Privacy policy

We collect personal information directly from you/individuals, including the type of information included in work email footers and on business cards (e.g. name, work email address, job information, work phone number and work address collected when you get in touch with us, download a document or register for an account) and technical information arising from your interactions with our websites.

We use publicly available information and service providers to provide us with business contact details for businesses and people that we think may be interested in our solutions (“prospects”). We also obtain business contact details from Blue Prism affiliates, customers, partners, service providers and those organising or hosting events that we participate in.

The categories of personal information that we have and the sources of that information are summarized below.

When collecting personal information via forms on our website, we indicate whether it is mandatory for you to provide the information. If it is mandatory to provide personal information (e.g. to register for an account or obtain access to restricted content), you will not be able to complete the request or access the information unless you provide the information to us.

We use personal information to grow our business, use of Intelligent Automation, and digital workforce adoption and our business (e.g. by raising awareness of Intelligent Automation, and digital workforce adoption (e.g. by raising awareness of intelligent automation and complimentary technologies by running and participating in events, looking for and winning new customers, strengthening our relationship with existing customers and partners and raising awareness about our solutions). We also need to use personal information to run our business and this includes, providing our solutions, training and customer support and looking for ways to develop and improve (e.g. by analysing data, asking for and acting on feedback).

More details about our reasons for collecting, creating and using personal information (i.e. the purposes for which we do so) and legal basis for our activities are described in the table below.

We share personal information with our affiliates, customers, partners, event sponsors and organisers, service providers (including IT providers, auditors and professional advisers) as part of running and growing our business. If a regulator, government or law enforcement authority asks for personal information, we will provide the information that we are legally required or permitted to provide. We do not sell personal information.

The table below includes information about the categories of recipients (which may include third parties) that may receive personal information from us and the categories of personal information they may receive.

As a global business, we operate worldwide and transfer and store personal information overseas in countries that may have data privacy laws that differ from the laws in your country. All SS&C Blue Prism affiliates have access to personal information in order to run and grow the SS&C Blue Prism business, such as business contact details and customer relationship management information. When transferring personal data overseas, we make sure there are necessary safeguards in place where required, such as contractual commitments (e.g. the European Commission’s Standard Contractual Clauses for transfers to non-UK or EEA organisations that do not have an adequacy decision) or Binding Corporate Rules.

We keep personal data for as long as is necessary to:

• comply with our legal, tax, accounting, and other regulatory or reporting obligations or to assert or defend against legal claims or to enable us to enforce or exercise our rights;
• to provide our solutions, and to run and grow our business.

When determining the retention period for personal information, we consider the applicable legal, tax, accounting, and other regulatory or reporting requirements, the purposes for which we process the personal information, the type of personal information and the potential risk of harm from unauthorized use or disclosure.

If you ask us to delete personal information, object to our processing based on legitimate interests or withdraw consent, where our use of personal information is based on consent, we will delete personal information as appropriate in response to your request. Please see the section “What personal information rights may be available?” for more information.

Where we de-identify personal information so it is no longer reasonably likely to identify an individual (e.g. in order to use it to analyse, improve and develop our business and solutions) we may keep the information indefinitely.

If you would like to find out more about our retention periods for specific categories of personal information please email [email protected].

You have certain rights to know and control how information about you is collected and used. You can also complain about how your personal information has been handled by us. You will not receive discriminatory treatment if you exercise your rights or raise a concern. We prefer that you let us know about a concern so that we can look into it for you.

Information about the rights that may be available when an organisation processes personal information is set out below.

When processing customer data in the course of providing our solutions (e.g. Blue Prism Cloud), SS&C Blue Prism acts on the instructions provided by its customer. If you would like to know more about a customer’s processing of personal information using SS&C Blue Prism solutions, please contact the relevant customer directly. For any questions or concerns about our privacy practices or to submit a request to us, please email [email protected] or follow any specific instructions below.

• Know and access - Individuals have a right to request information about what personal information an organisation processes (which includes collecting, using, disclosing or selling of personal information) and ask for a copy of the personal information that relates to them. We do not sell personal information. To request further information about our policies and practices with respect to service providers that we use to process personal information outside of the country in which you are based, please email [email protected].
• Correct – Individuals can ask to have any inaccurate personal information corrected. You can update and correct your SS&C Blue Prism account information by logging in to your account.
• Delete – Individuals can ask an organisation to delete their personal information. We will delete personal information in response to a request only if it is not personal information that we are processing on behalf of a customer and we have no statutory obligation or overriding right to retain it. In some cases, fulling a request to delete personal information will mean that the individual can no longer use our solutions that require personal information (e.g. any solutions made available the SS&C Blue Prism portal as you need an account to access the portal).
• Restrict – Where you have concerns about the accuracy of personal information or how it is being used, you can ask an organisation to limit its use of your personal information.
• Stop marketing and/or object to processing – You have the right to object to processing that is based on legitimate interests and to stop receiving marketing communications from us. You can ask us to stop marketing by clicking on the unsubscribe link in the relevant marketing email from us.
• Portability – If the legal basis for processing personal information is consent or contract, you have the right to obtain a copy of the relevant personal information in a commonly-used format or ask that it is provided to another organisation if technically feasible.
• Withdraw consent – If consent is the legal basis for processing personal information, you have the right to withdraw consent at any time and free of charge. To withdraw consent to our use of cookies, please update your settings via our Cookies Policy.
• Complaints - If you would like to make a complaint about our use of your personal information please send details of your complaint, including the personal information it relates to, to [email protected]. We will investigate your complaint and respond as soon as we can, and within any statutory timeframes. If you are not satisfied with our response, you have the right to complain to a data protection authority about out collection and use of personal information. The UK data protection authority is the Information Commissioner’s Office (www.ico.org.uk) or you may contact your local data protection authority.
• No discrimination - Some data privacy laws (e.g. CCPA and HIPAA) include a right not to receive discriminatory treatment for the exercise of your privacy rights and we take this approach with all the requests we receive.

Before we provide you with information or delete information in response to a request, we will ask you to provide evidence of your identity so that we can verify that it is a genuine request (e.g. a recognized identification document or information about your account). An authorized agent can make a request to exercise your rights on your behalf by submitting a request to [email protected] with a signed authorization, which we may contact you to verify. In certain circumstances, we may decline a privacy rights request, such as where you are not a resident of one of the eligible countries or states or where we are unable to verify your identity.

Any website you visit may store on or retrieve information from your browser, mostly by using cookies. This information might be about your device, activities or preferences and is mostly used to make the site work effectively. The information does not usually directly identify you, but it can give you a more tailored experience. For information about the cookies we use or to manage your cookies please go to our Cookies Policy.

If you use the Digital Exchange to make purchases, the following privacy terms apply in respect of your payment.

SS&C Blue Prism does not collect or process your credit or debit card details. Instead, these details are collected and processed directly by our payment processing service provider, currently Stripe Payments Europe, Ltd (“Stripe”). For more information about how Stripe processes your personal information please see Stripe's privacy policy.

Stripe may periodically provide us with basic information regarding payments made via the Digital Exchange in order to assist Blue Prism to provide its solutions to you, and to facilitate us in reconciling our accounts.

We will never be able to access your credit or debit card information, however in some instances we may access basic information about your account activity held by Stripe so that we can effectively administer our service to you, and for the purposes of account reconciliation, including invoicing, payments, refunds, and the resolution of any conflicts between us that may occur.

You can contact us about privacy matters by emailing [email protected]

Blue Prism Limited (registered in England & Wales under company number 04260035) registered office 2 Cinnamon Park Crab Lane Warrington WA2 0XP, UK is the data controller of your personal information, although it may have been initially collected by affiliate, by a partner, customer or another organisation as explained in the section on “What personal information do we have and who provides it?”.