Qlik Product Privacy Notice

How Qlik manages privacy in its products

Qlik realizes that privacy is a significant priority for customers and users of our offerings. Qlik takes our privacy obligations seriously and adheres to data privacy laws, including by implementing both security-by-design and privacy-by-design practices in our products, as well as our development processes. We believe in communicating in an open, transparent manner about the ways in which user data is collected and used, in particular any personal data relating to an identifiable person (“Personal Data”), and respecting customers’ and users’ choice and control over their Personal Data.

  1. Scope of this Notice

  2. Qlik product deployment options

  3. Qlik Cloud

  4. Qlik Client-Managed Deployments

  5. Sharing of download/usage/consumption data

  6. Qlik as a Data Processor on behalf of customers

  7. Qlik Anonymous Access

  8. Qlik applications for mobile devices

  9. Privacy compliance at Qlik & other information

  1. Scope of this Notice


    This Qlik Product Privacy Notice (the "Notice") addresses how Personal Data is processed by QlikTech International AB and its affiliates, including our Talend affiliate companies (“Qlik” , “we” , “us” , “our”) within the Qlik product portfolio. Specifically, this Notice:

    1. informs users of our products about Personal Data collection and use from their use of our products, in our capacity as Data Controller (as defined under applicable privacy laws, such as the EU GDPR);

    2. describes, in general terms, our role as a Data Processor (as defined under applicable privacy laws, such as the EU GDPR) where we may process customer data on a customer’s behalf (“Content Data”). This Content Data may include, if the customer chooses to include in it, Personal Data. If your organization has a written agreement with us governing our processing of Content Data containing Personal Data, such as the Qlik Data Processing Addendum, then that agreement applies with regard to its subject matter.

      For privacy information relating to our other activities, such as our websites, please see the Qlik Privacy & Cookie Notice.

  2. Qlik Product Deployment Options

    Customers may choose to deploy our products (i) on-premise or on customer's cloud provider of choice (in either case, "Client-Managed Deployment"), or (ii) by utilizing a cloud hosted solution provided and managed by us (“Cloud Products”). Some of our products may be deployed as a Client-Managed Deployment and as Cloud Products. Further information regarding deployment options for our products can be found on https://help.qlik.com/, help.talend.com, and Community. For confirmation of how you deployed our products, you should contact your organization's systems administrator/IT department.

  3. Cloud Products
    1. What user Personal Data is processed by us when a user uses Cloud Products?

      1. Personal Data: We are the Data Controller of user Personal Data collected and processed by us to administer, maintain and improve our products and services. The relevant Data Controller will be the Qlik entity with whom your organization contracts. When using our Cloud Products, user data processed may include (i) license/tenant activation and consumption data, (ii) authentication data such as usernames and passwords (e.g., when using Qlik Account, however less data, such as a token is received by us when the customer uses their own IdP), (iii) technical data from interacting with Cloud Products, such as IP address, (iv) usage data such as frequency of log-in, feature usage, usage per day, etc. and (v) contact data, such as work email, for example when a user is invited into a tenant. Such data may be provided directly by you, or by others within your organization (e.g., when a colleague uses your work email to invite you into a tenant). Such data may be Personal Data where it is associated with or contains your name or other identifiers. You may also provide contact details (e.g., name, work email, work phone number, employer organization, job title), for example when completing a feedback form or otherwise contact us in-product.

      2. Uses of Personal Data: We process Personal Data described above for the uses set out below.

        1. Operate Cloud Products: We may process your Personal Data to ensure the availability and quality of Cloud Products (e.g., authentication) and to monitor consumption (e.g., licenses) for customer consumption management purposes. We do this to carry out our contract with you/your organization under the applicable terms.

        2. Provide Services: We may process your Personal Data to provide you with services, such as Support and/or Consulting services. We do this to carry out our contract with you/your organization under the applicable terms.

        3. Customer success & adoption: We may process your Personal Data for customer success purposes to assist customers and users in improving their use of Cloud Products, for example by making tailored suggestions and delivering insights to customers/users based on their interaction with our offerings. We may also use this data to enhance conversations with existing customers by providing our account teams with greater context and background regarding how customers deploy and use our offerings. We do this to carry out our contract with you/your organization under the applicable terms and for our legitimate business interests in ensuring customers improve/maximize their use of our offerings.

        4. Communication: We may process your Personal Data to contact you, such as in relation to errors, or if you complete a feedback form in the product and ask to be contacted by us. We process Personal Data for this purpose for our legitimate interest in reviewing your submission and to fulfil/respond to your request.

        5. Improve our offerings: We may process your Personal Data to analyze your use of our products and services (e.g., reviewing trends and which features are popular) to improve these. We do this for our legitimate interest in improving our offerings.

        6. Security & compliance: We may process user Personal Data for our legitimate interests in ensuring the security of our offerings, for example to monitor for suspicious activity, and for compliance purposes, such as to review compliance with the applicable usage terms (e.g., validate licensed user numbers) and to comply with our legal obligations (e.g., regarding restricted/denied party lists).


      While certain uses of Personal Data may require it to be individualized (e.g., for authentication), we typically remove Personal Data identifiers where the data is used for other purposes (e.g., when using statistical data to analyze usage trends to improve our offerings). Qlik may also collect and/or create telemetry and non-Personal Data usage information relating to our offerings to operate as well as improve our services, and, where relevant, administer capacity-based pricing.

    2. When are we a Data Processor of customer Content Data within our Cloud Products?
      Subject to our Data Processing Addendum, we would be a Data Processor of any Personal Data within Content Data of a customer while it resides within our Cloud Products. For further information, please see Section 6 below.

    3. Where are Cloud Products hosted?
      Customers can choose at the time of tenant creation the region of their Cloud Product tenant, and consequently, where their Cloud Content Data will reside. Please see our Subprocessor List for a list of tenant locations by Cloud Product offering (Qlik Cloud, Talend Cloud and Stitch).

    4. Can I choose to keep my Cloud Content Data in my region (e.g., can EU customers ensure their Content Data does not leave the EU)?
      When you create a new Cloud Product tenant, you can select any of the respective available regions to store your Content Data (e.g., apps), such as the EU. Customers maintain control over and are responsible for the access to and disclosure of their Content Data, through permissions and access granting. Please note that certain Content Data may be visible to users within your organization that you have chosen to grant heightened access to (i.e., admins). For further information, please see https://help.qlik.com/, help.talend.com, Community resources regarding permissions/roles. While customer Cloud Content Data is hosted in the selected region, Cloud Content Data will leave your region if you:

      1. share/transmit your Content Data with users outside your region, e.g., invite into your tenant a colleague in a different region or use our data movement features to move your data to another place such as a cloud storage of yours in another region; and/or

      2. invite into your tenant or otherwise share/transmit your Content Data with our team members to perform Qlik services, such as Qlik Support or Consulting. For further information, please see Section 6 below.


      For queries relating to international transfers of customer Content Data and Qlik’s approach to the Schrems II decision, please see our Schrems II FAQ.

  4. Client-Managed Deployments

    What data is sent to us by virtue of a customer using a Client-Managed Deployment?
    1. License Activation:

      1. Qlik Data Analytics products: When a Client-Managed Deployment is implemented for Data Analytics products, it may be activated using a License Enabler File (LEF) or Signed Licence Key (SLK). As part of the activation process, the user is required to provide information such as license key number, owner organization and owner (activator) name to us via the applicable Client-Managed Deployment for verification and forensic purposes. This information, together with other product-specific non-Personal Data (e.g., product version, user agent) and the IP address of the device initiating the activation request, is transmitted from the Client-Managed Deployment to us at the time of initial activation and on such future occasions when the product needs to download an updated LEF file (e.g., when additional purchased user licenses are activated). Customers may use one of two systems to activate licenses; Signed License Key (QLS) method or the Serial/Control Number. More information regarding QLS can be found here. For licence/entitlement purposes, we may also receive basic Personal Data (e.g., username, work email, IP address) of the user. QLS periodically sends us license usage metrics data (for more information please see here). As part of this process, we receive IdP names of users (which may not be Personal Data, however the content of these is controlled by the customer), which we immediately anonymize in order to quantify and audit licence usage.

        We process licence data to (i) deliver our offerings and manage our relationship and contract(s) with our customers (e.g., licence forensics, quantification and audit), (ii) provide our services (if relevant), and (iii) for customer success purposes to assist customers and users in improving their use of our products. Our lawful bases for processing this information are to carry out our contract with you/your organization under applicable terms and for our legitimate interests in managing access to and improving our offerings and customers’ use of these.

      2. Qlik Data Integration products: To activate a Client-Managed Deployment of a Data Integration product a license document provided with purchase needs to be locally registered with the product. The license document identifies technical details, such as machine or network restrictions and the name of the licensed organization unit. No information (including Personal Data) is transmitted to us in this process.

      3. Talend Products: When a Client-Managed Deployment is implemented for Talend suite products, a license document that is provided must be downloaded and locally registered. The license document identifies technical details, such as software edition and capabilities, number of users, and the name of the licensed organization unit. Talend suite products may be activated using a Talend Installer or by manually installing the products. More information on how to activate a Client-Managed Deployment of a Talend suite product can be found here. The licensing process does not send any data to Qlik other than for Talend Cloud Data Catalog, which requires the customer to send the hosts file of the machine on which the product is installed.


        We process license data to (i) deliver our offerings and manage our relationship and contract(s) with our customers (e.g., license forensics, quantification and audit), (ii) provide our services (if relevant), and (iii) for customer success purposes to assist customers and users in improving their use of our products. Our lawful bases for processing this information are to carry out our contract with you/your organization under applicable terms and for our legitimate interests in managing access to and improving our offerings and customers’ use of these.

    2. Authentication: Authentication is a process that happens on a per-user basis, once per usage session. Once logged in, the user does not have to authenticate again until the session that tracks the user has timed out or the user chooses to actively log out. The purpose of this authentication process is to verify the identity of the user for governance purposes. Authentication differs from authorization; authorization determines what the user, once authenticated, can see or do (as determined by the customer’s system administrator (“Admin User”)). We do not receive this data for Client-Managed Deployments.

    3. Usage Data: 

      1. Qlik Sense: For Qlik Sense Enterprise deployed as a Client-Managed Deployment, Qlik may collect system data about your installation of Qlik Sense ("Installation Data") and user metrics ("Usage Data"). Installation and Usage Data are stored in a tool called Qlikmetrics which uses cookies. In case of internet connection loss, tracked events are saved locally and resent when the user later regains connectivity.

        Type of Qlikmetric

        Example

        When sent to Qlik?

        Installation Data

        System data such as CPU, RAM, language setting, operating system and version, Qlik product version, screen size and resolution.

        On each install, version upgrade or repair

        Usage Data

        User behaviour data within Qlik Sense applications such as mouse movements, what options are clicked, actions taken by the user, visited areas in the product, view states (analysis, edit, insights), features used or not used.

        In real time


        We use Qlikmetrics for analytics purposes so we may better understand the technical environments in which our software is installed and the behavior of users in our products so that we may optimize, support and improve our offerings. Qlikmetrics is identifiable on a customer (i.e., company name) level but is generally anonymized on an individual (user) level (with the only unique identifier typically being IP address) and is analyzed on a macro, statistical (deidentified) basis only. Users have the ability at the time of installation/upgrade to opt out of Qlikmetrics. Thereafter, users can later opt out if they so wish by changing the setting in the Qlik Management Console ("QMC"). Further, Admin Users, on behalf of their entire organization, can opt out their entire organization by changing the setting in the QMC. We process any Personal Data within Qlikmetrics for our legitimate interest in improving our offerings.

      2. Talend Products: For products within the Talend product suite deployed as a Client-Managed Deployment, we may periodically collect system data about your installation ("Installation Data") and user metrics ("Usage Data") using our Usage Data Collector within Talend Studio and Talend Administration Console. Usage Data Collector receives non-Personal Data (e.g., operating system data, license type, type and number of CPUs, projects, and active users) identifiable on a customer (i.e., company name) level but is generally anonymized on an individual (user) level and is analyzed on a macro, statistical (deidentified) basis only. Usage Data Collector is turned on by default. For more information on how each user can modify Usage Data Collector preferences, please see here. In case of internet connection loss, tracked events are saved locally and resent when the user later regains connectivity. We use Installation Data and Usage Data for analytics purposes so we may better understand the technical environments in which our software is installed and the behavior of users in our products so that we may optimize, support and improve our offerings. We process any Personal Data within Installation Data and Usage Data for our legitimate interest in improving our offerings.

    4. Log Files & Support data

      1. What are Log Files?
        Client-Managed Deployments collect operational data, consisting largely of non-personal statistical, demographic and usage data generated by the products, in log files ("Log Files") that can later be used for auditing, monitoring and troubleshooting. These Log Files may include metadata such as user IDs, which could contain basic Personal Data.
        While the content of the Log Files varies significantly depending on customer-specified logging configurations, it often includes information of servers, network addresses, databases, tables and similar technical data. When the highest level of logging is enabled within our products, the Log Files may contain fragments of the data processed by the products, including Personal Data.

      2. Are Log Files sent to us?
        Typically, no. Log Files are saved locally within the customer Client-Managed Deployment. However, a customer can send Log Files and other data to us to assist with troubleshooting/support issues. Any data sent to our Support is processed only to resolve the support issue, is kept securely and is subject to our access and data retention policies. We recommend that our customers treat Log Files and any other data content sent to us for troubleshooting/support issues in accordance with IT best practices pertaining to security and access permissions. For further information on our role as a Data Processor on behalf of customers for Support Content Data, please see Section 6 below.

        Where a customer uses offline mode for QLS, the customer is required to periodically send Log Files to Qlik to identify the number of users of the licenses. Most product Log Files when provided to us do not contain any Personal Data; they typically contain technical data such as server and network information. In line with data minimization best practices, Customers should review any Log Files or similar transmissions before sending to us to remove any Personal Data or other sensitive content. In the event that we receive Personal Data content within Log Files for user number verification, we process this data pursuant to our contract with you/your organization under the applicable terms and for our legitimate interest in auditing licence numbers. Client-Managed Deployments may be configured via administrative settings to adjust what data is captured in their Log Files. Documentation on Log Files by product type is available on https://help.qlik.com/, help.talend.com, Community.

  5. Sharing of download/usage/consumption data

    For all deployment methods, we may share with your organization/employer your usage/consumption (e.g., licence activation, data amount) and download (e.g., patch) data relating to our offerings in order to assist your organization in managing such offerings. We may also share such information with our affiliates to perform our services and/or operate our products, as well as with third party service providers in order to operate our business. Finally, where your organization has purchased our offerings through one of our partners, we may share such data with that relevant partner to manage our relationships with your organization, the relevant partner, and to aid the direct relationship between your organization and the relevant partner. For further information sharing of Personal Data, please see the Qlik Privacy & Cookie Notice.

  6. Qlik as a Data Processor on behalf of customers

    The information below describes when we are a data processor on behalf of our customers. If your organization is a party to the Qlik Customer Agreement (“QCA”), this incorporates our Data Processing Addendum which, subject to its terms and receipt by us, enables your organization to provide us with Personal Data within your Content Data to process on your organization’s behalf, both for Cloud Products and/or Qlik services, such as Support or Consulting.

    1. Cloud Products:

      1. Cloud Product Content Data: We are the Data Processor of Personal Data within customers’ Content Data while it resides in our Cloud Products, subject to our written agreements. Cloud Products are a no-view service, with customer Content Data, and any Personal Data within it (and access to it) decided and controlled by the customer. Further, certain Cloud Products offer functionality in a hybrid cloud/on-prem format, whereby functions are executed from the Cloud Product, but Customer Content may remain on-premise for the customer (e.g., Talend Hybrid-Cloud Deployment). For further information please see the QCA and Qlik Data Processing Addendum.

      2. Cloud Data Integration and Hybrid-Cloud Deployments: Customers may use Qlik Cloud Data Integration (such as Data Movement) or select Hybrid-Cloud Deployments to stream and/or transform Content Data from on-premise or in a client-managed cloud to our Cloud Products or another 3rd party cloud destination of the customer's choosing. Such Content Data may be transferred and/or transformed (such as via a landing zone, managed and controlled by the customer) to make it analytics-ready and usable with our offerings. Content Data streaming via Qlik Cloud Data Integration or Talend Hybrid-Cloud Deployments is configured and triggered by the customer. We will only host the Content Data (and be a Data Processor of any Personal Data within it) transferred or otherwise processed by Qlik Cloud Data Integration or Talend Hybrid-Cloud Deployments if (a) the destination chosen by the customer is our Cloud Products, or (b) where the customer configures Qlik Cloud Data Integration or the select Talend product to temporarily route the Content Data via our Cloud Products (and only while it is within our Cloud Products). Further information regarding Qlik Cloud Data Integration and Talend Hybrid-Cloud Deployments is available on www.qlik.com and here.

      3. Cloud Product Content Data Access and Use by Us: For Cloud Products, customers and their users control who has access to their Content Data shared through their personal spaces and tenant, which may be controlled via the customer’s identity provider (e.g., IdP). Under our policies and controls and subject to our legal obligations, our team members do not access a customer's Content Data in their Cloud Product tenant unless (a) the customer/user actively shares it with someone at Qlik by invitation into the tenant (e.g., for Consulting or Support services), or (b) the customer/users removes such Content Data from the Cloud Product and otherwise sends it to us (e.g., in a Support ticket on Community). Only a specific, limited group of our employees can access individual user Cloud Product Content Data to troubleshoot, following an explicit invitation by the customer, and only under strict controls. For select products, Customers may also choose to utilize our Customer Managed Key feature, meaning that the customer holds the encryption key to their tenant.

      4. Data Retention of Content Data: Users may at any time during their subscription delete their Content Data. Once deleted by the user, all information hosted by us in that application is deleted, with back-ups deleted after a period of time in line with our internal data retention rules. For dormant Content Data (i.e., applications within accounts that have been inactive for over 12 months), we may delete such Content Data. Likewise, Cloud Product accounts that are inactive for more than 12 months may be deactivated by us.

    2. Qlik Client-Managed Deployments
      We are not typically a Data Processor for customers of Client-Managed Deployments. This is because any Content Data a customer chooses to put into or create in the Client-Managed Deployment stays on the customer's system(s). We do not host, access or otherwise process this Content Data; therefore, the customer, and not Qlik, is the Data Controller (and the Data Processor, where relevant) of this Content Data in data protection law terms. It is therefore not typically necessary for customers to enter into a data processing agreement with us for Client-Managed Deployments, unless the customer wishes to share with us for our Services (see 6 C below) Content Data containing Personal Data elements.

    3. Qlik Services
      When we provide Support or Consulting services to a customer, customers may choose to share Content Data (from Cloud Products or a Client-Managed Deployment) with Qlik, which may contain Personal Data. Such sharing, and whether the Content Data contains any Personal Data, is at the discretion and control of the customer. Personal Data aspects within Content Data, in particular for our Support, should be anonymized or minimized by the customer as per privacy law data anonymization/minimization best-practice prior to sharing with us, for example before upload to the support portal on our Community.

      Please note that Content Data provided to us for Support or Consulting services may leave the customer’s region. This is because, while our Support is generally provided in-region to customers, our Support model is 24/7/365 (“follow-the-sun”) in order to provide continuous support to our customers. As such, Support tickets may be dealt with by our team members outside the customer’s region and Support Content Data may be stored/accessible outside of the customer’s region. For our Consulting, while our Consulting team members tend to primarily service customers in the same region, again to best serve our customers, we may rely on Consulting resources and systems outside of the customer’s region. Further information is available in our Schrems II FAQ.

      We use third party subprocessors in relation to Cloud Products and Support and Consulting services. You can find a list of our subprocessors on Qlik Community found Subprocessor List. Our responsibilities relating to subprocessors are set out in our Data Processing Addendum.

  7. Qlik Anonymous Access


    Qlik Anonymous Access enables customers to embed Qlik Analytics applications directly on their website(s) for their web visitors to interact with. Though Qlik cannot personally identify those web users, Qlik processes IP addresses of such web users for information security purposes (e.g., to protect the service from malicious attacks), to ensure compliance with export controls laws and to manage the service generally (e.g., gauge traffic). Such IP address data is typically deleted within 30 days. As Qlik does not have a direct relationship or interaction with such web users, customers are responsible for presenting (e.g., in their own privacy notice) the information in this paragraph to such users (e.g., by hyperlinking to this Qlik Product Privacy Notice).

  8. Qlik applications for mobile devices
    1. Analytics & Diagnostic Data: Our mobile applications for mobile devices available through device stores and other sources (collectively, "Qlik Mobile App(s)") may collect and send to Qlik analytics data and/or diagnostic data. Analytics data is data about the usage of features within Qlik Mobile Apps and users can deactivate this analytics data collection in the Qlik Mobile App settings. Qlik may collect analytics data so that Qlik can optimize, improve and promote its products. This analytics data does not include Content Data but may include a user ID (which is anonymized when such data is used for feature/usage analytics purposes). Qlik processes this data for our legitimate interest in improving our offerings. Diagnostic data can be sent by Qlik Mobile App users to Qlik and is not collected automatically by us. This takes two forms: simple diagnostic data and detailed diagnostic data. Simple diagnostic data includes errors, warnings and info messages. Detailed diagnostic data also includes de-bugging information. Neither simple nor detailed diagnostics includes any Content Data and they do not include any Personal Data. Users can activate or deactivate the "detailed" form of diagnostics in the Qlik Mobile App settings. Qlik will not receive any diagnostics data unless a user actively sends this to Qlik, such as by contacting Qlik Support. Qlik processes any diagnostics data to provide technical support and improve Qlik Mobile Apps.

    2. Sharing of Content Data within Qlik Mobile Apps: Qlik Mobile Apps may download customer Content Data from relevant customer Qlik data sources (e.g., Qlik Cloud, Client-Managed Deployments) onto their relevant Qlik Mobile App on their device. Authentication and authorization to such data is controlled by customers and their users. Qlik cannot access Content Data within a user’s Qlik Mobile App and Qlik will not receive such content unless explicitly shared by the user with Qlik. Depending on the location of the customer user device and use of certain features, such as push notifications, such Content Data stored in the Qlik Mobile Apps may leave the relevant region of the customer.

  9. Privacy compliance at Qlik & other information
    1. Privacy-By-Design and Privacy-By-Default in products: We have implemented Privacy-By-Design and Privacy-By-Default protocols that take privacy concerns into account as a native component of its R&D/Product development process. One example of this is the way Qlik Sense addresses access rights to Qlik applications ("apps") created within the platform: unless the creator of the app or someone with administrator rights affirmatively grants access to the app to other users, by default only the creator of the app will have access to it.

    2. Lawful bases for processing: We will only collect Personal Data where it is necessary to perform the relevant processing activity and will ensure it is protected by suitable access, retention and other controls. We process Personal Data as a Data Controller in compliance with privacy laws and use Personal Data described in this Notice chiefly to provide, maintain and improve our offerings, as well as to comply with legal requirements. The lawful bases under which we process any Personal Data are outlined above, such as to carry out our contracts (e.g., deliver and administer our offerings), our legitimate business interests (e.g., to improve our offerings, to protect our legal or proprietary rights) and/or to comply with legal obligations (e.g., ensure lawful use of our offerings). We may also process Personal Data for other reasons permitted or required by applicable law.

    3. Security: Cloud Product Content Data is encrypted. Security details of Cloud Products are further set out in our Cloud technical overviews and information relating to our security program can be found on our Security Trust pages here and here.

    4. International Data Transfers: For Personal Data which we are a Data Controller of, Qlik has in place relevant agreements and protections to protect Personal Data. These may include, for example, data protection agreements supplemented, where necessary, by additional protections such as the UK/EU Standard Contractual Clauses to ensure the lawful transfer of Personal Data by Qlik within our international group of companies and with relevant third parties (e.g., service providers). The U.S. operating affiliates of the Qlik group comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. These affiliates have certified to the U.S. Department of Commerce that they adhere to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. These affiliates have certified to the U.S. Department of Commerce that they adhere to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. These affiliates commit to subject to the DPF Principles all personal data received from the EU, UK, and Switzerland in reliance on the relevant DPF. If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/. To view Qlik’s Data Privacy Framework Policy, please visit: https://www.qlik.com/us/legal/legal-policies. For our measures in relation to Personal Data for which Qlik is a Data Processor (e.g., subprocessors), please see our customer Data Processing Addendum.

    5. Further Privacy Information: For further information relating to security, the sharing of any Personal Data, data retention, how we protect Personal Data, children's privacy, as well as data subject rights, please see our Qlik Privacy & Cookie Notice and Trust resources.

    6. Contact: Qlik’s Data Protection Officer and privacy team may be contacted at privacy@qlik.com or through the contact details provided in our Qlik Privacy & Cookie Notice.


Legal Information:

The information in this Notice is accurate as of October 14th, 2024. Qlik reserves the right to make changes from time-to-time to the privacy practices of its products and services and you are encouraged to check this Notice for future updates. This Notice may also be supplemented by further privacy disclosures made available at the time of collection/processing. This Notice is for information purposes only and does not form part of customer contractual terms.