Skip over navigation

Notice of Privacy Shield Certification

Oro Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, including personal information Oro Inc. receives from individuals who visit Oro websites or interact with Oro Inc., as well as personal information stored and processed by customer’s instances hosted in OroCloud.

Oro Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

Types of Personal Information Oro Inc. Collects and Uses

The categories of personal information Oro Inc. receives in the United States, the purposes to collect and use of the personal information are listed in the Oro Inc. Privacy Policies available at

Oro will only process personal information in the ways that are compatible with the purposes listed in the Privacy Policies. Oro Inc. will notify users about any changes to the Privacy Policies, including the changes to private data processing and purposes, providing an opportunity to opt-out.

The purposes and categories of personal information collected and processed in customer’s instances hosted in Oro cloud can vary depending on customer implementation and is described in the corresponding privacy policy of the customer site. Oro Inc. can access this personal information on behalf of the customer in order to fulfill customer’s support request and provide the contracted level of service.

Data Transfers to Third Parties

In order to perform business tasks Oro Inc. may transfer private information to the following sub-processors:

Entity name Location
Google LLC United States
Sendgrid Inc. United States
Atlassian Inc. United States

Additional sub-processors may be used by the owner of a particular customer’s instance and listed in the Privacy Policy of the corresponding customer site.

If Oro has received end user’s personal information in the United States and subsequently transferred that information to a third-party acting as an agent, and such third-party agent processes user’s personal information in a manner inconsistent with the Privacy Shield Principles, Oro Inc. may be responsible under the Privacy Shield Principles if Oro Inc is responsible for the event giving rise to the damage.

Disclosures for National Security or Law Enforcement

Under certain circumstances, Oro Inc. may be required to disclose end user’s personal information in response to lawful requests by public authorities, including, to meet national security or law enforcement requirements.

Access Rights

A user may have the right to access personal information that Oro Inc. stores and request to correct, amend, delete it if it is inaccurate or processed in violation of Privacy Shield. These access rights may not apply in some cases, including the ones, where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of a third party. In order to request access to, correction, amendment, or deletion of personal information, a user can submit a written request to the Oro Inc. may ask for additional confirmation of the user’s identity. Because Oro Inc. personnel has a limited ability to access data of Oro customers, users need to provide customer name or website URL that stores and processes their private data. Oro Inc will transfer this request to the specific customer and assist as needed in the fulfillment process.

A user may choose to change personal information or deactivate an account by contacting Oro Inc. via email show email.

Questions or Complaints

In compliance with the Privacy Shield Principles, Oro Inc. commits to resolve complaints about our collection or use of your personal information. European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Oro Inc. at:

show email

Oro Inc. is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Oro Inc. commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner. EU and Swiss individuals can contact EU DPA or the Swiss Federal Data Protection and Information Commissioner, as applicable. The contact details of the EU DPAs can be found here:

EU and Swiss individuals may also have the option to select binding arbitration for the resolution of complaint under certain circumstances. To find out more about the Privacy Shield’s binding arbitration scheme please see

Changes to this Notice

Oro Inc. reserves the right to amend this Notice from time to time consistent with Privacy Shield requirements.

Back to top

You will be redirected to [title]. Would you like to continue?