Okta

Looking for Okta Logos?

You can find all the media assets you need as part of our press room.

Download Media Assets

Effective Date: June 13, 2017

Introduction

Okta, Inc. ("Us," "We," "Our," "Okta," or the "Company") is committed to protecting the privacy of individuals who visit the Company’s Web sites (“Visitor(s),” “You,” and derived adjective “Your”), individuals who register to use the Service as defined below (“Customers”), and individuals who register who attend the Company’s corporate events (“Attendees”). This Privacy Statement describes Okta's privacy practices with regards to its Web sites and the related services and applications offered by Okta (collectively, the “Service”).

If You have questions or complaints regarding Okta’s Privacy Statement or practices, please contact Us at [email protected].

Okta complies with the U.S. – Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from Switzerland. 

Web Sites Covered

Okta has established this Privacy Statement to help You to understand how Okta collects and uses personally identifiable information. This Privacy Statement covers the information practices of Web sites that link to this Privacy Statement, including, but not limited to http://www.okta.com, http://www.identityis.com, and http://www.oauth.com.

Okta's Web sites may contain links to other Web sites. Okta is not responsible for the information practices or the content of such other Web sites. The Company encourages You to review the privacy statements of other Web sites to understand their information practices.

Information Collected by Okta

Okta does not collect email addresses from the Okta commercial, fee-based production services for which we sell subscriptions (collectively, the “Service”) for marketing use. Okta does collect information from Visitors. This information is collected in accordance with this Privacy Statement, from sources that include but are not limited to content syndication, Web site registration forms, webinar registration forms and conferences.

Personal Information You Provide to Us. Okta collects information from Visitors to the Okta Web sites and Customers of the Service. Okta receives and stores any information entered when expressing an interest in obtaining more information about the Service or registering to use the Service. When Visitors expresses an interest in obtaining information about the Service or registering to use the Service on Okta’s Web sites, Okta may require Visitors to provide personal contact information, such as name, company name, address, phone number, email address, and any other information necessary for Us to provide Visitors with access to the various aspects of the Services (collectively, “Personal Information”). The Personal Information Visitors provide may be used for such purposes as answering questions, improving the content of the Web sites, customizing the content, and communicating with Visitors about Okta's Service, including specials and new features.

Personal Information Collected Automatically. As Visitors navigate or interact with Okta's Web sites, Okta may also automatically collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons.

Other Third Party Tracking

Okta engages third parties, which use Web beacons, images, and scripts, to help better manage content on Okta’s Web sites. Okta does not provide Personal Information to the third parties but may tie the information gathered from third party tracking to Visitors’ Personal Information for marketing purposes.

  1. Cookies:

    Okta uses cookies to make interactions with the Web sites easy and meaningful. When a Visitor interacts with the Web sites, Okta's servers send a cookie to the Visitor’s computer. Standing alone, cookies do not personally identify the Visitor;they merely recognize the visitor’s Web browser. Unless the Visitor chooses to identify themself to Okta, either by responding to a promotional offer, opening an account, or filling out a Web form, Okta has no way to associate this cookie data with the Visitor’s Personal Information.

    For the Web sites, Okta uses cookies that are session-based. Session cookies exist only during one session. They disappear from the Visitor’s computer upon closing their browser software or turning off their computer.

    Most browsers have an option for turning off cookies, which will prevent the browser from accepting new cookies, as well as (depending on the sophistication of the browser software) allowing the Visitor to decide on acceptance of each new cookie in a variety of ways.

    Okta's Web sites connect Visitors to third party services, with whom Okta partners with to provide the relevant content. The use of cookies by Okta’s partners is not covered by Okta’s Privacyy Statement. Okta does not have access or control over these cookies. Okta’s partners use session ID cookies to manage a Customer's connection to the partner's service.

  2. Web Beacons:

    Okta uses Web beacons alone or in conjunction with cookies to compile information about Visitors’ usage of the Web sites, interaction with emails from Okta, and to operate and improve the Web sites. Web beacons are invisible electronic images that can recognize certain types of information on a Visitor’s computer, such as (1) cookies, (2) the time a particular Web site is viewed to the Web beacon, or (3) a description of a Web site tied to the Web beacon.

  3. IP Addresses and Browser Information:

    When a Visitor interacts with the Web sites, Okta collects their Internet Protocol ("IP") address(es), browser information and operating system to track and aggregate non-personal information. For example, Okta uses IP addresses to monitor the regions from which Visitors navigate the Web site, and for marketing purposes.

  4. Other Third Party Tracking:

    Okta engages third parties, which use web beacons, images, and scripts, to help better manage content on Okta's Web sites. Okta does not provide Personal Information to the third parties but may tie the information gathered from third party tracking to our Visitors' Personal Information for marketing purposes.

Use of Cookies by Okta

Cookies are small text files placed on an individual’s computer by sites that the individual has visited. They are used to make Web sites work more effectively and efficiently. Cookies may also provide information to the owner of a Web site. No Personal Information is stored within them; however, full details are below to describe the cookies Okta and its service providers use, and to explain why they are used.

On this page, We provide a list of all the cookies and services that may set cookies on Your device. We also provide links to each of the third-party services' privacy policies and optout information. Not all third party services provide information to opt out of their cookies. If You do not wish to have cookies set on Your device for any reason, You may opt out of all cookies via Your browser.

Performance Cookies

These cookies help Us understand how Visitors interact with our Web sites by providing information about the areas visited, the time spent on the Web site, and any issues encountered, such as error messages. This helps us improve the performance of our Web sites.

Cookies

Name

Purpose

Cookies/Privacy Policy Link

Google Analytics

 

  • _utma
  • _utmb
  • _utmc
  • _utmz

Google Analytics cookies are used to collect information about how Visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of Visitors to the site, where Visitors have come to the site from, and the pages they visited. Opt Out

Privacy Policy

Optimizely

 

  • optimizely Buckets
  • optimizely EndUserId
  • optimizely Segments

 

Optimizely uses cookies to identify a Visitor's browser and track Web site usage while on a partner site. The cookies come from partner website domains and from our log subdomain. You can reset your web browser's cookies to clear these cookies. For more information, see Optimizely's full privacy policy. Opt Out

Privacy Policy

Bizible

 

  • _biz_acctSettingsA
  • _biz_ctA
  • _biz_EventA
  • _biz_frmA
  • _biz_nA
  • _biz_PendingA
  • _biz_sid
  • _biz_uid

 

Bizible Marketing Analytics is a plug-in that helps companies make decisions by connecting marketing and sales data together.

Privacy Policy

Formisimo.com

 

  • formisimosession

 

Formisimo is a web analytics tool that helps Web site owners understand how their visitors interact with forms. Formisimo collects aggregated anonymous information and it reports Web site trends without identifying individual Visitors. Formisimo uses a single cookie within a session to determine how Visitors progress through a form. The cookie will expire when a Visitor closes their browser window.

Privacy Policy

New Relic Inc.

 

  • JSESSIONID

 

The JSESSIONID cookie is used to store a session identifier so that New Relic can monitor session counts for an application. The cookie value is generated by Jetty. JSESSIONID is a session cookie that is deleted when the browser closes.

Privacy Policy

Targeting or Advertising Cookies

Targeting and Advertising Cookies are used for marketing purposes.

You may opt out of behaviorally-targeted ads anytime by deleting your browser's cookies. You can also prevent some targeted ads by submitting opt outs to these companies: http://preferences-mgr.truste.com

Additionally, You may opt out of cookies from targeting or advertising services here: http://www.youronlinechoices.com/uk/your-ad-choices

Cookies

Name

Purpose

Cookies/Privacy Policy Link

Okta

 

  • _okta_trk
  • _okta_dom
  • _okta_cvent

These cookies allow Okta to deliver different content based on your Visitor status and provide extra functionality.

Privacy Policy

AdRoll (Semantic Sugar)

 

  • _arV4

AdRoll provides interest-based advertisements to show our ads on other Web sites. The technology to do this is made possible by cookies and as such we may place a so called “remarketing cookie” during your visit. The whole process is entirely anonymous. Opt Out

Privacy Policy

DoubleClick by Google

 

  • id

 

DoubleClick uses cookies to improve advertising. Some common applications are to target advertising based on what’s relevant to a Visitor, to improve reporting on campaign performance, and to avoid showing ads the Visitor has already seen. DoubleClick cookies contain no Personal  Information. Sometimes the cookie contains an additional identifier that is similar in appearance to the cookie ID. This identifier is used to identify an ad campaign to which a Visitor was exposed previously; but no Personal Information is stored by DoubleClick in the cookie. Opt Out

Privacy Policy

Third Party Services

We use some third-party services. These third-party services may place cookies on Your device to gather, for example, usage information and session preferences. We do not have control over the cookies these third-party services may set in order to make their service run properly or the cookies they may set to collect usage data and preferences.

Cookies

Name

Purpose

Cookies/Privacy Policy Link

Vimeo (player)

 

Vimeo sets a number of cookies on any page that embeds a Vimeo video. While we have no control over these cookies, they may include a mixture of pieces of information to measure the number and behavior of Vimeo viewers, to hold information about current viewing video settings as well as a personal identification token, if you are logged into Vimeo.

Privacy Policy

Google Inc. (maps)

 

  • _biz_acctSettingsA
  • _biz_ctA
  • _biz_EventA
  • _biz_frmA
  • _biz_nA
  • _biz_PendingA
  • _biz_sid
  • _biz_uid

 

Google sets a number of cookies on any page that includes a Google Map. While we have no control over the cookies set by Google, they may include a mixture of pieces of information to measure the number and behavior of Google Maps users. Opt Out

Privacy Policy

IP2Location

 

  • ip2l

 

IP2Location is a geo IP solution to help Web developers identify a Visitor's geographical location – i.e., country, region, city, latitude, longitude, ZIP code, time zone, connection speed, ISP and domain name, IDD country code, area code, weather station code and name, using a proprietary IP address lookup database and technology.

Privacy Policy

MaxMind

 

  • ip2l_c

 

MaxMind uses GeoIP intelligence to deliver services including content personalization, ad targeting, traffic analysis, digital rights management.

Privacy Policy

caniuse.com

 

 

"Can I use" provides up-to-date browser support tables for support of front-end web technologies on desktop and mobile web browsers. This widget may set Google Analytics cookies to track usage.

 

influitive

 

  • _influitive_app_session

 

Influitive AdvocateAnywhere cookies are used to track the current Visitor submitting challenge responses to AdvocateHub. It does not record any information about a Visitor's browser or location. The cookie is used to track when a member of the hub completes a challenge. If the Visitor returns to the Web site, the service will have retained data indicating  what challenges were previously completed. No Personal Information is tracked unless a Visitor inputs their name and email address when completing a challenge.

Privacy Policy

Social Sharing

Our Web site includes social media features, such as the Facebook “Like” button, the LinkedIn button, Twitter button, and the “Share This” widget. These features may collect Your IP address and information regarding the page(s) that You are visiting on Okta’s Web sites, and may set a cookie to enable the feature at issue to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Web sites. Your interactions with a particular  feature are governed by the applicable privacy policy of the company providing such feature.

Cookies

Name

Purpose

Cookies/Privacy Policy Link

Twitter

 

  • guest_id

We use Twitter share buttons on this Web site. Twitter may use cookies to better understand how you interact with their services, to monitor aggregate usage by Twitter users and web traffic routing to their services. You can remove or block cookies using the settings in your browser, but in some cases, this may impact your ability to use Twitter.

Privacy Policy

LinkedIn

 

  • bscookie

Some of our pages use sharing buttons or other features from LinkedIn, a social media network. LinkedIn may set cookies for this service.

Privacy Policy

Opt Out of All Cookies

Below are instructions on how to opt out of all cookies via Your web browser. Please note this will impact all Web sites you frequent and not just www.okta.com.

Chrome: Opt Out

Explorer: Opt Out

Firefox: Opt Out

Safari: Opt Out

Other browsers: Please refer to your browser options for further information.

Use of Information Collected

Okta may occasionally run contests or other special promotions on the Web sites, in which Visitors are invited to participate, and in connection with such activities, Okta may ask Visitors to submit contact information (for example, an e-mail address) or demographic information (for example, their zip code, employing industry, or country of residence). Okta may use the data collected in these contests and promotions to send promotional material about Okta or our partners to the Visitor who submitted such information. Contact information collected from these contests and promotions may be used to administer the contest and notify winners and contact Visitors when necessary.

Except as described in the Privacy Statement, Okta will not give, sell, rent, or loan any identifiable Personal Information to any third party, without a Visitor’s prior consent. Okta may disclose such information to respond to subpoenas, court orders, or legal process, or to establish or exercise its legal rights or defend against legal claims. Okta may also share such information if the Company believes it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Okta’s terms of service or other, related contract terms, or as otherwise required by law. Okta may also provide non-personal, summary or group statistics about Okta’s Customers, sales, traffic patterns, and related Service information to reputable third-party vendors, but such statistical data will not include Personal Information.

If Okta is involved in a merger, acquisition, or sale of all or a portion of its assets, Visitors will be notified via a prominent notice on Okta’s Web site of any change in ownership or uses of Personal Information, as well as any choices Visitors may have regarding their Personal Information.

Protection of Information

Okta’s Web sites offer publicly accessible blogs and community forums. Any information provided in these areas may be read, collected, and used by others who access them.

Okta’s Web sites includes social media features, such as the Facebook and Twitter buttons, and certain widgets, such as the “share this” button or interactive mini-programs that run on the Web site. These features may collect a Visitor’s IP address, data regarding the page(s) each Visitor visits on the Web site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on Okta’s Web site. A Visitor’s interactions with these features are governed by the privacy policy of the company providing it. Okta has no direct relationship with the individuals whose Personal Information it processes.

Okta will retain Personal Information it processes on behalf of Visitors for as long as needed to provide Web site services to Visitors.  Okta will retain and use this Personal Information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Okta may amend or update this Privacy Statement from time to time. The most current version of this Privacy Statement at any time shall be posted online at http://www.okta.com/privacy. Use of information collected is subject to the Privacy Statement in effect at the time such information is used. If Okta makes material changes in the way it uses Personal Information, it will notify Visitors by posting an announcement on the Web sites or sending an email prior to the change becoming effective. A Visitor’s continued use of the Okta Web sites following any such change constitutes agreement to be bound by such changes to the Privacy Statement. The only remedy, if a Customer does not accept the terms of this Privacy Statement, is to discontinue use of the Okta Web sites.

Access to Personally Identifiable Information

Customers may update their Personal Information by editing their users’ information in the Service. If you're a Visitor and Your Personal Information changes, or if You no longer desire information on Okta’s Service, You may have Your Personal Information updated or removed from Okta’s records by emailing [email protected] or by contacting Us by telephone or postal mail at the contact information listed below.

We will respond to your request within 30 days.

What Choices Do I Have?

  • You can always opt not to disclose information, even though it may be needed to take advantage of or register for certain features of the Service or other content made available via the Web sites.
  • You may request deletion of Your Okta account by sending an e-mail to [email protected].
  • If You do not wish to receive email or other mail from Us, please indicate this preference during the registration process, by changing Your account settings, following the unsubscribe mechanism within the message or by notifying Us at [email protected]. Please note that if You do not want to receive legal notices from Us, such as this Privacy Statement, those legal notices will still govern Your use of the Web sites, and You are responsible for reviewing such legal notices for changes.

Customer Testimonials, Comments, & Reviews

We may post Customer testimonials, comments, and reviews on our Web sites, which may contain Personal Information. We do obtain the Customer's consent via email prior to posting the testimonial, in order to be able to post their name along with their testimonial. If You wish to update or delete Your testimonial, you can contact us at [email protected].

Public Forums

Our Web sites offer publicly accessible blogs or community forums. You should be aware that any information You provide in these areas may be read, collected, and used by others who access them. To request removal of Your Personal Information from Okta’s blog or community forum, contact Us at [email protected]. In some cases, We may not be able to remove Your Personal Information, in which case We will let You know if We are unable to do so and why.

Information Collected on Behalf of our Customers using the Service

Okta collects information under the direction of its Customers and has no direct relationship with the individual users (who are employees or agents of Customers, or third parties with whom a Customer does business) whose personal data it processes. Okta works with its Customers to help them provide notice to their employees concerning the purpose for which Personal Information is collected.

We collect information for our Customers. If You are an employee of one of our Customers and would no longer like to use Okta's Service, please contact your employer directly. Okta may transfer Personal Information to companies that help us provide our Services. Transfers to subsequent third parties are covered by: (1) the provisions in this Privacy Statement regarding notice and choice, and (2) the applicable agreement Okta has with our Customer that governs such Customer’s use of the Service.

Okta has no direct relationship with the individuals whose Personal Information it processes in its provision of the Service. An individual who seeks access to, or who seeks to correct, amend, or delete, inaccurate data should direct their query to their employer. If the employer is a Customer and requests that Okta remove the data, we will respond to their request within 30 business days.

Okta will retain Personal Information that We process on behalf of our Customers for as long as needed to provide the Service to our Customer. Okta will retain and use this Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

If You install and use the Okta Mobile application (either the Android or iOS version) and are enrolled in the Okta Mobility Management program, You will grant Your company’s administrator the ability to manage Your user devices.  By using the Okta Mobile app, You understand and agree that You grant permission to Your company’s administrator, so that s/he may perform some or all of the following actions, as may be required: 

1.     Set passcode policies for the device in order to secure company data, including:

  • Passcode required;
  • Minimum passcode length;
  • Require letter in passcode;
  • Require symbol in passcode;
  • Passcode expiration and history;
  • Failed attempts before device/work profile is wiped;
  • Lock device after X minutes of user inactivity;

2.     Clear the device passcode in cases when You have forgotten the passcode;

3.     Reset the device passcode in cases when You have forgotten the passcode;

4.     Lock the device when You have lost the device;

5.     Wipe all device data from a lost or stolen device;

6.     Wipe company data from a device, if You have left the company. 

Changes to Privacy Statement

Okta may amend or update this Privacy Statement from time to time. You can review the most current version of this Privacy Statement at any time at http://www.okta.com/privacy/. Use of information We collect is subject to the Privacy Statement in effect at the time such information is used. If we make material changes in the way we use Personal Information, We will notify you by posting an announcement on the Web sites or sending You an email prior to the change becoming effective. Your continued use of the Service following any such change constitutes Your agreement to be bound by such changes to the Privacy Statement. Your only remedy, if you do not accept the terms of this Privacy Statement, is to discontinue use of the Service.

 

Contact Us

If you have any questions about this Privacy Statement or Okta’s Web sites, please contact us directly at: [email protected]. Written inquiries may be addressed to:

Okta, Inc.,
Chief Security Officer,
301 Brannan Street, Suite 300
San Francisco, CA 94107
(888) 722-7871