Scope of this Notice

This Domo Privacy Notice (“Privacy Notice”) describes how Domo, Inc. and its affiliates (“Domo”, “we”, “our” or “us”) collect, store, use, disclose, and otherwise process information from or about you (“Personal Information”) in the course of our business.

Domo is the provider of an online, cloud-based business management platform service and other subscription-based services (the “Subscription Services”). We provide the Subscription Services and related support, consulting, implementation, and other professional services to our customers (collectively, our “Services”).

This Privacy Notice describes Domo’s privacy practices in relation to Personal Information we collect as a controller, including in the context of our websites; our Services, including our desktop and mobile apps that link to this Privacy Notice; company events, forums, and communities; our marketing and promotional emails, text messages, newsletters, and other marketing, promotional, and advertising communications (“Marketing Communications”); and any other activities where we display or link to this Privacy Notice. Personal Information we collect as a controller in the context of our Services includes Personal Information provided to Domo to register a user account to use the Subscription Services.

It is important to note that this Privacy Notice does not apply to Personal Information we process in the role of a service provider/processor for our customers, including Personal Information that is uploaded into the Subscription Services, or otherwise provided for processing by the Subscription Services, by or on behalf of our customers (which we refer to as "Subscriber Data" in our Domo Software as a Service Agreement). When entities that purchase our Services (“Customers”) use the Subscription Services to process data, they control and are responsible for the collection and use of that data, and Domo is acting in the role of service provider/processor of that data on Customers' behalf. The collection, storage, use, transfer, and other processing of Subscriber Data in the Subscription Services is governed by the agreements between Domo and the applicable Customer (“Customer Agreements”) and the Customer’s privacy notice, not this Privacy Notice. We are not responsible for and have no control over the privacy and data security practices of our Customers, which may differ from those explained in this Privacy Notice.

If you are a California resident, please refer to our Privacy Policy for California Residents.

Information Collected by Domo

Information Provided by You

You may provide us with information about you when you:

  • visit or register to use a Domo website (such as www.domo.com);
  • complete a Domo web form;
  • use or register to use the Subscription Services;
  • request a Services demonstration;
  • login to the Subscription Services as a user authorized by a Customer or partner to access and use the Subscription Services (a “User”);
  • respond to an advertisement or other marketing communication;
  • respond to a referral;
  • contact Domo for support or other offerings;
  • attend an event or forum that Domo is hosting or in which Domo is participating;
  • join or participate in a Domo community, training, certification, or contest;
  • respond to a survey or questionnaire;
  • visit our offices;
  • visit our branded social media pages;
  • receive Marketing Communications from us or otherwise communicate with us, including by email, phone, video calls, or texts;
  • or otherwise interact with us.

During such processes, the Personal Information we collect from you or that you provide typically includes your name, the company you work for, address, email, phone number, your position or title, and/or your Domo username and password. If you sign up for or login under an educational account, we may also collect your educational data such as your student ID, transcripts, or other proof of enrollment. You can choose not to provide us with your Personal Information, but if you do not provide us with your Personal Information when we request it, we may not be able to provide you with the websites and Services you use, or tailor them to you.

Information Provided by Others

We may collect information about you from third-party sources, including partners from whom we collect or purchase Personal Information, or who provide us with publicly available information that may contain Personal Information, or who provide analytics based on various sources to help us understand how to improve our products and marketing; individuals who provide your information as a referral; and individuals at the company where you work. We may combine this information with Personal Information provided by you. We may collect other public and third-party information about you to supplement information we hold. For example, your name, email address, phone number, and title that you provide to us may be combined with information about the company you work for that is obtained from professional networking sites and information service providers.

Usage and Device Data

When you login to the Subscription Services as a User or visit or navigate our websites, we may collect device information and data related to your usage and utilization of the Services or our websites such as user ID, username, password, email address, user type, duration of session, connections made, your utilization of specific features or functions, version and update status, IP addresses, mobile and device IDs, location, browser information, language and time zone settings, user interactions (such as the pages, cards, and files viewed), system configuration information, unique device identifiers, how you arrived at our site, and other computer and connection information and diagnostic data. We may also collect and utilize aggregated statistical and usage information.

Use of Cookies and Other Tracking Tools

We use information-gathering tools, such as cookies and web beacons, to collect information as you navigate our websites and use our Subscription Services. Through these tools, we receive and store information about how you use our websites and Subscription Services and about your online activities over time and across different sites. For example, your browser or device may send some of the Usage and Device Data above to our servers whenever you visit a Domo website or use our Subscription Services. The information we receive through cookies and similar technologies may be associated with you, depending on the website or Subscription Services you are using. In addition, third parties may be able to collect information about your online activities when you use our websites or Subscription Services using cookies or other technologies.

Web beacons may also be included in emails we send you. This technology contains identifiers that enable us to recognize when you have received or opened an email or clicked links within it and how you otherwise interact with our emails.

We advertise online, including displaying Domo ads across the Internet on websites and in apps. When we advertise online to you, we may collect information through such technologies about which ads are displayed to you, which ads you click on, and the web page where the ad was displayed to you.

For more information about the types of cookies we use and managing cookies, please see our Domo Cookies page and the "Your rights in respect of your Personal Information" section below.

Buttons, Tools, and Content from Other Companies

Domo websites may include buttons, tools, or content that link to other companies’ services (for example, a Facebook "Like" button). We may collect information about your use of these features. In addition, when you see or interact with these buttons, tools, or content, or view a Domo web page containing them, some information from your browser may automatically be sent to the other company, including Facebook. Your information may be processed for additional purposes by that company. Such further processing purposes may go beyond the purposes set out in this Privacy Notice. Please read that company’s privacy notice for more information regarding its use of that information. For example, a link to Facebook's privacy notice can be found at https://en-gb.facebook.com/privacy/explanation.

Domo Social Networking Pages

We maintain pages on many social networking sites. We may collect information that you make publicly available on social networking sites, as well as when you interact with our social networking pages. Social networking sites may, in some instances, provide statistics and insights to Domo that help us understand the types of actions you take on our social networking pages.

Public Chat, Message Boards and User Postings

You may provide Personal Information to us through your participation in chat sessions, message boards, user communities associated with our Subscription Services (such as Domo Dojo and Buzz), blogs, forums, email exchanges, or newsgroups on our websites or within the Domo platform—including by posting comments, uploading photos, or submitting other content. That information may be available to anyone who has access to the website or platform. Such information can also appear in search engine results or through other publicly available platforms and can be “crawled” or searched by third parties.

Our Use of Personal Information We Collect

We may use the Personal Information we collect about you as a User of the Subscription Services, as a visitor to our websites, or through other means (e.g., in person) to:

  • Provide you the Services;
  • Send you information about new releases, features, and other updates related to our Services;
  • Respond to your questions or comments or provide information you have requested;
  • Communicate with you about webinars, trainings, certifications, demonstrations, and other events and activities related to our Services, and send you information about our partner events;
  • Maintain your or your company’s account;
  • Discuss and process payments, additional purchases, or renewal of your or your company’s subscription;
  • Send you confirmations, invoices, technical notices, security alerts, training and support and administrative messages;
  • Obtain feedback about our Services;
  • Conduct research and development regarding our Services;
  • Perform business modeling and provide internal reports;
  • Detect and diagnose bugs, errors, and other service problems and provide customer service and support;
  • Communicate with you about our Services through Domo forums or communities (e.g., Domo Dojo or Buzz);
  • Allow other Users to communicate with you;
  • Undertake analysis of customer patterns and behavior so we can understand what may be of interest to you and others;
  • Provide you Domo website content;
  • Operate and improve our websites and Services;
  • Send you information by email, text message, including in the form of electronic or print newsletters, about Domo, our Services, special offers and other Marketing Communications (where this is in accordance with your marketing preferences);
  • Understand your preferences and personalize our website, Services, ads, and Marketing Communications to your likely interests and needs;
  • Display and measure engagement with advertisements and other Marketing Communications across different devices and sites;
  • Conduct market research about our current and potential Customers, their interests, and the effectiveness of our marketing campaigns;
  • Aggregate data from our Services for benchmarking, to develop and improve our Services, analyze trends, demonstrate the effectiveness of our Services, and other legitimate purposes;
  • Process orders for and deliver to you swag, merchandise, or other items or materials that you order from us;
  • Contact you via telephone to discuss our Services and related offers with you;
  • Detect, prevent, and otherwise address spam, malware, or other security or technical issues, as well as protect against fraud and other harm to Domo, Users, or the public;
  • Monitor and respond to security incidents;
  • Respond to legal claims;
  • Comply with laws and regulations, and for investigative purposes, as necessary (including disclosure of information in connection with mandatory government agency requests, legal process, or litigation); and
  • Link or combine information we collect about you with other public or private information sources to provide you with Marketing Communications that may be relevant to you, help understand your needs, provide you with better service, and to prevent fraud;
  • Process and deliver contest entries and rewards; and
  • Process your information for other legitimate business purposes, such as customer surveys, data analysis, audits, identifying usage trends, and to evaluate and improve our products, services, marketing, and customer relationships.

Our processing of your Personal Information for marketing purposes outside of a consent requirement in law will be in our legitimate interest. Where required under applicable law, we will obtain your consent to use your Personal Information for marketing purposes. You can withdraw your consent or object to receiving further Marketing Communications at any time as provided in such Marketing communications or as described below.

Disclosure of Information We Collect

We work with companies that provide services or help support our business. behalf. These companies may have access to your Personal Information including:

  • Our affiliated companies and vendors, consultants, contractors, and other service providers we hire that need access to your Personal Information to perform their services, including hosting and cloud services, artificial intelligence services, verifying enrollment status for educational uses, payment processing, consulting, implementation, training and other professional services, and technical support;
  • If you are authorized by a Customer or partner to access and use the Subscription Services, we may disclose your Personal Data to the affiliated customer or applicable partner responsible for your access to the Subscription Services to the extent necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies;
  • Third-party business partners that offer supplementary products and services to those provided by Domo, such as developers and providers of apps, connectors, and other products. If you purchase or express an interest in a third-party product or service and to the extent you consent to such sharing (where required by applicable law), we may disclose relevant Personal Information to that third party as necessary to provide the requested product or service and enable its interoperation with the Subscription Services, and those third parties may contact you about your purchase or interest;
  • Our referral partners, resellers and other sales partners that need access to your Personal Information for the purpose of assisting you with ordering or implementing our Services;
  • Companies we hire to help us market our websites and Services and provide you with information and offers related to our Services, including displaying ads to you across the Internet and sending Marketing Communications on our behalf;
  • Third party social media networks, advertising networks, and websites, so that we can market and advertise on third party platforms and websites;
  • Sponsors of Domo-organized events. If you register for or attend an event organized by Domo, we may disclose relevant Personal Information to sponsors of the event; and
  • Sponsors of contests and promotions for which you register or participate in order to fulfill the contest or promotion.

At Domo events and webinars, you may, if required by applicable law, consent to disclosure to sponsors and other third parties via the event registration form or by allowing your attendee badge to be scanned by a sponsor. In these circumstances, your information will be subject to the sponsors’ privacy statements. If you do not wish for your information to be disclosed to sponsors in such circumstances, you may choose to not opt-in via event registration or elect to not have your badge scanned, or you can opt-out in accordance with the opt-out procedure in this privacy notice.

We may also disclose your Personal Information:

  • When we are required or believe we are required to provide such information in response to or to comply with a subpoena, court order, applicable law or regulation, government statute, legal or regulatory audit or investigation, or other legal process;
  • When we have a good faith belief that the disclosure is necessary in our legitimate interests to prevent or respond to fraud, defend our websites or Services against attacks, or protect the property and security of Domo, or the property and security of our Customers and Users;
  • To the extent necessary to comply with lawful requests by public authorities, including to comply with national security or law enforcement requirements;
  • When we merge with or are acquired by another company, we sell a website, app, or business unit, or all or a substantial portion of our assets are acquired by another company. In these circumstances, your information may be one of the assets that is transferred or may be disclosed to the other company to evaluate the potential merger, acquisition, or sale, provided that the terms of this Privacy Notice will continue to apply to any Personal Information that is disclosed or transferred to that entity;
  • To enforce our agreements, policies, and terms of service;
  • When we aggregate and disclose de-identified information collected by our websites or the Services to provide statistical information or market research to third parties; or
  • When you consent to the sharing.

If you are referred to Domo by someone else, we may disclose information regarding the status of that referral to the individual who referred you.

Information Security, Retention, and Storage

We understand that the security of your Personal Information is important. We implement reasonable administrative, technical, and physical security controls designed to protect your Personal Information from loss, misuse, or unauthorized access, disclosure, alteration, or destruction. However, despite our efforts, no security controls are completely effective, and we cannot guarantee or warrant the security of your Personal Information.

Your Personal Information is stored on our servers and the servers of companies we hire to provide services to us. We will retain your Personal Information for as long as we have an ongoing legitimate need to do so, including as necessary to provide you with the websites and Services you use; to comply with our legal obligations and legal rights including to prevent fraud or enforce our agreements; and for our internal business needs, such as maintenance of our archive and backup systems for a period after your use of our websites and Services ends. We will also store a permanent record of any request not to send direct marketing or to process your information so that we can respect your request in future.

Cross-border Data Transfers

Your Personal Information may be stored in and transferred to the United States, or stored in and transferred to other countries where our affiliates and the companies that provide services or help support our business are located, such as Australia, India, Japan, South Africa, the United Kingdom, Spain, Malaysia, and the Philippines. In order to use our Services and websites, you acknowledge that your Personal Information may be transferred and processed outside your country or jurisdiction. Certain of these countries may not have the same data protection laws and protections as the country in which you initially provided the information including, where relevant, the laws and protections of the United Kingdom, Switzerland, or a country in the European Economic Area (EEA). When we transfer your Personal Information, we take appropriate steps to ensure your privacy rights continue to be protected.

In the case of transfers of Personal Information outside of the United Kingdom, Switzerland, or the EEA, we take appropriate steps to ensure that the recipient of your Personal Information offers an adequate level of protection and security, for example by entering into standard contractual clauses for the transfer of Personal Information as approved by the European Commission.

Data Privacy Framework Notice

Domo complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Domo has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) for the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Domo has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) for the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

EU, UK and Swiss individuals with inquiries or complaints regarding Domo’s handling of personal data received in reliance on the Data Privacy Framework should first contact Domo at privacy@domo.com. We will respond to any such request or inquiry within 45 days. In compliance with the Data Privacy Framework, Domo commits to refer unresolved complaints concerning our handling of personal data received in reliance on the Data Privacy Framework to JAMS, an alternative dispute resolution provider based in the United States. If we have not addressed a Data Privacy Framework complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-data-privacy-framework for more information or to file a complaint. The services of JAMS are provided at no cost to you. If neither Domo nor our dispute resolution provider resolves your complaint, you may have the ability, under certain conditions, to invoke binding arbitration through the Data Privacy Framework Panel.

Please be aware that we may be required to disclose personal data that we receive under the Data Privacy Framework in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Domo’s commitments under the Data Privacy Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Your Rights in Respect of Your Personal Information

We take reasonable steps intended to ensure that your Personal Information we collect is accurate, complete, and current, including by using the most recent information provided to us. Our Services may allow you to review and edit your Personal Information by accessing your account or similar feature of the website or Services you are using.

For our websites and marketing, the following describes your options for managing the various types of cookies we use on our websites and in performing the Services:

  • Required Cookies: Required cookies are necessary to enable the basic features of the site to function, such as providing secure login or enabling use of our Services. Because required cookies are essential to operate Domo’s websites and provide the Services, there is no option to opt out of these cookies.
  • Functional Cookies: Functional cookies are used to provide a better customer experience on our websites and when using the Services. For example, remembering your login details and other information you have entered or choices you have made, displaying more personal features, or providing us information about how our websites and Services are used.
  • Analytics Cookies: Analytics cookies are used to analyze site and Services usage to measure and improve performance. They allow us to know what content is valued and how often unique visitors return to the site, so we can improve information we offer to you.
  • Advertising Cookies: Advertising cookies are used to show you ads that are more relevant to you. We may share this information with advertisers or use it to better understand your interests. For example, advertising cookies may be used to share data with advertisers so that the ads you see are more relevant to you, allow you to share certain information on social networks, or allow you to post comments on our websites or while using our Services. To learn more about these and other advertising networks and your ability to opt out of collection by certain third parties, please visit the opt-out pages of the Network Advertising Initiative and the Digital Advertising Alliance.

If you wish, you may opt out of all website cookies except Required Cookies on our Domo Cookies page.

Individual Rights

We respect the rights you may have under certain laws and circumstances, which may include rights to:

  • Access or be provided with a copy of your Personal Information held by us;
  • Be informed about what Personal Data we hold and how we process it;
  • Request the correction, update, or erasure of your Personal Information held by us;
  • Object to the further processing of your Personal Information;
  • Request that we restrict the processing of your Personal Information (for example, while we verify or investigate your concerns with the processing);
  • Request that your Personal Information be transferred, where possible, to a third party; and
  • Not receive discriminatory treatment for the exercise of your privacy rights, subject to certain limitations.

Some or all of the rights listed above may not apply to you or may be subject to limitations, depending on applicable law. You may submit a request to us by filling out our privacy request form or by calling 1.888.573.3979. Please note that to respond to your request, we may need you to provide additional information to verify your identity. Once we verify your identity, we will assist you with your request in accordance with applicable data protection laws. If you remain unhappy with a response you receive from us about the treatment of your Personal Information you can also refer your concerns to the relevant privacy or data protection supervisor in your jurisdiction.

As previously noted, we may process your Personal Information as a processor on behalf of our Customer, with whom you have a direct relationship. In those circumstances where our Customer is the controller of your Personal Information, if you wish to exercise any rights you may have under applicable laws, please contact the Customer directly.

Text Messaging

By opting in to receive text messages from Domo, you agree to receive text notifications and communications about Domo and the Services, even if your mobile number is registered on any state or federal do-not-call list. Message frequency may vary. Consent is not a condition of purchase of any product or services. Message and data rates may apply to, and you agree to be responsible for, all text messaging charges and fees imposed by your wireless provider.

Opting Out of Marketing Communications

You may opt out of receiving Marketing Communications by unsubscribing to the marketing mailings, text messages, or newsletters you no longer wish to receive. To unsubscribe from email Marketing Communications, please submit your information through https://www.domo.com/subscription?nm or follow the “Unsubscribe” instructions that are contained within the mailing, newsletter, or other Communication that we send to you. To unsubscribe from text message communications, please reply with STOP or UNSUBSCRIBE to any mobile message sent from us. You may also unsubscribe to Marketing Communications by sending an email to privacy@domo.com with “Unsubscribe” in the body, together with a description of the Marketing Communications you no longer desire to receive. Please note that you will continue to receive alerts and other notifications related to your use of the Subscription Services unless you manage your receipt of such communications by logging in to the Domo platform and changing your user notification preferences.

Opting out of Marketing Communications does not opt you out of receiving important business communications related to your current relationship with Domo, such as communications about your subscriptions or event registrations, service announcements or security information.

Changes to this Privacy Notice

We may change or update this Privacy Notice from time to time to reflect changes to our Personal Information handling practices or our services or technology, or to respond to new legal requirements. If we do, we will update the “last updated” date on the first page of this Privacy Notice. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a notice on our website or log-in page, or sending you an email, or where required under applicable law and feasible, seek your consent to these changes. We encourage you to periodically review this Privacy Notice for the latest information on our privacy practices.

Contact Information

Domo, Inc. is a U.S. company with affiliates located in North America, the United Kingdom, Spain, Japan, India, and Australia.

If you have any questions related to this Privacy Notice or our privacy practices, please contact us at:

Domo, Inc.
Attn: Privacy Officer
802 East 1050 South
American Fork, Utah 84003
Email: privacy@domo.com
Telephone: 1.800.899.1000 (9:00 AM to 5:00 PM Mountain)

To submit an individual rights request, please use our privacy request form.