Privacy Notice

Last modified February 26, 2016

OneLogin, Inc. (“OneLogin”, “We”, “Us”, or “Our”) is committed to protecting the privacy of your personal information while using our Web site (www.onelogin.com) and when using our on-demand support platform, tools and services offered on the Web site (the “Service”). OneLogin has established this Privacy Policy Statement to assist you to understand how we collect and use personally identifiable information if and when you use our Web site as a “Visitor” or provide information to us in connection with your use of the Service as a “Subscriber”. By using our Web site you are agreeing to the collection and use of personal information in the manner described in this Privacy Policy Statement. By registering for our Service, you are agreeing to the collection and use of personal information in the manner described in this Privacy Policy Statement and the OneLogin Terms of Service.

Does OneLogin participate in the Safe Harbor Program?

We self-certify compliance with:

OneLogin complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. OneLogin has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program and to view OneLogin’s certification, please visit http://www.export.gov/safeharbor

TRUSTe online privacy certification


The TRUSTe certification covers only our collection, use and disclosure of information we collect through our website: www.onelogin.com and our service platform associated with this website and does not cover information that may be collected through our mobile applications and through downloadable software. In order to view our relationship with TRUSTe please visit the validation page visible by clicking on the TRUSTe Seal. The use of information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged OneLogin. If you have questions or complaints regarding our Privacy Policy or practices, please contact us at privacy@onelogin.com. If you are not satisfied with our response you can contact TRUSTe here.

What information does OneLogin collect?

How does OneLogin use my information?

OneLogin may use the collected personal information and other information OneLogin collects about your use of the Service to operate and make the Service available to You, for billing, identification and authentication, to contact you about your use of the Service, research purposes, and to generally improve the content and functionality of the Web site and the Service. OneLogin will also use the collected personal information to send you periodic newsletters.

How can I access and update my information?

Data collected by OneLogin: If your personal information changes, or if you no longer desire to use the Service, you may correct, update, delete or deactivate it by making the change within the Service or by emailing Customer Success at support@onelogin.com. We will respond to your request within 3 business days. OneLogin will retain your information for as long as your account is active or as needed to provide you the Service and to comply with our legal obligations, resolve disputes, and enforce our agreements.

Data collected by Subscribers on behalf of their users: OneLogin has no direct relationship with the end users that are part of a Service Subscription plan. An end user who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to their designated Client Administrator (the data controller). The Client Administrator can modify your account information at any time in the Service’s Account settings or by contacting our Customer Success Team. If the Client Administrator requests OneLogin to remove the data, we will respond to their request within 30 business days.

We will retain end user information for as long as the Subscription is active, the Client Administrator requests the deletion of the same, or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. There might be some latency in deleting archived subscription data from our systems after it’s removed from Production. Although OneLogin owns the software, code, databases, and all rights to the Web site and the Service, the Visitors and Subscribers, respectively, retain all rights and accountability for the data held by OneLogin on their behalf.

Does OneLogin share information with third parties?

OneLogin uses a third party intermediary to perform credit card processing when registering for the paid Subscription plans of the Service. This intermediary is not permitted to store, retain, or use your billing information except for the sole purpose of credit card processing on OneLogin’s behalf.

OneLogin may also transmit personal information to its third party vendors and the hosting partners that provide the necessary hardware, software, networking, storage, and other technology and maintenance services required to operate and maintain the Web site and the Service. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our Clients. This may require that your personal information be transferred from Your current location to the offices and servers of OneLogin and these authorized third parties.

Does OneLogin share the information I provide?

Except as described in this policy, OneLogin will not give, sell, rent, share or loan any personal information to any third party other than as outlined in this policy.

How does OneLogin protect my information?

OneLogin maintains reasonable security measures to protect your information from loss, destruction, misuse, unauthorized access or disclosure. These technologies help ensure that your data is safe, secure, and only available to you and to those you provided authorized access. When you enter sensitive information (such as your login information) on our Web site or connect to our Service, we encrypt the transmission of that information using Transport Layer Security (TLS). However, no data transmission over the Internet or information storage technology can be guaranteed to be 100% secure. If you have any questions about security on our Web site, you can contact us at privacy@onelogin.com.

Can I opt out?

You may set your browser to block all cookies, including cookies associated with our Service. Users who disable their browsers’ ability to accept cookies will be able to browse our Web site, but will not be able to access or take advantage of the Service.

You can also opt out of our newsletters and surveys and you may follow the unsubscribe/opt out instructions contained in each of those communications.

How will you notify me of changes to this policy?

OneLogin may update this policy from time to time. You can review the most current version of this Privacy Policy at any time at http://www.onelogin.com/privacy. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. Your only remedy, if you do not accept the terms of this Privacy Policy, is to discontinue use of the Site and Service.

Contact Us

If you have any questions regarding this Privacy Policy you may contact us at privacy@onelogin.com or via postal mail at:

OneLogin, Inc.
150 Spear Street
Suite 1400
San Francisco, CA 94105