Intapp Privacy

Privacy policy

Effective: December 19, 2023 — Present

This Privacy Policy describes the policies and procedures of Integration Appliance Inc., located at 3101 Park Blvd, Palo Alto, CA 94306 and our affiliated companies1, including DealCloud, Inc. (collectively ‘Intapp’, ‘we’ or ‘us’) on the collection, use and disclosure of your information, including any Personal Information (defined below). This Privacy Policy applies to any Intapp website (such as intapp.com) and to any software application, product or service that Intapp provides or makes available (collectively, the ‘Services’). If a Service has a link to a different privacy policy, that privacy policy governs the collection, use and disclosure of information for that Service. Further, your use of certain Services may be governed by agreement(s) between the business for which you work and Intapp.

Personal Information, sometimes also known as personally identifiable information or ‘PII’, is information that can be used on its own or with other information, directly or indirectly, to identify, contact, or locate a person, or to identify a person in context.

This Privacy Policy does not apply to any other information Intapp collects by other means.

How we collect information

We collect information, including PII, when you interact with us in ways that include:

  • Your use of the Services
  • Your requests for information on Intapp products, thought leadership, downloadable content, services or support
  • As a result of your communications with Intapp’s or our partners’ sales, service and support representatives
  • When you or the company for which you work is a prospect or customer for any of Intapp’s products, services, support
  • When you register for or attend an Intapp or industry event for which Intapp is a sponsor/co-sponsor
  • When you submit an online employment application
  • By your use of cookies, which is subject to our Cookie Policy at intapp.com/cookie-policy/

Information that Intapp collects about you may also come from other sources, such as your employer, organizations which you are affiliated with, events you attend, or other users of our Services.

What information we collect

Whenever you visit a Service, Intapp receives and records information on our server logs from your browser, including your computer’s or mobile device’s operating system type and version, browser type and language, your Internet Protocol (‘IP’) address, and your location derived from your IP address, cookie information, file information, time stamped logs regarding access times and duration of visits. Intapp also records the websites you visited before coming to a Service, and other usage data relating to your activities using our Service, including the pages you request. We also collect your name and the contact details when you affirmatively submit that information to us through a Service (by, for example, your submission of an employment application). We may relate any or all of this information to the personal information you provide for purposes described in this privacy policy.

Payment information submitted via our website to purchase something from us or to subscribe to our Services, including information necessary for us to process the transaction, is collected by a third-party payment processor. No payment information is ever provided to us.

What we do with the information we collect

We do a variety of things with the information we collect, including PII:

We use the information to manage our relationship with you, to set up and manage your account, to communicate with you about Intapp news and Intapp products, services and support, to send you information about Intapp events, to provide you with information about and access to Intapp’s online courses and other education and training programs, and to respond to your inquiries, including providing information, support or advice, about promotions and current and new Intapp products and services. We also use the information to provide you with demonstrations of the capabilities and features of Intapp products and services. If you are an employment applicant we use your information to process your application. If you are an employee, we use your information to process all aspects of your employment relationship with Intapp.

We use the information to personalize content for you, to improve our content, to keep your contact details up to date, to understand you and your preferences so we can enhance your experience with the Services, and to provide you with access to restricted areas of the Services if you are authorized to have that access.

We may also use the information to measure the performance of our services, solutions, marketing programs and marketing campaigns. We may share information with our business partners and may also use the information in conjunction with corporate transactions, such as a merger, acquisition, or investment. Where we share information with such a third party, we require the third party by contract to store and protect information consistent with the commitments we make to you.

We may share some or all of your information with current or future ‘affiliates’ (which means an investor, parent company, any subsidiaries or sister companies, joint ventures, or other companies under common control).  As noted above, our affiliates also subscribe to this Privacy Policy.

We may combine information we have collected with other Personal Information we get from third parties to help understand your needs and to provide you with better and more personalized service and information.

We may also anonymize and aggregate your information with the information of others so that you are no longer identifiable. We may use the anonymized and aggregated information to improve our content and Services, and may share that information with third parties.

We always limit our collection and retention of information from which you can be identified to what is reasonably necessary and proportionate to achieve the purposes for which the information was collected.

We do not sell information from which you can be identified, nor do we share it, which means to make it available to others for behavioral advertising purposes. However, we may transfer your personal data onward to certain third-parties who are vendors or service providers of Intapp.

Finally, we may disclose your information to ensure compliance with our terms of use and license agreements, to prevent and detect security threats, fraud or other malicious activity, to comply with laws, or in response to a court order or a subpoena. We also may disclose your information in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, verify, prevent, enforce compliance with, or take action regarding illegal or suspected illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, protection of the rights and property of Intapp, our customers, or others, or as otherwise required or permitted by law or consistent with legal requirements.

Lawfulness of Processing of Personal Data

All data processed by Intapp is done according to one of the following lawful basis: consent, contract, legal obligation, vital interests, public task, or legitimate interest. The lawful basis relied upon by Intapp is determined by the specific personal data being processed and the reason for such processing.

What security measures we use to protect the information we collect

Intapp uses reasonable physical and technical measures to protect against loss, misuse or unauthorized disclosure of information we collect; security measures include passwords and encryption of data in transit and at rest, limiting access to the information to those with a need to know that information and who have executed an agreement under which they agree to maintain the confidentiality of that information.

Intapp stores information in a secure environment either managed by Intapp or a third party. Where we use a third party, we require the third party by contract to store and protect information consistent with the commitments we make to you.

Where we store information we collect

We store information on servers located in the US and elsewhere. Regardless of where your information may be stored, this Privacy Policy applies to the collection, storage and use of that information.

Information may be transferred, processed and stored outside of the country in which you reside; however, rights and protections afforded to you by virtue of the laws in your country of residence governing collection and processing of your data are not affected based on where information is stored.

We have in place the appropriate European Union-approved standard contractual clauses between Intapp entities and between Intapp and third parties we use to process or store your data if you reside within the European Economic Area.2

Third parties Intapp engages to store or process data we collect agree by contract to meet the same standards and commitments that we make to you. Additionally, Intapp may remain liable under applicable Data Privacy Framework principles in the event of an onward transfer, unless certain conditions are met.

Your rights

Depending on where you live, you have a number of rights with respect to the information we collect. If you live in California, the European Union, the United Kingdom or Switzerland, you have these rights, some or all of which may also apply in other U.S. states or countries:

You have the right to request that we provide to you the information we have collected from which you can be identified (“Right of Access”). If we do provide you with information about you that we have collected, you have the right to receive it in a portable fashion, so that you can transmit it to another entity. You also have a right to have us correct any information we have collected from which you can be identified. You also have the right to request that Intapp delete the information we have about you. You also have the right to opt out of AI-based decision making about your information. Some of the information we collect about you may be what California law defines as sensitive personal information, which includes, among other things, for employment purposes, Social Security numbers and other government identification numbers, as well as information about race. You have the right to limit our use and disclosure of sensitive information to what is reasonably necessary to perform the services you are expecting from us, but we do not use or disclose your sensitive information except as reasonably necessary to perform such services. We will honor requests to exercise these rights as required by applicable law and, if necessary, once you have provided us with adequate proof of your identity.

To exercise any of the rights specified in the preceding paragraph, send an email to privacy@intapp.com.

Notwithstanding that you have already opted-in to the terms of this Privacy Policy, and in addition to the rights provided by California and other state or applicable law, we provide you with a broader right to opt-out of our use of any or all information from which you can be identified by sending an email to privacy@intapp.com.  In addition to these rights, you may:

  1. Opt-out of marketing Emails by clicking on “unsubscribe” at the bottom of an email you receive from Intapp and
  2. Opt-out of text messages by replying “STOP” or “END to a text message you receive from Intapp.

Even if you opt-out of marketing-related emails, we may still send you non-marketing emails that we feel are relevant to your current or previous interactions with Intapp where the receipt of the same would be of interest or benefit to you.

Under certain circumstances we are unable to honor an opt-out request. This occurs most commonly when you are seeking to opt-out of a Service for which there is an agreement between the business that employs you and Intapp that requires Intapp to make the service available to you.

EU-US Data Privacy Framework, The UK Extension, and the Swiss-US Data Privacy Framework

Intapp complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Intapp has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Intapp has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@intapp.com

In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Intapp commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Intapp at privacy@intapp.com.

Intapp has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.

See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf

The Federal Trade Commission has jurisdiction over Intapp’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Thirdparty websites

We may provide links to third-party websites, including websites of our business partners. Your use of those third-party websites is subject to the privacy policies and terms of those websites.

Changes to this privacy policy

Intapp may change or amend this Privacy Policy from time-to-time. We will provide you with a clear, unambiguous notice at the top of this Privacy Policy describing the changes. If we make significant changes to this Privacy Policy that materially alter our privacy practices, we may also notify you by other means, such as sending an email or posting a notice on our corporate website or social media pages prior to the changes taking effect.

Your continued use of the website once the changes go into effect constitutes your agreement with the Privacy Policy as changed.

Effect of our contract with the business that employs you

Our compliance with the terms of this Privacy Policy, including where we store information and the security measures we use, and most importantly, our use of the information we collect and your exercise of certain rights you have under this Privacy Policy may be superseded or supplemented by our agreement(s) with the business that employs you.

Date of privacy policy

The effective date of this privacy policy is 28 March 2024.

1 A list of Intapp’s affiliates is at https://www.intapp.com/integration-appliance-inc/

2The European Union, Norway, Iceland and Lichtenstein.