Salesforce maintains a dedicated privacy documentation section that describes how personal information is collected, used, and protected across Salesforce services.
This analysis describes what Salesforce's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Privacy documentation governs how Salesforce handles personal data belonging to customers, website visitors, and individuals whose data is processed through Salesforce products, which is directly relevant to data rights and compliance obligations.
Interpretive note: The operative privacy terms are in a linked sub-document not reproduced here; the specific data handling practices, retention periods, and rights mechanisms cannot be assessed from this index page.
The privacy documentation section is where users and organizations can find information about what personal data Salesforce collects, how it is used, and what rights individuals have to access, correct, or delete their data. Reviewing this documentation is essential for understanding how your personal information is handled.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
Monitoring
Salesforce has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Find resources and documentation on how Salesforce protects you and your information.— Excerpt from Salesforce's Salesforce Terms of Service
(1) REGULATORY LANDSCAPE: Salesforce's privacy documentation engages GDPR (for EU/EEA data subjects), CCPA and CPRA (for California residents), and potentially other applicable data protection laws depending on the jurisdiction of the data subjects involved. The EU Data Act reference elsewhere on this page adds an additional layer of data rights for EU customers. Enforcement authorities include EU data protection authorities for GDPR matters and the California Privacy Protection Agency and State AG for CCPA/CPRA matters. (2) GOVERNANCE EXPOSURE: Medium. The page points to a privacy documentation section without reproducing the operative privacy terms. Organizations that are Salesforce customers and process personal data through Salesforce products need to assess both Salesforce's privacy policy as it applies to their own relationship with Salesforce and the data processing terms that govern how Salesforce handles data belonging to the customer's end users. (3) JURISDICTION FLAGS: EU/EEA organizations face GDPR obligations and must ensure an appropriate legal basis and data processing agreement is in place with Salesforce. California-based organizations must assess CCPA/CPRA service provider obligations. Organizations in sectors such as healthcare should assess whether any personal health information processed through Salesforce products is subject to HIPAA. (4) CONTRACT AND VENDOR IMPLICATIONS: Privacy documentation alone is insufficient for GDPR compliance; organizations must have a data processing agreement with Salesforce that meets GDPR requirements. Procurement teams should verify that the applicable data processing addendum is executed and current before processing personal data through Salesforce services. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should review Salesforce's full privacy policy, obtain and review any applicable data processing addendum, map personal data flows into and out of Salesforce systems, and ensure data subject rights request processes account for data held by Salesforce. Annual review of these documents is advisable given the pace of regulatory change.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Privacy documentation governs how Salesforce handles personal data belonging to customers, website visitors, and individuals whose data is processed through Salesforce products, which is directly relevant to data rights and compliance obligations.
The privacy documentation section is where users and organizations can find information about what personal data Salesforce collects, how it is used, and what rights individuals have to access, correct, or delete their data. Reviewing this documentation is essential for understanding how your personal information is handled.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Salesforce.