Effective Date: October 13, 2023

Posted Date: October 13, 2023

I. Inledning

På Okta anser vi att datasekretess är viktigt. I denna Okta sekretesspolicy från Okta finns detaljerad information om våra sekretessprinciper för de aktiviteter som beskrivs i denna sekretesspolicy. Läs igenom denna sekretesspolicy noga för att förstå hur vi samlar in, delar och på annat sätt behandlar information om personer ("personuppgifter") och för att lära dig vilka rättigheter och val du har angående behandling av dina personuppgifter.

If you are a California resident, please review the section of this Privacy Policy for California residents.

In this Privacy Policy, “Okta,” “we,” “our,” and “us” each mean Okta, Inc. and the applicable Okta affiliate(s) involved in the processing activity. The addresses of our offices, where Okta, Inc. and our affiliates are located, can be found at https://www.okta.com/contact.

Auth0, Inc. är ett dotterbolag till Okta. Alla referenser till kundidentitetsmolnet omfattar Auth0 by Okta.

II. Oktas roller och ansvar

Okta är personuppgiftsansvarig för dina personuppgifter i enlighet med denna sekretesspolicy om inte annat anges. Observera att denna sekretesspolicy inte omfattar vår behandling av personuppgifter i rollen som personuppgiftsbiträde (eller motsvarande roll såsom ”tjänsteleverantör” i vissa jurisdiktioner) för våra kunders räkning. Detta inkluderar situationer där vi erbjuder våra kunder olika molnprodukter och -tjänster som de (och/eller deras samarbetspartner) använder för att ansluta sina webbplatser och appar till vår värdplattform (inklusive våra varumärkta Auth0 by Okta-tjänster), för att sälja eller erbjuda sina produkter och tjänster, skicka elektroniska meddelanden till andra personer eller på något annat sätt samla in, använda, dela eller behandla personuppgifter via våra molnprodukter och -tjänster.

Var och en av våra kunder, inte Okta, styr om de ger dig ett konto eller någon annan form av åtkomst till Okta-identitetsmolntjänsten via sitt abonnemang. Om de ger dig ett sådant konto, eller någon annan form av åtkomst via sitt abonnemang, styr de vilken information om dig som de skickar till vår tjänst. Sådant innehåll kan bestå av kontaktuppgifter (t.ex. för- och efternamn, e-postadress och telefonnummer), yrkesrelaterad information (t.ex. vilken avdelning på din arbetsplats som du arbetar på) eller annan typ av information som kunden väljer att skicka in. Oktas användning av detta innehåll regleras av avtal mellan Okta och kunden.

For detailed privacy information applicable to situations where an Okta customer (and/or a customer affiliate) who uses Okta’s cloud products and services is the controller, please reach out to the respective customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those set forth in this Privacy Policy. If not stated otherwise either in this Privacy Policy or in a separate disclosure, we process such Personal Data in the role of a processor or service provider on behalf of a customer (and/or its affiliates), who is the responsible controller of the applicable Personal Data. 

Om dina personuppgifter har lämnats till oss av eller på uppdrag av en Okta-kund och du vill utöva eventuella rättigheter som du har enligt gällande dataskyddslagar ska du kontakta den berörda kunden direkt. Eftersom vi bara kommer åt en kunds data på begäran av kunden måste du uppge namnet på den Okta-kund som skickade dina personuppgifter till oss om du vill fråga oss direkt. Om vi kan verifiera Okta-kunden vidarebefordrar vi din begäran till kunden och hjälper vid behov kunden att hantera din begäran inom rimlig tid.

Additional information and safeguards regarding Okta’s data protection obligations (including for international transfers) to our customers are set forth in our subscription agreement form and related documents, including our Trust & Compliance Documentation, all of which are available online at https://www.okta.com/agreements. 

III. Personuppgifter som vi samlar in och källor för data

Berörda databehandlingsaktiviteter

Denna sekretesspolicy gäller behandling av personuppgifter som vi samlar in på de sätt som framgår i detta avsnitt.

Vi samlar in information om dig när du ger den till oss, när du interagerar med våra produkter och tjänster, webbplatser och elektroniska system, när du deltar i evenemang och besöker våra kontor samt när andra källor ger den till oss, vilket beskrivs närmare nedan.

Information som du ger oss

Baserat på våra nuvarande principer (och även de som gällt under de senaste 12 månaderna) samlar vi in följande informationskategorier om dig:

Contact and Professional Data. We collect contact and/or professional data about you in person, through communications, including communications from you or your colleagues, and through our websites. For example, you provide your contact and professional information to us when you sign up to learn more about Okta’s products and services, download content, register for an event, and visit our offices. If you attend an event, we may also receive contact and professional details about you when you choose to scan your attendee badge or by providing a business card or other method(s) whereby you share Personal Data with us. Typically, contact data includes your name and contact methods, such as telephone number, email address, and office or other mailing address, and professional data includes details such as the organization you are affiliated with, your job title, and industry.

Administrator Data. When you sign up for an account to try Okta, subscribe to any Okta service via Okta or another entity (such as a marketplace or authorized reseller), have the ability to submit a support request, or are designated an administrator of any part of the Okta Service, then information is provided to us about you (“Administrator Data”). Administrator Data usually includes your name, email address, phone number, address, billing information, business contact information, credentials information (including Okta training and credentials), subscription and service configurations you select, and other details you may provide to us about you or include in your profiles in Okta communities and other support portals. We may also receive any Personal Data you share via tooling used to provide support, e.g., videoconferencing or other communication methods you participate in.

Biographical, Community, and Support Data. We may also collect various types of biographical, community, and support Personal Data from you via our help center and community support forums. For example, if you register for an online community that we host, we may ask you to provide a username, photo and/or biographical information, such as your occupation, organization name and areas of expertise. Additionally, you may provide Personal Data to us when you create user-generated content (for example, by posting in a forum), provide Okta with feedback, or when you participate in interactive features, trainings, online surveys, contests, promotions, sweepstakes, activities, or events. Okta may receive Personal Data and Administrator Data in connection with an administrator's request for support for the Okta service.

Job Applicant Data. We collect contact and professional information, including your resume with educational and work background, that you provide when you apply for a job with Okta. We may also collect sensitive information, like your Social Security Number or other government identifier, criminal history information, racial or ethnic origin, or other such Personal Data that you provide in connection with your job application.

Contract and Payment Data. We may receive contract details (like signatures) from you or your organization and use payment processing services to collect payment and billing information, which may contain Personal Data such as billing name, billing address and payment card details, in connection with some of our products and services. 

Audio, Electronic, or Visual Data. If you attend an Okta in-person or virtual event or agree to be recorded in a telephone or video meeting, we may record some or all of that event or meeting. For events, we may document the event in various ways, such as by taking photos at the event, interviewing you at the event, or recording your participation in a live question-and-answer or other interactive session. We use this information for business and marketing purposes to better inform the public about Okta, its events, and provide testimonials about our products and services, to the extent permitted by applicable law.

Consumer Products. If you use consumer products made available by Okta (“Okta Consumer Products”), then we may receive various types of information and content from you that you choose to share, including contact information (such as your first and last name, email address, and phone number), additional multi-factor authentication factor setup details, content you upload (such as identification or other documentation), and information regarding the websites and applications that you visit and use through Okta Consumer Products for authentication. We also receive Ancillary Data, including device data, Usage Data, and metadata, as described below for the purposes described below. 

Depending on your jurisdiction, if we collect sensitive data from you, we will do so by providing you with additional notice or confirming your consent upon collection, if required by applicable law. 

Personuppgifter som vi samlar in från andra källor

Under loppet av vår verksamhet (och under de 12 månader som föregick det effektiva datumet för denna sekretesspolicy.) mottar vi personuppgifter och annan information från tredje part för vår verksamhet eller kommersiella syften. Denna information varierar och faller inom några få kategorier:

  • Kontaktinformation för företag (såsom namn, befattning, e-post, telefonnummer och adress), social profil (såsom LinkedIn eller XING) och övrig information om din organisation i försäljnings- och marknadsföringssyften samt för att bättre informera dig om Oktas produkter och tjänster.
  • Identifierande information och användarnamn i plattformar från tredje part;
  • Detaljer om dig som platssökande (vilket kan inkludera ditt namn, din CV, utbildning, tidigare jobb, utdrag från polisregister och återkoppling) i den omfattning som är tillåten enligt gällande lag; samt
  • Data som används av säkerhetsskäl för att skydda våra produkter och tjänster.

I kommersiella syften mottar vi företagsrelaterad kontaktinformation som innehåller personuppgifter, inklusive information om ditt företag från tredje part för marknadsföring och business intelligence, såsom analyser av affärsmöjligheter och identifiering av och kommunikation med potentiella kunder, för att ge vår målgrupp mer relevant innehåll och reklam. Vanligtvis, och under tillämpliga lagar, får vi denna information om dig från några få källor, t.ex. (i) marknadsföringsinitiativ från tredje part, såsom evenemang för vilka vi är sponsorer, eller webbplatsformulär från tredje part som eventuellt tillhandahåller innehåll om oss, (ii) tillfällen när du samtycker till att få ditt deltagarpass skannat vid ett evenemang som vi eller en annan enhet är värd för, (iii) företag, t.ex. informationsaggregatorer och liknande enheter, från vilka vi har licensierat information om affärskontakter samt (iv) hänvisningar; eller (v) återförsäljare och kanalpartner, inklusive de som erbjuder gemensamma marknadsföringstjänster. I vissa situationer kan vi kombinera sådan information om affärskontakter med andra icke-personliga uppgifter och personuppgifter som vi har eller som du har lämnat till oss. Vi kan t.ex. kombinera information om affärskontakter med information om ditt företag, exempelvis adress och omsättning, för att kunna analysera denna information och få fram affärsmöjligheter eller använda den för att kunna förse dig med skräddarsytt innehåll.

Vi tar även emot personuppgifter för att förbättra arbetet med hotinformation och skydda säkerheten i vår tjänst och i våra kunders appar, t.ex. gällande läckta autentiseringsuppgifter för webbplatser från andra enheter. Vi använder dessa personuppgifter i olika syften, t.ex. i säkerhetssyfte och för att upptäcka bedrägerier, samt för att göra det möjligt för våra kunder att konfigurera inställningarna i Okta-produkterna och -tjänsterna så att de meddelar administratörerna och användarna ifall de data som de lägger in i Okta-tjänsten återfinns i denna datauppsättning.

Vi tar även emot information från plattformar som tillhör tredje part för flera olika affärssyften, såsom organisatorisk kreditinformation, programhantering eller av teknikrelaterade anledningar. Vi kan t.ex. få kreditinformation om ett företag som innehåller namn på personer. Om du deltar i ett öppet projekt eller vårt ”bug bounty”-program kan vi få information om dig, t.ex. användarnamn eller önskan om meddelanden, vilket kan hjälpa oss att hantera ditt deltagande i projektet eller programmet samt för att förse dig med uppdateringar.

Om du söker anställning på Okta kan vi, under lagar som gäller inom din jurisdiktion, ta emot personuppgifter om dig från tredje part för affärssyften, till exempel via bakgrundskontroller (utbildning, anställningar, brottsregister och ekonomisk information), allmänt tillgängliga källor (såsom konton på sociala medier, inklusive LinkedIn för identifiering av sökanden), feedback om din ansökan från intervjuer samt från andra tredje parter som ger oss feedback om din ansökan. Okta behandlar referenser som tillhandahålls som en del av en jobbansökan som konfidentiella.

For our professional services work, as a processor or service provider for our customers, Okta may also receive Personal Data about you to perform its obligations under its contract with a third party. Okta partners may also share your business contact information with Okta as part of their recommendation to your organization to become an Okta customer. If Okta is interested in partnering with, acquiring, investing in, or partners with, acquires, or invests in your employing or retaining organization, Okta may receive Personal Data about you through the (potential or completed) transaction for its business purposes. 

Device Data, Usage Data, Ancillary Data, Diagnostic Data, and Metadata We Collect 

Förklaring av enhetsdata, användningsdata, tillhörande data, diagnostikdata och övriga metadata samt teknik som används

Precis som de flesta webbplatser, appar och programvara på internet samlar Okta in vissa personuppgifter när du besöker och använder våra webbplatser, appar, programvaror och produkter och tjänster i enlighet med tillämpliga lagar i din jurisdiktion. Den här typen av datainsamling gör det möjligt för oss att bättre förstå enskilda personers användning och hur våra webbplatser, appar och tjänster fungerar och gör det möjligt för oss att tillhandahålla, fixa och förbättra våra webbplatser, appar, programvaror och produkter och tjänster samt upptäcka, undersöka och bekämpa bedrägerier, säkerhetsincidenter och annat bedrägligt eller skadligt beteende. De uppgifter vi samlar in kan innehålla följande:

Device Data. We may collect certain information from and about your device, such as unique device identifiers, browser type, the operating system installed on your device, certain device configurations, and similar device or version information (“Device Data”). We use Device Data to identify the location of the device, which we use to provide necessary disclosures, obtain necessary consents, prevent access to our products and services as required by applicable law, and comply with any other requirements applicable to Okta, to detect, investigate, and combat fraud, security incidents, and other deceptive or malicious behavior, and to help us determine that users from one type of device use our websites, products and services in different ways than users of a different type of device, which in turn allows us to troubleshoot and investigate the performance of our products and services, improve our websites, products, and services, such as through optimizing the screen size of Okta mobile applications, or making sure that our customers’ users have a more efficient user experience. The Device Data we collect can include the following:

Location Data. We may collect information about your location when you use our websites, mobile applications, and products and services. Your location can be determined with varying degrees of accuracy by your IP address and information about things near your device, such as Bluetooth-enabled devices. The types of location data we collect and how long we store it depend in part on your device and settings. If we collect your precise geolocation data, we will do so only with your consent.

Camera. When enabled, some of our services allow you to set up the services by using the camera on your device to scan a QR code. We cannot access your camera without permission. You can always change our access to your camera by turning off our access to your camera in your device’s settings menu.

Touch ID and Face ID. Some of our products and services may allow you to authenticate using Touch ID and Face ID for Apple devices and Face Unlock and Fingerprint Unlock for Android devices. If you authenticate using Touch ID, Face ID, Face Unlock or Fingerprint Unlock, we are only notified as to whether the authentication was successful and cannot access the Face ID, Touch ID, Face Unlock, or Fingerprint Unlock. You can enable or disable Touch ID, Face ID, Face Unlock and Fingerprint Unlock at any time through your device’s settings menu. 

Usage Data. We may also collect data about your use of our websites, applications, and products and services, including data regarding service configurations and applications utilized in connection with the hosted Service, support data, operational data, log data, logs of your usage and click activities, logs about your login history, identity confirmation, and the performance results for the hosted Service (“Usage Data”). Okta uses Usage Data to: (i) analyze usage trends, (ii) detect, investigate, and combat fraud and cyber-attacks; (iii) detect, investigate, and combat security incidents, and other such deceptive, fraudulent or malicious behavior against Okta or its customers, including taking measures to improve Okta’s overall security posture; (iv) improve service and product functionality; and (v) retain and/or employ another service provider or contractor.

Bug, Error, and Crash Reports. We may also collect data about any problems you experience with our websites, applications, and products and services, including bug, error, and crash reports, which can include Device Data, location data, Usage Data, and user data at the time of the bug, error, and/or crash.   

Ancillary Data. For the Okta Mobility Management product, data collected may include the applications that are installed on your device. Collectively, we refer to this data as “Ancillary Data”. Some of the Ancillary Data, including Usage Data, that we receive is dependent on your organization’s policies and settings and what information it permits to be shared with Okta. Okta uses Ancillary Data to improve security and to provide and improve its products to customers, including to better understand customer behavior in order to create new features and provide threat-related insights for our customers.

Några av dessa produkter som samlar in och behandlar tillhörande data är:

  • Oktas plugin för webbläsare;
  • Oktas skrivbords- och mobilappar (Okta Verify och Okta Mobile); och
  • Oktas konsumentprodukter.

Through the Okta browser plugin, the Ancillary Data we collect includes details about your login session, IP address, user-agent, and the web application name and website address, as well as other information that is not personal in nature. In addition, as part of Ancillary Data, we may collect interaction data about your use of the Okta browser plugin. We use the information collected through the Okta browser plugin for security purposes and to provide features, such as to allow you to better manage your passwords for websites that you visit. 

Diagnostic Data. Some products and services may require, or may be enhanced by, your installation of on-premise software (e.g., agents, device management applications). The on-premise software may collect data about the use and performance of the software, including IP address, username, and host name, which may be transmitted and used by Okta to provide customer support, to diagnose issues with the on-premise software and/or related products and services, to improve our products and services, and/or for the purposes identified in the applicable agreement(s) between Okta and the applicable customer. For example, Okta Advanced Server Access (“ASA”) provides functionality for a customer to generate support bundles, which contain local log files generated by the local software running on the customer’s ASA servers, that the customer can provide to Okta to enable Okta to diagnose issues and provide support.

Metadata. We may collect metadata about you, including technical data about your performance or use of our website, products and services. One common technology we use to collect metadata that may be considered Personal Data is our use of cookies. Cookies are small text files that are placed on your web browser and that help us recognize your browser or device as a unique visitor in different ways based on the type of cookie. The three main types of cookies are: 

Essential cookies. Essential cookies are required for website functionality and security. For example, authentication, security, and session cookies may be required for our website or products to work. 

Functional cookies. We use functional cookies to help enhance our websites’ performance, for market research, or other analytics or advertising that is not tied to a specific individual. For example, we may use Google Analytics to help us track how many individuals visited our websites. We may also utilize HTML5 local storage cookies for the reasons described in this section. These types of cookies are different from browser cookies in the amount and type of data they store and how they store it.

Targeting or advertising cookies. We use targeting and advertising cookies to help us understand our marketing efforts and to reach potential customers across the web. For example, we contract with third-party advertising networks that may track your activity over time and across different channels, including our websites, email activity, and other websites and applications that display advertisements. They may use this tracking information to understand and predict your interests, to display an advertisement for Okta on another website, or email you with a marketing communication for an Okta product. 

If you would like to manage your cookies and your permissions to share data with cookie providers, please visit the section below on Your Information Choices.

A second common technology we use to collect metadata that may be considered Personal Data is beacon technology. We use beacons in our websites and in email communications to you. Beacons provide us with information about your activity and help us to improve our business operations and strategy, such as by understanding our email communications’ functionality and improving our websites and content. For example, if you click on a marketing email we send to you about a new product or service, the beacon will provide signals to us that you and your organization may be interested in learning more. If you would like to manage your email subscriptions with us, please visit the section below on Your Information Choices. 

IV. Hur vi använder personuppgifter

Hur vi använder personuppgifter som vi samlat in beror delvis på hur du väljer att kommunicera med oss, hur du använder våra webbplatser och interagerar med oss, samt övriga val du har angett till oss. I allmänhet använder vi dina personuppgifter i den mån det är nödvändigt för att bedriva vår verksamhet och utföra våra dagliga arbetsuppgifter. Utöver de användningsområden som beskrivits på annan plats i denna sekretesspolicy kan vi använda dina personuppgifter för att åstadkomma följande (och vi har gjort det under de 12 månader som föregick ikraftträdandedatumet för denna sekretesspolicy):

For the purpose of communicating with you about our products and services and facilitate other interaction. We may use your Personal Data, such as contact data, Ancillary Data, and metadata, to send you transactional communications, notices, updates, security alerts, and administrative messages regarding our products and services that may be useful to you and your organization. We will respond to your questions, provide tailored communications based on your activity and interactions with us, and help you use our products and services effectively. We also use Administrator Data to communicate with you for various purposes, including to provide you with account updates (about your subscription, settings, security, billing, feature and product updates, technical issues, certifications, and other similar content). You cannot unsubscribe from non-promotional and transactional communications. For promotional communications, you may manage your communication preferences via your administrator settings, Okta communities, or our subscription center (linked in the Your Information Choices section below).

I vissa situationer kan vi även dela administratörsdata med auktoriserade partner för att kunna ge dig information som är relevant för ditt köp av Okta eller verktyg från andra enheter som kan ansluta till Okta för att uppfylla dina tekniska eller organisatoriska behov.

If you choose to subscribe to alerts, then we will also use your Administrator Data to send you trust alerts, including via SMS (“Okta Alerts”). Phone numbers collected as a part of Okta Alerts SMS subscriptions will not be used for marketing purposes and only shared with service providers as required to carry out the alerts or as otherwise required under applicable law. In some instances, the phone number you use to sign up for Okta Alerts may be the same phone number we use for marketing purposes based on your consent or receipt through a different channel.

For the purpose of supporting safety, security, and manage operations. We use Personal Data, such as contact data, Ancillary Data and other metadata, about you and your use of our products, services, and offices to verify accounts and activity, monitor suspicious or fraudulent activity, assist our customers in their monitoring of suspicious or fraudulent activity, and identify violations of policies regarding the use of our products and services. We may also combine Ancillary Data with other data we receive for safety, security, and to manage our business operations. We also process Personal Data, such as contact data and health data, for security and operations management reasons, such as to register visitors to our offices and carry out related safety measures (including through using our Atmosphere application), including to manage non-disclosure agreements that visitors may be required to sign. We also use Administrator Data to provide our customers with the Okta service, complete transactions, provide support and other service to the customer account, detect and prevent fraud, for audit and compliance purposes, and to comply with applicable law. Okta physically and electronically monitors its offices with access monitoring software and tools, and has on-premise surveillance cameras in order to prevent unauthorized access to our offices and to protect employees, authorized visitors, and our property.

For the purpose of marketing our products and services. We use your Personal Data, such as contact data, Ancillary Data, and other metadata about how you use the products and services to send promotional communications that may be of specific interest to you and your organization, including by email and by displaying Okta marketing communications on other organizations’ websites and applications, as well as on third-party platforms like Facebook, Twitter, and Google subject to laws applicable in your jurisdiction. These communications are aimed at encouraging engagement and maximizing the benefits that you and your organization can gain from Okta’s products and services, including information about new products and features, survey requests, newsletters, and events that we think may be of interest to you and your organization.

For the purpose of analyzing, predicting, and improving results and operations. We use Personal Data to analyze and predict results (such as those arising from our sales and marketing efforts and product usage and consumption), improve the performance of our websites, products and services and customer support, identify potential customers, opportunities, and potential new product areas, ascertain trends, improve our websites’ functionality, improve our security, and provide us with general business intelligence, including through the use of automated means such as machine learning technology. Subject to the laws applicable in your jurisdiction, we may also combine the metadata and usage information collected from our websites with other information to help further the purposes described in the previous sentence. 

For the purpose of managing contests or promotions and customer appreciation. Okta may occasionally run contests or other special promotions or make available opportunities or other tokens of appreciation for customers, and if you register for these, we may process your Personal Data, such as contact information, biographical information, and contract-related data to perform our contract with you. Okta may also use the Personal Data, such as contact data, collected in these contests, promotions, and for customer appreciation as well as to send you gifts or prizes and promotional material about Okta and our partners.

For the purpose of processing payments. We process Personal Data, such as contact information, contract-related data, financial information, biographical information, and payment information to process payments to the extent that doing so is necessary to complete a transaction and perform our contract with you or your organization.

For the purpose of recruiting and hiring. We process your Personal Data, such as contact, job applicant, and biographical data, to assess your application and to evaluate and improve our recruitment system, our application tracking and recruitment activities. We also use your Personal Data to communicate with you regarding your application or opportunities at Okta that appear over time that we believe may be of interest to you. We also use your Personal Data to send you new hire and employee experience information. We may verify your information, including through confidential reference checks and, where allowed, background checks. 

Other purposes for our legitimate interests. Where required by law or where we believe it is necessary to protect our legal rights, interests, or the interests of others, we may use your Personal Data in connection with the management of our business, including but not limited to, for operational purposes and workflow automation, business intelligence (such as to understand subscription consumption and free trial product usage), website and product improvement, legal claims, compliance, regulatory, and audit functions, protecting against misuse or abuse of our products and services, and protecting personal property or safety. For example, we may review compliance with applicable usage terms in our customer contracts, assess capacity requirements for our products, websites, and offices, improve your user experience, respond to requests by you for support or for contact, or identify customer opportunities. If you sign up to participate in specific programs, such as the Okta Ideas forum or other product feedback programs, we may analyze Ancillary Data, including Usage Data, related to your use of our products and Service, along with the data you choose to provide to us through Okta Ideas, to provide you with a better customer experience. Furthermore, we use Administrator Data to provide technical support as described in our documentation and help center, and to improve our products, services, and processes related to providing such support. 

Other purposes with your consent. We may use your Personal Data if you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote our products and services or record phone calls for quality and training purposes, with your permission.

If we process your Personal Data for a purpose other than those set out above, we may provide you with a notice and obtain your consent prior to such processing, where required by us under applicable law in your jurisdiction. 

Rättsliga grunder för behandling av personuppgifter (för Storbritannien och Europeiska ekonomiska samarbetsområdet och andra relevanta jurisdiktioner)

Om du är medborgare i Storbritannien, Europeiska ekonomiska samarbetsområdet (EES) eller i andra relevanta jurisdiktioner samlar vi in och behandlar information om dig endast i en omfattning som stöds av gällande lagstiftning. De rättsliga grunderna beror på vilka produkter eller tjänster som din organisation har köpt från Okta, eller vilka av Oktas konsumentprodukter du använder, som tillämpligt, hur dessa produkter eller tjänster används samt hur du väljer att interagera och kommunicera med Oktas webbplatser och system samt om du deltar i Oktas evenemang. Detta innebär att vi endast samlar in dina personuppgifter i följande fall:

  • Vi behöver det för att kunna förse dig med våra produkter och tjänster, ge kundsupport och anpassade funktioner samt för skydd och säkerhet av våra produkter och tjänster;
  • det uppfyller Oktas legitima intressen (såvida det inte strider mot våra krav på dataskydd eller våra rättigheter), exempelvis för forskning och utveckling, för att ge dig information om våra produkter och tjänster som vi tror kan gagna dig och din organisation samt för att skydda våra lagliga rättigheter och intressen;
  • Du tillåter oss att göra det för ett särskilt syfte; eller
  • Vi behöver uppfylla en skyldighet enligt lag.

Om du har samtyckt till vår användning av personuppgifter om dig för ett specifikt syfte har du rätt att när som helst ändra dig, med förbehåll för avtalsenliga och juridiska begränsningar och rimligt skriftligt meddelande i förväg. Detta kommer inte att påverka någon behandling som redan har ägt rum. När vi använder dina personuppgifter för att vi, eller en annan enhet (t.ex. din arbetsgivare), har legitima intressen till det, så har du rätt att motsätta dig detta. I vissa fall kan detta dock innebära att du inte längre får använda produkterna eller tjänsterna.

In the event that we de-identify any Personal Data for further use, we commit to maintain and use the information in de-identified form and will not attempt to re-identify the information, except for the purpose of determining if our de-identification processes satisfy applicable legal requirements. 

V. Personuppgifter som lämnas ut av Okta och uppgifter som du väljer att lämna ut till andra enheter

Personuppgifter som lämnas ut av Okta

Under verksamhetens gång (och under de 12 månader som föregår ikraftträdandedatumet för denna sekretesspolicy) kan Okta lämna ut personuppgifter enligt beskrivningen nedan.

Service Providers. For all categories of information that we collect, we disclose Personal Data to our service providers for various business purposes, including, but not limited to, auditing interactions with users, debugging our websites, products and services, security purposes, internal research and gleaning insights through machine learning, short-term uses such as credit verification, payment processing, IT services, quality control and safety, gift fulfillment, in-person and virtual event management, as well as to perform other services on our behalf. For example, we may use service providers to help us proctor and score Okta certification exams, or host our customer relationship management system. 

In-person and Virtual Events. If you choose to register for or attend a virtual or in-person event or webinar that we host (such as our Oktane customer conference), enter a contest or raffle with us and a sponsor, or download content (such as a whitepaper) from our website, then we may disclose your contact information, content interest information or other activity data, and any other information, including Personal Data, collected in the course of these activities for commercial purposes to those sponsors. In many cases, you intentionally disclose your details by providing your information to these sponsors through consent via a registration form or by scanning your badge at the applicable sponsor’s booth. Virtual events hosted by third party platforms may also collect additional data from you when you visit their sites. The treatment of this information is subject to each of these other entities’ respective privacy statements. 

Partners and Resellers. We may disclose your Personal Data, such as contact information, business details, and content interest and activity details, to our partners and resellers for business purposes, such as to carry out our business or for joint marketing efforts to reach our customers and prospective customers, subject to laws applicable in your jurisdiction. In many cases, you intentionally disclose your details by providing your information to these sponsors through consent via a registration form. You can review a list of our current partners here. 

Protection of Rights, Security and Fraud Detection. For all categories of data we collect, we disclose your Personal Data for business purposes to protect our customers and users, to secure our physical and intellectual property, and to prevent or investigate security or fraudulent attempts against our users through our platform.

Law Enforcement and Legal Requests. For all categories of data we collect, we may disclose Personal Data to comply with applicable law or to respond to valid legal requests, such as a subpoena, from law enforcement or other authorities.

With our Affiliates, Related to Corporate Transactions, and Provision of Professional Services. For all categories of data we collect, we disclose Personal Data to our affiliates and subsidiaries for business purposes, including any service providers and agents that work on our behalf. For example, we may disclose your Personal Data to support service providers with whom we have in place agreements to protect your Personal Data. We may also disclose your information as required for us to carry out a corporate transaction, such as a merger or sale of assets of all or part of our company. We will also disclose your Personal Data to our professional service providers (for example, our auditors, insurance providers, financial service providers, and legal advisors) as needed for us to run our business.

Platform, Training, and Community Analytics Data. We disclose Ancillary Data, such as metadata (for example, unique identifiers and Usage Data), collected through our platform with analytics service providers for our business purposes, such as to provide a better user experience and improve our products and services. 

Advertising and Marketing. We share your Personal Data, such as metadata and contact data, with third-party advertising and marketing providers, to allow us to better reach our customers and prospective customers, and to sell our products and services, to the extent permitted by laws applicable in your jurisdiction. In some circumstances, we may ask you to consent to directly disclosing your Personal Data with these third parties prior to sharing your Personal Data, such as via a consent banner on our website. For details on your choices with respect this sharing or disclosure, please see Your Information Choices below. For specific details on these companies’ privacy practices, please visit their privacy policies.

Anonymous or De-identified Usage Data. We disclose anonymized or aggregated usage data or security threat information with third parties or the public. For example, this may include disclosing trends regarding organizations’ use of Okta’s products and services to customers and prospective customers in our “Businesses at Work” report. The data disclosed in this category is not Personal Data.

Okta Communities, Help Center, and Other User Generated Content. We make available various community forums and self-help support materials, as well as blogs and other means for you to post information on our websites. This information you post is publicly-available information that you choose to disclose and it may be read, collected, and processed by others that visit these websites. Except for username (which may be your real name) and the details that you choose to include in your profile, the categories of data disclosed in these circumstances will depend on what information you choose to provide.

Recruitment Data. When you apply for a job at Okta, we disclose your Personal Data, including applicant data, biographical information, and other Personal Data we possess to our affiliate companies for business reasons, such as human resource management and internal reporting; our service providers for business reasons, such as the recruitment platform, to verify references and to manage background checks; and law enforcement or government authorities, or as otherwise necessary to comply with law or as needed for the recruitment and human resources process.

Oktas Sociala media-funktioner

Oktas webbplatser kan använda sociala medier-funktioner såsom ”gilla”-knappen på Facebook, ”hjärta”-knappen på Instagram, Twitters dela-funktioner och andra liknande widgets (”Sociala medier-funktioner”). Dessa sociala medier-funktioner låter dig eventuellt lägga ut information om dina aktiviteter på din profilsida på en webbplats via ett sociala medier-nätverk som tillhandahålls av tredje part i syfte att dela innehåll med andra i samma nätverk. Sociala medier-funktioner finns antingen i respektive sociala medier-nätverk eller på våra webbsidor. Om de sociala medier-funktionerna finns i respektive sociala medier-nätverk och du klickar på dessa via vår webbplats så kan dessa sociala medier få information som visar att du har besökt vår webbplats. Om du är inloggad på ditt sociala medier-konto så är det möjligt att detta nätverk kan länka ditt besök på vår webbplats med din profil på sociala medier.

Din interaktion med funktioner på sociala medier omfattas av den sekretesspolicy (och andra tillämpliga villkor) som respektive leverantör av dessa funktioner har.

Produkter och tjänster som är tillgängliga via andra kanaler

Om du besöker Unity Technologies Asset Store för att få åtkomst till en Okta-produkt eller -tjänst, som en del av leveransen av tillgångar via Asset Store, samlar Unity Technologies in personuppgifter i enlighet med dess sekretesspolicy. Om du använder Heroku Marketplace för att få åtkomst till en Okta-produkt eller -tjänst samlar Heroku (Salesforce, Inc.) in personuppgifter i enlighet med dess sekretesspolicy.

VI. Oktas åtgärder för säkerhet

Säkerhet är av högsta prioritet för Okta. Vi har ett omfattande säkerhetsprogram med skriftlig information som består av administrativa, tekniska och fysiska skydd av branschstandard för att förhindra förlust och stöld samt obehörig åtkomst, användning, röjning eller ändring av dina personuppgifter.

Inga säkerhetssystem är dock perfekta och på grund av hur internet är uppbyggt så kan vi inte garantera att data, inklusive personuppgifter, är helt skyddade från intrång eller annan obehörig åtkomst. Du ansvarar för skyddet av dina lösenord och andra autentiseringsfaktorer samt för dina enheters säkerhet.

If you use the Okta online service via a subscription purchased for you by an Okta customer, then that customer is responsible for configuring your instance appropriately. Additional information about security settings and configurations can be found in the documentation related to our online service, including the Trust & Compliance documentation, which is available at https://www.okta.com/agreements.

VII. Internationella dataöverföringar

Your Personal Data may be collected, transferred to, processed, and stored by us in the United States, and by our affiliates, service providers, and third parties that are based in other countries. The addresses of our offices where Okta, Inc. and its affiliates are located can be found online at https://www.okta.com/contact. 

Vissa av de länder där dina personuppgifter kan behandlas, däribland USA, följer inte besluten om adekvat skydd som har fattats av Europeiska kommissionen, din lokala lagstiftare och/eller tillsynsmyndighet och kan sakna dataskyddslagar som är lika omfattande, eller inte ger samma dataskyddsnivå, som de i din jurisdiktion, t.ex. Europeiska ekonomiska samarbetsområdet, Storbritannien och Japan. Till exempel har USA ingen federal sekretesslag som omfattar alla typer av data vid ikraftträdandedatumet för denna policy. Sekretessen regleras dock av federala och statliga organ och av olika statliga lagar. Med hänsyn till regionala skillnader har Okta implementerat olika säkerhetsåtgärder som beskrivs ovan. När vi till exempel delar personuppgifter vidtar vi rimliga åtgärder för att mottagaren av dina personuppgifter ska tillhandahålla en lämplig nivå av dataskydd, till exempel genom att ingå lämpliga avtal som innehåller relevanta dataskyddsbestämmelser, eller så kommer vi i förväg att be dig om ditt samtycke till sådana internationella dataöverföringar.

Auth0, Inc.:s efterlevnad av ramverket för datasekretess mellan EU och USA

Auth0, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Auth0, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Auth0, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Auth0, Inc. commits to resolve complaints about our collection or use of your personal data transferred to the U.S. pursuant to the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU individuals with inquiries or complaints should contact Okta at [email protected]. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, you can refer your unresolved inquiries or complaints to the Data Privacy Framework Services owned and operated by BBB National Programs here.  The services of the Data Privacy Framework Services are provided at no cost to you.  If your DPF Principles-related complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms, as described here. Individuals located in the EEA, UK or in Switzerland with DPF Principles-related inquiries or complaints may email or write to us, using the contact information described in the “How to Contact Okta” section below.

VIII. Barn

Okta’s websites are not directed at children. We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe that your child has provided us with Personal Data without your consent, please contact us by using the information in the “How to Contact Us” section, below, and we will take steps to delete such Personal Data from our systems

IX. Hur länge behåller Okta dina data?

Vi kommer att behålla dina personuppgifter under den tid som är rimlig med avseende på det ursprungliga syftet för datainsamlingen eller under den tid som är nödvändig för att vi ska uppfylla våra juridiska skyldigheter, reda ut dispyter eller följa våra avtal. Vi avgör vilken tid som är lämplig för att behålla personuppgifter genom att beakta mängden, typen och känsligheten av dina behandlade personuppgifter, den potentiella risken för skada genom obehörig användning eller spridning av dina personuppgifter, i vilken utsträckning vi kan nå våra syften på annat sätt än behandling av dessa data samt baserat på gällande lagstiftning (såsom begränsningar enligt lag).

X. Dina val om Information

Dina val om sekretess

In the above sections, we describe how we may collect, use and share your Personal Data for providing relevant content and advertising. Below, we describe how you may unsubscribe, opt out, or otherwise modify settings related to our processing of your Personal Data. 

Direct Email Marketing. If you wish to withdraw from direct email marketing communications from Okta, you may click the “unsubscribe” button included in our emails or:

  • Visit our Subscription Center. Please note, you cannot unsubscribe from critical transactional emails that are related to our provision of our online Service (such as those related to security and your Okta account).
  • For the Okta Talent Community, then you may visit our Talent Community unsubscribe page here.
  • For Okta Consumer Products, you may update your preferences by logging into your account here. 

Direct Marketing – Phone or Postal Mailings. If you wish to withdraw from phone call or postal mail marketing communications from Okta, please request to do so through our form.

Analytics. To opt-out of analytics on our websites, you may adjust your cookie preferences as described below. For more information on how to opt-out of tracking technology from Google Analytics, click here. To opt-out of Marketo’s tracking technology, click here. 

If you are a user of the Okta online service via a subscription purchased for you by an Okta customer, to opt-out of platform-based analytics on an individual level, including participation in the Okta Ideas forum, please contact us at [email protected] or please make a request for this through our form.

Cookie Preferences. To manage the use of relevant advertising and other non-essential cookies, please see details below:

  • We use OneTrust as a service provider to help you manage cookies. Click the following Cookies Settings OneTrust preference center or the Auth0 by Okta Cookie Settings to opt-out of relevant advertising and other non-essential cookies. (You may need to adjust your browser or cookie settings to access if you have already made a choice to accept cookies.)
  • Du kan även ändra inställningarna på din webbläsare för att stänga av cookies som inte är nödvändiga. Var medveten om att ifall du blockerar eller tar bort cookies som inte är nödvändiga så kan det påverka funktioner på vår webbplats.
  • If you came to our websites from personalized advertising, then you may further opt out of interest-based advertising from our advertising vendors through the Digital Advertising Alliance by using the following, applicable link(s): (i) USA; (ii) Europe; (iii) Canada; and (iv) Other regions. 

Observera att val som gäller cookiebaserad annonsering endast gäller för den webbläsare i vilken du gör det valet. Du kommer fortfarande att se reklam, eventuellt även från Okta, även om du stängt av riktad reklam.

Dina rättigheter gällande sekretess

Beroende på din jurisdiktion kan du ha vissa rättigheter med avseende på dina personuppgifter som vi behandlar i vår roll som personuppgiftsansvarig, i enlighet med gällande lag:

Right to Access. You have the right to access your Personal Data held by us. 

Right to Rectification. You have the right to rectify inaccurate Personal Data and, taking into account the purpose of processing, to ensure it is complete.

Right to Erasure (or “Right to be Forgotten”). You have the right to have your Personal Data erased or deleted.

Right to Restrict Processing. You have the right to restrict our processing of your Personal Data. 

Right to Data Portability. You have the right to transfer your Personal Data, when possible. 

Right to Object. You have the right to object to the processing of your Personal Data that is carried out on the basis of legitimate interests, such as direct marketing. 

Right to Opt Out of Sale. You may also have the right to opt-out of the sharing of your Personal Data with third parties for targeted advertising purposes on third-party sites.  As described in Section III above, Okta may use targeted or advertising cookies for our marketing efforts and to reach potential customers across the web. Depending on your jurisdiction (for example, if you are a California resident), you have the right to opt-out of the sale or sharing of your Personal Data by us as a business. Okta shares Personal Data as further described below in Section XI, which may be considered a “sale” of Personal Data under the California Consumer Privacy Act. You may opt out by clicking the “Your Privacy Choices” link at the bottom of our website and selecting your preferences on that page.

Right Not to be Subject to Automated Decision-Making. You have the right not to be subject to automated decision-making, including profiling, which produces legal effects. Okta does not currently engage in the foregoing on our websites or in our products and services. 

Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights as described above.

If you would like to make a request and exercise your rights described above or have questions or concerns, please complete our online form or reach out to us using the contact information below. You also have the right to lodge a complaint with your relevant supervisory authority.

XI. Information för bosatta i Kalifornien/dina sekretessrättigheter i Kalifornien

Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights to understand and request that we disclose details about how we handle your Personal Data. If you would like to learn about our process for verifying requests, including the details that you must provide to us to verify your request, click here. To learn more about how we collect, use, disclose, and share your Personal Data, please see below. 

Typer av personuppgifter som samlas in

In the preceding 12 months, we have collected the following categories of Personal Data about California consumers. We may collect this Personal Data directly from you, from third parties, and from your interactions with us. For additional detail about the Personal Data that we collect and the sources from which we collect this Personal Data, please review Section III above. The Personal Data categories are: 

  • identifierare, t.ex. namn, e-postadress, adress och telefonnummer;
  • typer av personuppgifter som beskrivs i delavsnitt (e) i avsnitt 1798.80, t.ex. adress, telefonnummer, anställning och arbetslivserfarenhet;
  • kommersiell information, t.ex. register över köpta produkter eller tjänster samt andra transaktionsdata;
  • information om aktiviteter på internet eller andra nätverk samt på enheter, t.ex. tekniska data om din användning av vår webbplats, våra produkter och våra tjänster;
  • uppgifter om geografisk plats, t.ex. din ungefärliga plats baserat på IP-adressen;
  • ljudmässiga, elektroniska eller visuella data, t.ex. en del av ett foto eller en inspelning av ett fysiskt eller virtuellt Okta-evenemang;
  • yrkesmässig eller anställningsrelaterad information, t.ex. din arbetsgivare och jobbroll;
  • information om utbildning och uppgifter såsom utbildningshistorik, certifieringar och kvalifikationer;
  • all annan information som du lämnar till Okta i samband med en jobbansökan, t.ex. uppgifterna i ett följebrev, information som lämnas ut i en intervju eller annan information som du frivilligt lämnar under ansökningsprocessen; och
  • slutsatser som dras från den ovanstående informationen.

We may retain this Personal Data for as long as is needed for the purpose(s) for which it was collected and no longer than is relevant and reasonably necessary. Our retention periods vary based on business, legal and regulatory needs. We securely retain records of data requests for at least 24 months as required under the CCPA.  For further information on our retention criteria see Section IX above.

Affärssyften och kommersiella syften för insamling – Utlämning av information i affärssyfte

We may collect all of the above categories of Personal Data to run our business and carry out our day-to-day activities, as described above in Section IV. We have disclosed each of these categories of Personal Data with our service providers for various business purposes, as described above in Section V, in the preceding 12 months. 

We collect and process Personal Data related to job applicants to recruit and hire, assess and evaluate a job applicant’s skills and qualifications, comply with legal obligations, and send information about positions at Okta that may be of interest to individuals.   

Typer av personuppgifter som säljs eller delas för beteendebaserad annonsering i olika sammanhang

In the preceding 12 months, we have disclosed the above categories of Personal Data to third-party advertising partners, such as in connection with our use of tracking technologies for cross-context behavioral advertising or by providing lists of email addresses for potential customers, so that we can reach you across the web with advertisements for our products and services. This may be considered “sharing” or a “sale” under the CCPA. You can read more about our sharing and sales activities above in Section III and Section V. Okta does not have actual knowledge that it sells or shares the personal data of consumers under 16 years of age. 

Typer av personuppgifter som säljs eller delas för jobbsökande

Okta har inte sålt eller delat några personuppgifter som rör jobbsökande, under de tolv månader som föregår ikraftträdandedatumet för denna sekretesspolicy.

Känsliga personuppgifter

Utöver de typer av personuppgifter som anges ovan kan vi samla in vissa typer av känsliga personuppgifter, om du väljer att tillhandahålla dem, i enlighet med definitionen i CCPA. Under de föregående 12 månaderna kan vi ha samlat in följande typer av känsliga personuppgifter från konsumenter i Kalifornien:

  • Social Security Number, körkort, ID-kort i delstat eller passnummer;
  • uppgifter för kontoinloggning, finansiella konton, kontokorts- eller kreditkortsnummer i kombination med nödvändiga säkerhets- eller åtkomstkoder, lösenord eller autentiseringsuppgifter som ger åtkomst till ett konto;
  • exakt geografisk plats;
  • etniskt ursprung, religiös tro, filosofisk övertygelse eller fackföreningsmedlemskap;
  • innehållet i din e-post och dina textmeddelanden, såvida inte vi är den avsedda mottagaren av kommunikationen;
  • biometrisk information för unik identifiering;
  • hälsoinformation; och
  • information om sexliv eller sexuell läggning.

Typer av känsliga personuppgifter som har lämnats ut

In the preceding 12 months Okta has not sold or shared any Sensitive Personal Data; however, we may have disclosed your Sensitive Personal Data to service providers for business purposes as further described in Section V above and as set forth below. 

Business Purposes For Which Sensitive Personal Data will be Used or Disclosed We may collect the categories of Sensitive Personal Data listed for processing job applications and the purposes as further described in Section IV above, and to further our legitimate business purposes as outlined under the CCPA:

  • utföra tjänster, inklusive att underhålla eller serva konton;
  • upptäcka och förebygga säkerhetsincidenter;
  • skydda mot skadliga, vilseledande, bedrägliga eller olagliga handlingar och väcka åtal mot ansvariga;
  • revision relaterad till konsumentinteraktioner;
  • kortvarig och övergående användning;
  • säkerhetsunderhåll för att garantera kvalitet eller verifiering;
  • intern forskning gällande teknisk utveckling; och
  • debugging to identify and repair functionality. 

Dina rättigheter

CCPA ger dig vissa rättigheter beträffande de personuppgifter som vi samlar in om dig:

Right to Know About Personal Data Collected, Disclosed, or Sold. You have the right to request to know what Personal Data we collect, use, disclose, share and sell about you.

Right to Request Deletion of Personal Data. You have the right to request the deletion of your Personal Data collected or maintained by us as a business.

Right to Opt-Out of the Sale or Sharing of Personal Data. You have the right to opt-out of the sale of your Personal Data by us as a business. Okta shares Personal Data as described above, which may be considered a “sale” of Personal Data under the CCPA. 

You may opt out by clicking here “Your Privacy Choices” link at the bottom of our website and selecting your preferences on that page. You may also opt out by broadcasting an opt-out preference signal like the Global Privacy Control (GPC), but please note that this signal will be linked to your browser only. If you wish to learn more about the GPC and how to use a browser or browser extension incorporating the GPC signal, you can visit the GPC website here.

Right to Limit the Use and Disclosure of Sensitive Personal Data.  In some instances, we may use or disclose your Sensitive Personal Data for the legitimate business purposes as outlined under the CCPA, and for any other purposes as set forth in Section IV, above.  If we ever use or disclose your Sensitive Personal Data for a reason other than the legitimate business purposes as outlined under the CCPA and for any other purposes other than those described in Section IV, we will update this Privacy Policy and provide you with instructions to limit the use and disclosure of your Sensitive Personal Data.

Right to Correct Inaccurate Personal Data.  You have the right to request the correction of your Personal Data if it is inaccurate and you may submit a request as further described below.

Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA. 

Authorized Agent. You may designate an authorized agent to make a request under the CCPA on your behalf. We may require the agent to demonstrate proof of their authorization by providing us with a signed permission from you or a copy of your power-of-attorney document granting that right. In the case of the former, we may still request that you verify your own identity as described above or directly confirm that you have provided such permission. 

Financial Incentives. We do not provide any financial incentives tied to the collection, sale, or deletion of your Personal Data.

If you would like to make a request and exercise your rights described above, please complete our online form, or contact us via the telephone number listed in the section below

XII. Så här kontaktar du Okta

If you would like to contact us with questions or concerns about our privacy policies and practices, you may contact us via any of the following methods: 

Online Form: Click here.

Email: [email protected]

Toll-free Number (USA): 888-655-1161 

Postadress:

Okta, Inc. (including its subsidiary, Auth0, Inc.)
ATTN: Okta Data Protection Officer (Okta Privacy Team)
100 First Street, Floor 6
San Francisco, CA 94105
USA

Okta UK Limited
ATTN: Okta Data Protection Officer (Okta Privacy Team)
20 Farringdon Road
ECIM 3HE
United Kingdom 

Okta Japan K.K.
ATTN: Okta Data Protection Officer (Okta Privacy Team)
Hikarie 30F
2-21-1 Shibuya
Shibuya-ku, Tokyo 150-8510, Japan
A representative director for Okta in Japan is Takashi Watanabe.

Tillgänglighet

If you are not able to access our form, you may request that a copy be provided to you in an alternative format by calling 888-655-1161 (USA toll-free) or by emailing [email protected].

XIII. Förändringar av denna policy

Denna sekretesspolicy kan komma att uppdateras då och då för att avspegla förändringar i våra rutiner, vår teknik, ytterligare faktorer och för att efterleva dataskydd, sekretess och principer enligt gällande lagar samt i övriga juridiska krav. Om vi gör en uppdatering så uppdateras det ”ikraftträdandedatum” högst upp i denna sekretesspolicy. Om vi gör en materiellt signifikant uppdatering så kan vi meddela dig innan ändringarna träder i kraft, exempelvis via vår webbplats eller den e-postadress som du uppgivit.

For the January 01, 2023 archived Privacy Policy, please visit https://www.okta.com/privacy-policy/2023-01-archived/

Top of Page