Medallia Ideas Privacy Policy

Key things you need to know:

  • We use your personal information to provide the services to you and manage your registration, complaints and queries.
  • We never sell your personal information to third parties.
  • We do use cookies on our Site. You will see a consent pop up when you visit our Site and can disable them through your browser settings.
  • Community Owners may include their own Community Specific Privacy Policy for their Community which sets out information about how they may also use your personal information.
  • We store your personal information in Europe.
  • Remember that when you post to a Community, other people will be able to see it.

This Privacy Policy sets out the way in which we use any personal information that is collected from you whilst using, the Medallia Ideas (formerly known as ‘Crowdicity’) platform (together the "Site") and 'Communities' accessed through it.

You are provided with access to this Privacy Policy when you register with us and it is available on our Site at all times. Sometimes, the owners of individual Communities (“Community Owner”) will include their own privacy policy which explains the way in which they may also use your personal information as a result of your participation in their Community (we call this a “Community Specific Privacy Policy”).

References to "us"/"we"/"our" in this Privacy Policy means Medallia, Inc., 575 Market Street, Suite 1850, San Francisco, CA 94105.

  1. What personal data does Medallia Ideas collect?
    1. Personal Information means information that identifies you personally such as your name, photo or contact details or data that can indirectly identify you or be linked with such information in order to identify you.
    2. Your personal information is collected:
      1. When you register for a Medallia Ideas account. We collect name, user name, email, password, city, country, time zone, language, bio information, information on skills/expertise, social media account profile URLs (Twitter, Facebook, LinkedIn, Instagram, Google+), profile image, interests, etc.
      2. When you register for a specific Community. Specific information may be captured by a Community Owner.
      3. When you submit a form to us. For example to see a web demonstration or a general enquiry.
      4. From your activity. For example traffic data which shows usage of the Site and Communities, ideas you are contributing, the categories you are posting ideas in, users you follow, comments you make and ideas you vote for or list as your favourite).
      5. From time to time through other forms we may ask you to fill in to provide additional information, for example when you sign up to a specific Community.
  2. What does Medallia Ideas use your personal information for?
    1. We use the personal information in the following ways:
      1. To maintain your account and registration which we need to do to provide the services to you. We can’t provide the services without this.
      2. To investigate and address queries, questions and complaints and respond to any feedback. This is necessary and for our legitimate interests in providing a responsive service to our customers.
      3. To update you on any changes to our platform and services this is necessary and for our legitimate interest to ensure you are kept informed about any changes to the services we provide you.
      4. To understand how the Site and Communities are used and for the general research purposes. We use this data in an aggregate and anonymised form.
      5. If you are a paying customer, for credit referencing purposes to check your details and identity with fraud protection agencies to prevent fraud, to help us make decisions about credit and credit related services, to trace debtors, recover debts and manage your accounts. This is in our legitimate interest to protect our business from fraudulent activity.
    2. Where we rely on legitimate interest as a ground for processing your personal information, we carry out a ‘balancing test’ to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing. We keep a record of these balancing tests. You have a right to the information contained in these balancing tests on request, and can find out more by contacting us using the details below.

  3. How long does Medallia Ideas retain my personal information for?
    1. We only retain your information for as long as is necessary for us to use your information as described above, where it is in our legitimate interest, or to comply with our legal obligations. However, we retain some of your information after you cease to use our services, for instance if this is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes.
      When determining the relevant retention periods, we will take into account factors including:

      1. our contractual obligations and rights in relation to the information involved;
      2. if you are a member of a Community;
      3. legal obligation(s) under applicable law to retain data for a certain period of time;
      4. our legitimate interest where we have carried out a balancing test;
      5. statute of limitations under applicable law(s);
      6. (potential) disputes;
      7. if you have made a request to have your information deleted; and
      8. guidelines issued by relevant data protection authorities.
    2. Otherwise, we securely erase your information once this is no longer needed.
  4. Who can see and access my personal information?
    1. If you contribute to a Public Community, this means that your profile and what you post there (including who you choose to follow and what you have voted for) can be seen by other users including people just visiting that Community.
    2. If you are contributing to a Private Community, your profile and what you post there (including who you choose to follow and what you have voted for) can only be seen by the Community Owner and other users who have been granted access to participate in that Private Community.
    3. We pass your personal information to: (i) suppliers, such as technology services firms, in order to enable us to provide the services to you (these include our hosting provider, data analytics company, customer database provider and social media integrator); and (ii) law enforcement agencies, regulators, courts or other public authorities if we have to, or are authorised to by law.
    4. We don't sell your personal information to third parties and don’t provide personal information to Community Owners beyond that which is visible to them in the relevant Community, unless that Community Owner has a Community-Specific Privacy Policy which have been communicated to you when registering for that Community. If they do have a Community-Specific Privacy Policy, then you need to read that for details of what personal information they will have access to and what they may use it for.

  5. Where does Medallia Ideas store my personal information?
    1. We store all data on servers located in Europe.

  6. What are my rights
    1. By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country. You can exercise any of these rights by writing us on the email address below in the ‘Contact us’ section:
      1. The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.
      2. The right of access. You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law. You can do this by writing us on the email address below.
      3. The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in personal information that we hold by writing us on the email address below.
      4. The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
      5. The right to restrict processing. You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
      6. The right to data portability. You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability. This is not a general right however and there are exceptions.
      7. The right to object to processing. You have the right to object to certain types of processing, including any profiling.
      8. The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
      9. The right to withdraw consent. If you have given your consent to anything we do with your personal data (i.e we rely on consent as a legal basis for processing your personal information), you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). You can withdraw your consent to the processing of your personal information at any time by terminating your account.
      10. The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your personal information with your national data protection regulator.
    2. We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for baseless or excessive/repeated requests, or further copies of the same information. Alternatively, we may be entitled to refuse to act on the request.
    3. Please consider your request responsibly before submitting it. We will respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
  7. What are my rights
    1. We may collect information about your computer, including where available your IP address, operating system and browser type. This is statistical data about our users' browsing actions and patterns and does not identify any individual. When you use a mobile or desktop device to connect to the Site or Communities, the details of the device, for example, model number or operating software version, may be sent to us.
    2. We use cookie files which are stored on the hard drive of your computer. We use the following types of cookies:
      1. Login cookies. These help to distinguish you from other users and enable us to provide you with a good experience. The information they use is your email address and an alphanumeric session key to help us recognise you when you return to the Site or relevant Community. It will typically last for two weeks from the time you log in if you remain logged in, or it will be deleted immediately when you log out.
      2. Statistic tracking cookie: This is used to recognise that a user has previously visited a relevant Community, so that we may distinguish them from a user visiting for the first time. No identifiable personal information is contained within this cookie. It will typically last for 12 months.
      3. Third party cookies. We use cookies from services such as Google Analytics and Addthis in order to better understand traffic patterns of usage. These typically last for up to 2 years.
      4. Community specific cookies. Sometimes, Community Owners may use other cookies for their Community. You should read their Community Specific Privacy Policy for details.
      5. Cookie consent cookie. This remembers that you have seen and dismissed the cookie notification alert, accepting the use of cookies. It will typically last for 12 months.
    3. You will see a pop up consent notice on our Site when you visit since we rely on your consent for the use of cookies. You may also refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you don't give your consent or you select this setting you may be unable to access certain parts or features of the Site and Communities.
    4. Most internet browsers are initially set up to automatically accept Cookies. You can change the settings to block Cookies or to alert you when Cookies are being sent to your device. If you use different devices to view and access the Site (e.g. your computer, smartphone, tablet etc) you will need to ensure that each browser on each device is adjusted to suit your Cookie preferences.
      1. Disable Cookies in Microsoft Edge >> Click here
      2. Disable Cookies in Chrome >> Click here
      3. Disable Cookies in Safari >> Click here
      4. Disable Cookies in FireFox >> Click here
      5. Disable Cookies in Safari IOS >> Click here
      6. Disable Cookies in Google Android >> Click here
    5. Click here for more information on Cookies and how to manage them.
  8. How can I be sure my data is secure?

    We take appropriate technical and operational measures to protect the personal information it gathers and processes about you. You should always bear in mind that there is no such thing as 100% information security. For example, communications over the internet and mobile phone networks aren’t completely secure and we can’t accept responsibility for unauthorised access or loss of personal information that is beyond its control. You also need to take steps to protect your log in details, use anti-virus software and to act sensibly when providing personal information. If you have any concerns then do contact us.

  9. How do I Contact Medallia Ideas?
  10. If you have any questions or comments about Medallia’s Privacy Policy or the practices of this site, if you would like to issue a complaint, or if you have an unresolved privacy and data use concern, we’d like to hear from you. Medallia responds to privacy-related requests in a timely fashion and pursuant to applicable law. To make a privacy-related request or to contact our Data Protection Officer, please contact us through the form found here, by phone at +1 866 562 1834, or by mail at the following address:

Medallia, Inc.

6220 Stoneridge Mall Rd Floor 2

Pleasanton, CA 94588

Attn: Data Protection Officer