Citrix Systems, Inc. and its subsidiaries (“Citrix”), respect your concerns about privacy. References in this Policy to “Citrix”, “we”, “us”, and “our” are references to the Citrix entity responsible for the processing of your personal information. This Policy describes the types of personal information we collect, how we may use that personal information, with whom we may share it and how you may exercise your rights regarding our processing of that information. It also describes the measures we take to safeguard the personal information we obtain and how you can contact us about our privacy practices.
The information we obtain subject to this Policy is limited to the information you provide when submitting a report or is otherwise collected as part of a business conduct inquiry. Specifically, it is: (i) your name and contact details (unless you report anonymously) and whether you are employed by Citrix; (ii) the name and other personal information of the persons you name in your report if you provide such information (i.e., description of functions and contact details); (iii) a description of the alleged misconduct as well as a description of the surrounding circumstances; and (iv) any additional information that you may provide or that we may collect during the course of follow-up inquiries.
Citrix uses your personal information as described in this Policy and relies on a number of legal bases as described further below:
Citrix may share your personal information internally within Citrix/or with affiliates for the purposes described in this notice. We also may share your personal information with third parties that perform services on our behalf, including third-party service providers (such as the operator of this reporting tool). We require these parties to respect the security of your data and to treat it in accordance with the law.
We reserve the right to share with relevant third parties information you provide in the event of a potential or actual sale or transfer of all or a portion of our business or assets, including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution, liquidation or other business transaction.
We also may disclose personal information about you:
Citrix has put in place security measures designed to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. We have also put in place procedures to deal with any suspected data security breach.
Citrix only retains your personal information for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Your personal information may be stored and processed in the United States or in another country in which Citrix or its affiliates, subsidiaries, or third party service providers conducts business. When we transfer personal information to a country outside of an employee’s location, we may use a variety of legal mechanisms authorized by law, including standard contractual clauses approved by the European Commission or other data transfer agreements.
To the extent provided by the law of your jurisdiction, you may request access to the personal information we maintain about you or request that we correct, update, amend or delete your information, or that we restrict the processing of such information by contacting us as indicated below. These rights are not absolute; if we are unable to accommodate your request, we will provide written notification specifying the basis for such conclusion. Depending on your location, you may have the right to file a complaint with a government regulator if you are not satisfied with our response.
If you are a resident of California, Citrix has a California Consumer Privacy Statement which is available for review here.
Citrix Systems, Inc.
Attn: Chief Privacy Officer
15 Network Drive
Burlington, MA 01803
Last Updated: August 18, 2021