General Data Privacy Notice

We may collect offline or online data, such as contact and financial information, from you directly, automatically, or from third parties, such as data aggregators, that may not have a relationship with you.

a. Personal Data Categories

b. Personal Data we collect directly from you includes contact, financial and billing, event visitor, community profile, and office visitor information, as well as pictures, videos and audio recordings, and data we collect automatically, which includes device and geographic information.

If you provide to us or to our service providers any Personal Data relating to other individuals or third parties (such as your beneficiaries, references for job candidates, or referrals for the purposes of collaboration within the New Relic platform), you represent that you have the authority to do so and permit us to use the Personal Data in accordance with this General Privacy Notice. If you would like to exercise your rights relating to your Personal Data, please see Section 9 (Your Choices and Data Protection Rights).

If you are that beneficiary or any other third party whose Personal Data was provided to New Relic on your behalf and with your consent, and you would like to exercise your rights relating to your Personal Data, please see Section 9 (Your Choices and Data Protection Rights).

c. We may collect the following types of Personal Data about you from third parties that supply us with Personal Data in order to help us establish an account, target our marketing, or fulfill orders in partnership with our resellers.

Our third party company relationships help us to update, expand, and analyze our Personal Data records, identify new customers, optimize our Sites and Services, create more tailored advertising to provide services that may be of interest to you, and manage open source projects.

Personal Data that we collect from third party sources include:

We have checked that these third parties have an appropriate legal basis to provide us this Personal Data, such as your consent, a legitimate business interest, or are otherwise legally permitted or required to disclose your Personal Data.

New Relic uses your Personal Data for the following purposes:

• manage the security of our Sites, physical locations, networks, and systems
• operate, administer, analyze, develop, improve and optimize the use, function and performance of our Sites, Services, New Relic Separate Platforms and systems
• comply with applicable laws and regulations and to operate our business
• to manage code check-ins and pull requests for open source and community development projects

• engage in transactions with customers, suppliers and business partners and to process orders for New Relic Services
• to provide New Relic Services, New Relic Separate Platforms, survey tools, payment processing services, or the certificate creation tool for New Relic University

• conduct research you agree to participate in or reach out to you to discuss any feedback you may submit, through meetings, surveys, or other tools
• respond to your queries and provide you with information and promotional material on New Relic when you initiate a webchat

• tailor our marketing and sales activities to your company’s interests and in accordance with your communication preferences and your requests for information and to be contacted by New Relic
• tailor the purchase of Services
• for purposes of targeted advertising, delivering relevant email content and event promotion
• to link or combine information about you with other Personal Data we get from third parties, to help understand your needs and provide you with better and more personalized service
• by creating anonymous data records from Personal Data in accordance with applicable law.

New Relic may disclose your Personal to

a. Third party service providers. We engage with third parties to support our business and operations. For example some third party service providers offer services that we use to provide the Services, Sites, and New Relic Separate Platforms, such as cloud providers. New Relic remains liable for any onward transfers to third parties.

b. Event sponsors and hosts. If you elect to do so, we may share Personal Data collected at New Relic events, such as FutureStack or New Relic’s seminars, with sponsors and hosts of such events, for valuable consideration from such sponsor or host to New Relic. Such sponsor or host may use it for their business or commercial purposes in accordance with their own privacy notices.

c. Business partners. We contract with business partners, such as third party resellers, for our commercial purposes. For instance, if you fill out a form on our Sites, such as by signing up for a free New Relic account, ebook or webinar, or if you reach out to our Sales team, you may be contacted by a designated New Relic partner.

d. Comply with our legal obligations. Where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person, we may disclose your Personal Data in response to lawful requests by a public authority, including any competent law enforcement body, regulatory, government agency, court or other third party, including to meet national security or law enforcement requirements.

e. New Relic entities. We may share your Personal Data within New Relic, such as with or between subsidiaries of New Relic, Inc. We and our subsidiaries will only use the information as described in this notice.

f. Actual or potential buyers. In connection with any actual or proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer (and its agents and advisors) it must use your Personal Data only for the purposes disclosed in this General Privacy Notice.

g. Other person(s). Where you provide consent to the disclosure or as allowed by applicable data protection law, we may share your information as described at the time of consent.

We will process your Personal Data and share that Personal Data in accordance with this Privacy Notice where:

• Its use is necessary for a contract you have entered into or because you have asked for something to be done so you can enter into a contract with us
• Its use is necessary because of a legal obligation that applies to us (except an obligation imposed by a contract). This may include responding to subpoenas, warrants or other requests served on New Relic anywhere in the world or to protect or defend the rights or property of New Relic or its users
• You have consented to its use in a specific way. For example where you have consented to receiving marketing materials. You may withdraw your consent at any time as further described in Section 9 (Your Choices and Data Protection Rights
• Its use is in accordance with our legitimate interests e.g. to manage our business, subject to those interests not overriding your fundamental rights and freedoms. This may include the activities and purposes described in Section 4 (How We Use Your Personal Data) and Section 5 (How We Share Your Personal Data). In connection with due diligence efforts as part of a proposed sale, merger, or reorganization of our business or after a sale, merger, or reorganization

  If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).

If you are located in the European Economic Area (EEA), Switzerland, and/or the United Kingdom (UK) your Personal Data will be accessed by New Relic staff or suppliers, transferred, and/or stored outside the EEA, Switzerland and/or the UK.

We take appropriate safeguards to require that your Personal Data will remain protected in accordance with this General Data Privacy Notice and as required by applicable data protection law, including: (i) requiring that our third-party service providers and partners employ an adequate method of transfer, such as the European Commission’s Standard Contractual Clauses (further details of which can be provided upon request). Additionally, New Relic complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. New Relic has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. New Relic has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. New Relic is subject to the investigation and enforcement powers of the U.S. Federal Trade Commission. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. In compliance with the EU- U.S. DPF (and the UK Extension to the EU- U.S. DPF) and the Swiss- U.S. DPF, New Relic commits to resolve DPF Principles-related complaints about our collection and use of your personal data. Individuals from the EU, Switzerland and the UK with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact New Relic as set out at Section 9 (c) of this Privacy Notice:

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, New Relic commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-data-privacy-framework for more information or to file a complaint. The services of JAMS are provided at no cost to you. Additionally,you may have the possibility to engage in binding arbitration through the Data Privacy Framework Arbitration Panel under certain circumstances. To find out more about the Data Privacy Framework’s binding arbitration scheme, see Annex 1 of the EU- U.S. Data Privacy Framework Principles.

a. When it comes to your marketing choices, we offer you choices regarding the collection, use, and sharing of your Personal Data. We will periodically send you newsletters and emails that directly promote the use of our Sites or the purchase of our Services (marketing and/or sales communications) as the following applies : (i) in accordance with your marketing preferences, (ii) if you sign up for a New Relic account or other content, (iii) request to be contacted by New Relic and/or if you request information from New Relic.

You can opt out of receiving marketing communications from us at any time by clicking (1) the 'unsubscribe' or ‘opt out’ link at the bottom of the marketing emails you receive, (2) adjusting your email preferences provided here, or (3) by sending an email to Privacy@newrelic.com. Please note that it may take up to three days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request. Your email preferences only affect marketing communications. You will not be able to opt out of service related emails from us, such as, e.g., transactional emails, or notices of updates to our Terms of Service, Services Privacy Notice, or this General Privacy Notice.

Should you decide to opt-out of receiving future mailings, we will retain a record of your preference (including retaining your email address) and we may share your email address with third parties solely for the purpose of ensuring that you do not receive further marketing communications related to our Services from third parties.

b. We apply certain data protection rights to all individuals (including individuals covered by the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF), regardless of location. Specifically, you may correct or update Personal Data contained in your account by editing your profile within the registration portion of our Sites or sending an email to Privacy@newrelic.com. You may also request we delete your account information by completing this form, if you have an account, or by sending an email to Personaldatarequests@newrelic.com. If you would like to remove your Personal Data from a Site testimonial or our blog you can send an email to Personaldatarequests@newrelic.com.

When you reach out to us, we will endeavor to respond without delay in accordance with applicable data protection laws. We may need to ask you additional clarifying questions in order to accurately respond to your request and to verify you are making the request in respect of your own Personal Data.

With respect to deletion requests, we may be required (by law or otherwise) to keep Personal Data and not remove it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). We will let you know if we are unable to comply with this request and the reasons why.

c. EEA & the United Kingdom

In addition to the rights to correct, update, or request to delete Personal Data outlined above, persons located in the EEA or the United Kingdom have some additional data protection rights under EEA and UK data protection laws.

These rights include the right to find out if we use your Personal Data, or to access your Personal Data.

Also, you can object to the processing of Personal Data we process on the basis of our legitimate business interests, ask us to restrict processing, or request portability of your Personal Data.

Where we have collected and processed your Personal Data on the basis of consent, you can withdraw your consent at any time. You should note that withdrawing your consent will not affect the lawfulness of any processing we conducted prior to the withdrawal, nor will it affect the processing of your Personal Data where we relied on lawful bases other than consent.

You have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.

If you are an EEA or UK individual (including any individual covered by the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF) and have a New Relic account, you can exercise your access right by completing this form. If you do not have a New Relic account, and want to exercise your access right or any of the other rights outlined in this Section and would like to make any of these requests, please submit your request to Privacy@newrelic.com.

d. California

New Relic provides services to businesses and complies with the applicable provisions of the California Consumer Privacy Act. If you are a California resident, please see our California Privacy Notice.

e. Nevada

If you are a resident of Nevada, you have the right to submit a request that we do not sell to third parties certain types of personal information that we have collected or will collect about you. You can exercise this right by contacting us at privacy@newrelic.com with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address. Please note that we do not currently sell your personal information as the term “sale” is defined in Nevada Revised Statutes Chapter 603A.

If you have any questions about New Relic’s privacy practices, you can contact us as described in Section 16 (How to Contact Us)

If you are a Virginia resident, you have some additional data protection rights. under the Virginia Consumer Data Protection Act, in addition to the rights to correct, update, or request to delete Personal Data outlined above.

You can request that we confirm if we actually process your Personal Data and request access to such Personal Data. You have the right to request a portable copy of the Personal Data that you provided to us. You have the right to opt out of the processing of the Personal Data for purposes of targeted advertising, the sale of Personal Data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. Please note that New Relic does not “sell” your Personal Data as the term “sale” is defined in the Virginia Consumer Data Protection Act. New Relic engages in targeted advertising as that term is defined under the Virginia Consumer Data Protection Act. This means that New Relic may disclose Personal Data for targeted advertising in line with your choices.

You have the right to opt out of the sale of your Personal Data.

You may opt out of the disclosure of your Personal Data for targeted advertising by clicking on the Your Privacy Choices tab on www.newrelic.com or by contacting us at privacy@newrelic.com with the subject line “Virginia Do Not Disclose My Data for Targeted Advertising”. You have the right not to be discriminated against based on exercising your data protection rights, and we do not discriminate against any individual for doing so. In order to protect your Personal Data from unauthorized access, we may require you to verify your credentials before you can submit a data protection request. If you do not have an account with us, or if we suspect that your account has been accessed without your authorization, we may ask you to provide additional personal information for verification purposes.

If we refuse to take action on a data protection request that you have made, you may appeal our decision within a reasonable period of time by contacting us at privacy@newrelic.com and specifying that you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to the Virginia Attorney General at the following address https://www.oag.state.va.us/consumer-protection/index.php/file-a-complaint.

If you have any questions about New Relic’s privacy practices, you can contact us as described in Section 16 (How to Contact Us)

g. Colorado

If you are a Colorado resident, you have some additional data protection rights under the Colorado Consumer Privacy Act, in addition to the rights to correct, update, or request to delete Personal Data outlined above.

You can request that we confirm if we actually process your Personal Data and request access to such Personal Data. You have the right to request a portable copy of the Personal Data that you provided to us. You have the right to opt out of the processing of the Personal Data for purposes of targeted advertising, the sale of Personal Data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. Please note that New Relic does not “sell” your Personal Data as the term “sale” is defined in the Colorado Consumer Privacy Act. New Relic engages in targeted advertising as that term is defined under the Colorado Consumer Privacy Act. This means that New Relic may disclose Personal Data for targeted advertising in line with your choices.

You may opt out of the disclosure of your Personal Data for targeted advertising by clicking on the Your Privacy Choices tab on www.newrelic.com or by contacting us at privacy@newrelic.com with the subject line “Colorado Do Not Disclose My Data for Targeted Advertising”. In order to protect your Personal Data from unauthorized access, we may require you to verify your credentials before you can submit a data protection request. If you do not have an account with us, or if we suspect that your account has been accessed without your authorization, we may ask you to provide additional personal information for verification purposes.

If we refuse to take action on a data protection request that you have made, you may appeal our decision within a reasonable period of time by contacting us at privacy@newrelic.com and specifying that you wish to appeal. Within 45 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to the Colorado Attorney General by following the instructions here: https://complaints.coag.gov/s/contact-us.

If you have any questions about New Relic’s privacy practices, you can contact us as described in Section 16 (How to Contact Us)

h. Connecticut

If you are a Connecticut resident, you have some additional data protection rights under the Connecticut Data Privacy Act in respect of Personal Data that we collect and/or process on you, which are in addition to the rights to correct, update, or request to delete such Personal Data as outlined above.

You can request that we confirm if we actually process your Personal Data and request access to such Personal Data. You have the right to request a copy of your Personal Data processed by us in a portable and, to the extent technically feasible, readily usable format where the processing is carried out by automated means subject to applicable restrictions. You have the right to opt out of the processing of the Personal Data for purposes of targeted advertising, the sale of Personal Data, or profiling in furtherance of solely automated decisions that produce a legal or other significant impact concerning the consumer. Please note that New Relic does not “sell” your Personal Data as the term “sale” is defined in the Connecticut Data Privacy Act. New Relic engages in targeted advertising as that term is defined under the Connecticut Data Privacy Act. This means that New Relic may disclose Personal Data for targeted advertising in line with your choices.

You may opt out of the disclosure of your Personal Data for targeted advertising by clicking on the Your Privacy Choices tab on www.newrelic.com or by contacting us at privacy@newrelic.com with the subject line “Connecticut Do Not Disclose My Data for Targeted Advertising”. In order to protect your Personal Data from unauthorized access, we may require you to verify your credentials before you can submit a data protection request. If you do not have an account with us, or if we suspect that your account has been accessed without your authorization, we may ask you to provide additional personal information for verification purposes.

If we refuse to take action on a data protection request that you have made, you may appeal our decision within a reasonable period of time by contacting us at privacy@newrelic.com and specifying that you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to the Connecticut Attorney General by following the instructions here: https://portal.ct.gov/AG/Common/Complaint-Form-Landing-page.

If you have any questions about New Relic’s privacy practices, you can contact us as described in Section 16 (How to Contact Us)

i. If you are a Utah resident, you have some additional data protection rights under the Utah Consumer Privacy Act in addition to the right to delete Personal Data outlined above.

You can request that we confirm if we actually process your Personal Data and request access to such Personal Data. You have the right to request a portable copy of the Personal Data that you provided to us. You have the right to opt out of the processing of the Personal Data for purposes of targeted advertising and the sale of Personal Data. Please note that New Relic does not “sell” your Personal Data as the term “sale” is defined in the Utah Consumer Privacy Act. New Relic engages in targeted advertising as that term is defined under the Utah Consumer Privacy Act. This means that New Relic may disclose Personal Data for targeted advertising in line with your choices.

You may opt out of the disclosure of your Personal Data for targeted advertising by clicking on the Your Privacy Choices tab on www.newrelic.com or by contacting us at privacy@newrelic.com with the subject line “Utah Do Not Disclose My Data for Targeted Advertising”. In order to protect your Personal Data from unauthorized access, we may require you to verify your credentials before you can submit a data protection request. If you do not have an account with us, or if we suspect that your account has been accessed without your authorization, we may ask you to provide additional personal information for verification purposes.

If you have any questions about New Relic’s privacy practices, you can contact us as described in Section 16 (How to Contact Us)

j. Australia Supplemental Data Protection Law Disclosures. New Relic will process Personal Data under this General Data Privacy Notice in accordance with the Australian Privacy Act 1988 and the Australia Privacy Principles. If you are an Australian resident and you are dissatisfied with our handling of a data subject right request or a complaint, you can always contact us at Privacy@newrelic.com. If you disagree with the resolution proposed by us, you may make a complaint to the Office of the Australian Information Commissioner (“OAIC”) by contacting the OAIC using the methods listed on their website http://www.oaic.gov.au.