Privacy Policy updates and subprocessors list change

We’ve updated our Privacy Policy to version 6.0, which now addresses UTMs and updated Law Enforcement Requests guidelines. We’ve also made a Trust Center subprocessor list change.

Here are the specific updates:

• Added Urchin Tracking Modules (UTMs) language, as follows:

  • Urchin Tracking Module (UTM) tags are distinct from cookies as defined in Policy section 3. UTM works as a custom Uniform Resource Locator (URL) parameter for marketing campaigns, and reports can be viewed in platforms like Google Analytics. UTM tags are appended as part of the visible URL in marketing programs to understand the specific instance of a link. UTM tag reports are observed in Google Analytics or Marketo to better understand how our visitors are getting to our websites, and as such, who our visitors are. Such data is collected at an aggregate level and will not identify you personally. Customizing the URL with UTM tags allows us to better understand marketing activity, which then allows us to better serve our customers and audiences.
  • As part of this process, non-identifying and non-profiling information (source, medium, campaign, and Click ID) will be stored in your browser in local storage. No Personally Identifiable Information (PII) or personal data will be stored. This information would only be used by Platform.sh if you sign up for and consent to our service. At that point in time, campaign attribution information would be made available to Platform.sh to gauge the effectiveness of the campaign. You may clear your browser cache prior to signing up for our service to opt-out. For any questions about or preferences for cookie or UTM opt-outs, or about our policy listed here, please contact us.

• Added the clause “however, we will use reasonable efforts to provide notice to Platform.sh customers when we receive a request for customer personal data unless Platform.sh is explicitly prohibited from doing so by applicable laws” to our section about disclosing data due to legal or governmental requests to indicate that we will be as transparent as possible, whenever possible.

• Added the clause “[to] prevent an emergency when a person is at risk of potential imminent death or serious physical injury, and Platform.sh may have personal data necessary to prevent such emergency” to our section about sharing information.

• Added the clause “[to] protect against apparent instances of child exploitation or missing children detected on Platform.sh’s services” to our section about sharing information.

We’ve also updated the addresses of our subprocessors on our subprocessor list, located in our Trust Center. Previously, the addresses listed specified our subprocessors’ headquarters. The address below the subprocessor name now indicates the contract location.

If you have any questions, please contact us.