EFFECTIVE September 19, 2025
Privacy Policy (Notice)
Introduction
Tealium values your privacy and is committed to protecting your personal data. This Privacy and Cookie Notice (this “Notice”) explains how we collect, use, disclose, process and protect personal data that we collect about you when you use our products or services, interact with our websites, attend our events, or otherwise engage with us. This Notice also describes your data protection rights and choices regarding your personal data. In this Notice, personal data means information that enables you to be identified as an individual.
Who we are
Tealium provides a suite of software-as-a-service products that helps organizations collect, unify, and manage their customer data across all digital touch-points (the “Services”).
Tealium Inc. and/or its affiliated entities are responsible for the processing of your personal data as described in this Notice, unless specified otherwise, and act as the controller of such personal data. The controller of your personal data is the Tealium entity with which you engage (“Tealium”).
This Notice does not apply to the extent we process personal data in the role of a processor or service provider on behalf of our customers, including where we offer to our customers various products and services through which our customers (or their affiliates): (i) send electronic communications to others; or (ii) otherwise collect, use, share or process personal data via our Services. If you have questions related to a Tealium customer who uses our Services as the controller, please contact that customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this Notice.
Purpose
This Notice describes how Tealium (also referred to as “we”, “us”, or “our”) may collect and use your personal data in the context of:
- Tealium’s websites;
- Tealium’s Services; and
- Tealium’s marketing, sales, and advertising practices.
Data Collection Methods
We collect personal data through various methods, including:
Automated technologies:
- Cookies and similar technologies: for detailed information about how we use these technologies, please see our Cookie Policy.
User-provided information:
- Form data: information you provide when filling out forms on our site, such as your name, email address, and other contact information.
- Registration data: information you provide in connection with newsletter requests, event/seminar registrations, dietary preferences (excluding special categories of data), subscriptions, downloads, and username/passwords
- Marketing data: information about about your individual participation in conferences and in-person seminars, credentials, associations, product interests, and preferences
- Account and profile data: information collected when you create an account, including your name, email address, password, and other relevant details.
- Customer support interaction data: information provided during interactions with our customer support team, which may include contact details and the nature of your inquiry.
- Job applicant data: information you provide in connection with employment opportunities.
Third-party sources:
- Partners: information about you received from our business partners to enhance our Services, provide better customer support, and support our marketing efforts.
Service Providers: information about you from service providers who assist us in understanding user behavior and preferences for marketing purposes and improving the user experience.
Use of Personal Data
We use your personal data for the following purposes:
- Providing the Services: delivering and maintaining our Services to ensure they function as intended. We need to process your information in this way in order to perform our obligations under our contract with you.
- Improving user experience: personalizing your interactions with our site and improving website functionality. It is necessary for our legitimate interests to monitor how our websites are used to help us improve the layout and information available on our websites and provide a better service to our website users.
- Providing relevant marketing: Providing you with information about events or services that may be of interest to you, including user conferences or networking events. It is necessary for our legitimate interests to process this information in order to provide you with tailored and relevant marketing, updates and invitations.
- Communicating with you: sending updates, promotional materials, and responding to your inquiries.
- Security and compliance: ensuring the security of our services and complying with legal obligations. It is necessary for our legitimate interests to monitor how our websites and Services are used to detect and prevent fraud and misuse of our websites and Services. This helps to ensure that you can safely use our websites and Services.
Employment opportunities: Assessing your suitability for current or future employment opportunities, to contact you during the recruitment process, and to maintain records related to hiring decisions. More details on the use of your personal data for employment opportunities can be found in the Candidate Privacy Policy, which will be provided to you when you submit an application for employment.
Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: Where you have given us explicit consent to process your personal data for a specific purpose.
- Contract: Where processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
- Legal Obligation: Where we need to comply with a legal obligation.
Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Data Sharing
We share your data under the following circumstances:
- Service providers: third parties that perform services on our behalf, such as payment processing, data analysis, advertising, personalization, customer support, and other business operations.
- Business partners: companies with which we partner for co-branded services or joint marketing activities.
- Legal authorities: government entities or other third parties in response to legal requests, or when required to comply with laws and regulations.
Affiliated entities: Tealium Inc. or entities controlled by Tealium Inc. that provide customer support, marketing, and other operational support.
International Data Transfers
Your data may be transferred to countries outside your resident country. Tealium uses Standard Contractual Clauses (SCCs) for these transfers, ensuring compliance with EU, UK, and Swiss data protection standards. We also implement appropriate safeguards and additional security measures, especially for countries without equivalent data protection laws, to ensure your personal data remains protected.
Data Privacy Framework Program
Tealium complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Tealium has also certified to the US Department of Commerce that it adheres to EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Tealium has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the applicable DPF Principles shall govern. Tealium’s commitments under the Data Privacy Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/s/.
Tealium uses a limited number of third-party service providers to assist us in providing our services to our users and business customers. These third parties may access, process, or store personal data in the course of providing their services. Tealium maintains contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our Data Privacy Framework obligations, including the onward transfer provisions, and Tealium remains liable if they fail to meet those obligations and Tealium is responsible for the event giving rise to the damage).
Choice
If personal data covered by this Notice is to be used for a new purpose that is materially different from that for which the personal data was originally collected or subsequently authorized, or is to be disclosed to a third party in a manner not specified in this Notice, Tealium will provide you with an opportunity to choose whether to have your personal data so used or disclosed. Requests to opt out of such uses or disclosures of Personal Data should be sent to us as specified in the “Contact Information” section below.
Accountability for Onward Transfer
If you are an EU, UK, or Swiss Individual, where we transfer your personal data to a third party service provider (see above) that performs services for us or on our behalf, we are responsible for the processing of that data by them and shall remain liable if they process your personal data in a manner inconsistent with the DPF Principles referred to in this Notice, unless we prove that we are not responsible for the event giving rise to the damage.
Data SubjectRights – GDPR
If you are in the European Economic Area (EEA), you have the following rights regarding your personal data under GDPRand other relevant regulations:
- Right to Know: You can request details about the categories and specific pieces of personal data we have collected about you, the sources of that data, the business purpose for collecting it, and the categories of third parties with whom we share it.
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Correction: You can request that we correct any inaccurate or incomplete data.
- Right to Deletion: You can request the deletion of your personal data, subject to certain exceptions.
- Right to Data Portability: You can request the transfer of your data to another service provider.
To exercise these rights, please contact us at privacy@tealium.com
California Consumer Privacy Act 2018
For information about our data processing practices as required by the California Consumer Privacy Act 2018, please view our CCPA Disclosure page (link).
Data Protection and Security
We implement robust security measures to protect your personal data, including:
- Encryption: Protecting data during transmission and storage using advanced encryption technologies.
- Access Controls: Restricting access to personal data to authorized personnel only.
- Regular Audits: Conducting regular security audits and assessments to ensure our data protection measures are effective.
Incident Response and Data Breach Notification
Tealium has a robust incident response program in place. In the event of a data breach, we follow global standards, including GDPR’s 72-hour breach notification requirement, to inform affected individuals and regulators as required.
Artificial Intelligence
At Tealium, we may use artificial intelligence (“AI”) technologies to enhance the Services, improve user experience, and analyze data patterns. Customers have the ability to purchase Services that include AI technologies. Tealium may also use chatbots as part of its customer support and knowledge base offerings within the Services but users have the ability to opt out of the use of such chatbots.
When we use AI technologies, we:
- Ensure compliance with applicable data protection laws and regulations
- Implement appropriate technical and organizational safeguards
- Maintain transparency about significant automated decision-making
- Provide mechanisms for human review where appropriate
- Regularly assess and update our AI practices to align with evolving standards and best practices.
Responsible AI and Ethical Standards
Tealium’s AI initiatives are committed to ethical standards, aiming to enhance customer experience while ensuring data privacy. We monitor and regularly update AI practices to maintain compliance with evolving AI governance frameworks. Our AI systems are designed and operated in accordance with principles of transparency, fairness, and accountability. We conduct regular impact assessments to ensure our AI processing activities respect individual rights and freedoms.
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal and regulatory requirements. Retention periods vary depending on the type of data and how it is used. The criteria we use to determine retention periods include:
- The length of time we have an ongoing relationship with you
- Whether there is a legal or regulatory obligation to keep or delete the data
- Whether retention is advisable considering our legal position (such as regarding applicable statutes of limitations, litigation, or regulatory investigations)
Children’s Privacy
Our services are not intended for children under the age of 16, and we do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information from our files as soon as possible. If you believe that we might have any information from or about a child under 16, please contact us at privacy@tealium.com.
Updates to This Notice
We periodically update this Notice to reflect changes in our practices or applicable laws. When we make significant changes, we will notify you via email or a prominent notice on our website at least 30 days before the changes take effect, unless urgent changes are required by law. The updated version will be indicated by an updated “Effective Date” and the changes will become effective when posted. We encourage you to review this notice regularly to stay informed about our data protection practices.
Contact Information
If you have any questions or concerns about our privacy practices, please contact us:
- Email: privacy@tealium.com
- DPO Contact: For EU, UK, and Swiss residents, contact our Data Protection Officer at dpo@tealium.com
- Address: Tealium Inc., 9605 Scranton Road, Suite 600, San Diego, CA 92121, USA