New Relic’s Notice of Certification Under the EU-U.S. Data Privacy Framework

 

October 10, 2023

At New Relic, we are committed to protecting your privacy. This Notice sets out the privacy principles we follow with respect to transfers of personal data from the European Union (“EU”), the United Kingdom (UK) and Switzerland to the United States, including personal data we receive from individuals residing in the EU, the UK and Switzerland who visit our web [and mobile sites or apps] and/or who use any of our services or otherwise interact with us (“you”).

We, and our other U.S. covered entity, New Relic Codestream, comply with the EU-U.S. Data Privacy Framework, the UK extension to the Data Privacy Framework, and the Swiss- U.S Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data transferred from the EU, the UK and Switzerland to the United States in reliance on the Data Privacy Framework. New Relic, Inc. has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles in respect of all personal data received from the EU and Switzerland in reliance on the EU-U.S. Data Privacy Framework, the UK extension to the Data Privacy Framework, and the Swiss-U.S Data Privacy Framework.

The U.S. Federal Trade Commission has jurisdiction over our compliance with the Data Privacy Framework.

For more information about the Data Privacy Framework generally, and to view our certification online, please visit: https://www.dataprivacyframework.gov/s/.

If there is any conflict between the terms in this Notice and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern.

Types of personal data we collect and use

The types of personal data we may receive in the United States, as well as the purposes for which we collect and use it, are set out in our General Data Privacy Notice.

Transfers to third parties

Information about the types of third parties to which we disclose personal data and the purposes for which we do so is described in our General Data Privacy Notice. Please note that New Relic remains liable for any onward transfers to third parties.

Disclosures for national security law or enforcement

Please note that under certain circumstances, New Relic may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Your right to access, limit use, and limit disclosure

You may have the right to access personal data that we hold about you and request that we correct, amend, or delete if it is inaccurate or processed in violation of the Data Privacy Framework. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of a third party. If you would like to exercise these rights, you can submit a written request to the contact information provided below. We may request specific information from you to confirm your identity.

Your rights

To find out more about the choices and means available to you for limiting the use and disclosure of your personal data, please see the section relevant to EEA individuals in the section entitled Your Choices and Data Protection Rights in our General Data Privacy Notice.

Inquiries and complaints. If you believe New Relic maintains your personal data within the scope of our Data Privacy Framework certification, you may direct any inquiries or complaints concerning our Data Privacy Framework compliance to:

By e-mail: Privacy@newrelic.com

Attn: Legal Department - Privacy Shield

New Relic, Inc.

188 Spear Street

Suite 1200

San Francisco, CA 94105

New Relic will respond within forty-five (45) days of receipt.

If we fail to respond within that time or if our response does not address your concern, you may contact JAMS, which provides an independent third-party dispute resolution body based in the United States by visiting this site: https://www.jamsadr.com/eu-us-data-privacy-framework. JAMS has committed to respond to complaints to provide recourse at no cost to you.

You may have the possibility to engage in binding arbitration through the Data Privacy Framework Arbitration Panel under certain circumstances. To find out more about the ’s binding arbitration scheme see Annex 1 of the EU- U.S. Data Privacy Framework Principles.

Changes to this notice

We reserve the right to Amend this Notice from time to time consistent with the Data Privacy Framework’s requirements.