301