Split Software Privacy Policy

Last Revised: October 9, 2018 (View current)

Split Software, Inc. (“Split”, “we”, “us”) respects your right to privacy. This Privacy Policy explains who we are, how we collect, share and use personal information about you, and how you can exercise your privacy rights. This Privacy Policy applies to personal information that we collect through our website at www.split.io (“Website”) and when you use or interact with our services. This Privacy Policy does not apply to third party products or services that you may choose to integrate with Split’s product or services. You should always review the policies of third party products and services to make sure you are comfortable with the ways in which they collect and use your information.

If you have any questions or concerns about our use of your personal information, then please contact us using the contact details provided at the bottom of this Privacy Policy.

Quick links

We recommend that you read this Privacy Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Policy, then you can click on the relevant link below to jump to that section.

  1. What does Split do?
  2. What personal information does Split collect and why?
  3. Who does Split share my personal information with?
  4. Legal basis for processing personal information (EEA visitors only)
  5. How does Split keep my personal information secure?
  6. International data transfers
  7. Privacy Shield notice
  8. Data retention
  9. Your data protection rights
  10. Updates to this Privacy Policy
  11. How to contact us

What does Split do?

Split is the leading platform for feature experimentation, empowering businesses of all sizes to make smarter product decisions. The Split platform is a unified solution for continuous delivery and full-stack experimentation. Split unifies DevOps and product management, helping agile engineering and product teams accelerate the pace of product delivery and make data-driven decisions, through our robust feature flagging and extensive experimentation capabilities. With Split, organizations can now accelerate time to value, mitigate risk, and drive better outcomes, all in a unified platform.

For more information about Split, please see the “About Us” section of our Website at https://www.split.io/company/.

What personal information does Split collect and why?

The personal information that we may collect about you broadly falls into the following categories:

Information that you provide voluntarily

Account, Profile and Contact Information. Certain parts of our Website may ask you to provide personal information voluntarily: for example, we may ask you to provide your contact details in order to register an account with us, to subscribe to marketing communications from us, and/or to submit enquiries to us. The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

In some cases another user (such as an administrator) may create an account on your behalf and may provide your information, including personal information (most commonly when your company requests that you use our products). We collect Information under the direction of our customers and often have no direct relationship with the individuals whose personal data we process. If you are an employee of one of our customers and would no longer like us to process your information, please contact your employer. If you are providing information (including personal information) about someone else, you must have the authority to act for them and to consent to the collection and use of their personal information as described in this Privacy Policy.

Information that we collect automatically

Web Logs

When you visit our Website, we may collect certain information automatically from your device. In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws.

Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked.

Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website to our visitors.

Analytics Information

We collect analytics information when you use our Website and services to help us improve our products. In the services, this analytics information consists of the feature and functions being used, the associated organization and domain name, the username and IP address of the individual who is using the feature or function, and additional information required to detail the operation of the function and which parts of the services are being affected. The analytics information we collect may include personal information or business information that the user has chosen to upload, submit, post, create, transmit, store or display in the Split service.

Analytics information also consists of data we collect as a result of running queries against our user base for the purposes of generating Usage Data. “Usage Data” is aggregated data about a group or category of services, features or users that does not contain personal information.

Cookies and Other Tracking Technologies

Some of this information may be collected using cookies and similar tracking technology. Please review our Cookie Policy at https://www.split.io/legal/cookie-statement/.

Information that we obtain from other sources

Information from third party services

From time to time, we may receive personal information about you from third party sources (e.g. sales and marketing database and data enrichment platforms), but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us.

The types of information we collect from third parties include account and/or contact information and we use the information we receive from these third parties to, including but not limited to, market and sell to you, and/or maintain and improve the accuracy of the records we hold about you, etc.

Information that our customers provide

End-user data

Our customers can send to us data about their users. Split’s service allows our customers to submit details about their end-users to enrich their experiences through our platform. Our customers have a responsibility to understand the data they send to us and to take the appropriate disclosures, precautions, and responsibilities regarding the content of the service data they provide to us. We utilize this data for no purpose except to deliver the functionality that the Split platform provides to our customers.

In general, we will use the personal information we collect from you only for the purposes described in this Privacy Policy or for purposes that we explain to you at the time we collect your personal information.

Who does Split share my personal information with?

We may disclose your personal information to the following categories of recipients:

Services providers and partners

We rely on service providers (e.g. infrastructure, content delivery, system level monitoring and alerting, product usage analytics, customer relationship management, support ticketing, and affiliated) to provide key functionality both in the operation of our product as well as the operation of the Split business. These providers and partners provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website), or otherwise process personal information for purposes that are described in this Privacy Policy or notified to you when we collect your personal information.

Competent law enforcement body, regulatory, government agency, court or other third party

We will disclose where is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;

Third parties

In connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Policy;


To any other person with your consent to the disclosure.

Split does not sell personal data to any third parties.

Legal basis for processing personal information (EEA visitors only)

If you are a visitor from the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

If we ask you to provide personal information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How to contact us” heading below.

How does Split keep my personal information secure?

We use appropriate technical and organisational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. Additional information regarding splits security practices can be found at www.split.io/trust.

Split takes security very seriously, and if you have reason to believe that your data or someone else’s data is no longer secure, please contact security@split.io.

In the event of a security breach, we will take take necessary measures to ensure the continued safety of data and contact affected parties and relevant regulators within a reasonable amount of time about the scope and scale of the unauthorized disclosure, as required by applicable laws.

International data transfers

Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

Specifically, our Website servers are located in the United States and our third party service providers and partners operate around the world but with our data stored in the United States.

We have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy. These include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information with our third party service providers and partners and further details can be provided upon request. These include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information with our third party service providers and partners, further details of which can be provided upon request. We also participate and comply with the EU-US and Swiss-US Privacy Shield Frameworks. Please see our Privacy Shield Notice below.

Privacy Shield notice

Split Software, Inc. participates in and complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and the Privacy Shield Principles regarding the collection, use, and retention of personal information that is transferred from the European Union or Switzerland (as applicable) to the U.S. We ensure that the Privacy Shield Principles apply to all personal information that is subject to this privacy policy and is received from the European Union and Switzerland. To learn more about the Privacy Shield Framework, and to view our certification, please visit the U.S. Department of Commerce’s Privacy Shield website: https://www.privacyshield.gov/welcome. A list of Privacy Shield participants is maintained by the Department of Commerce and is available at: https://www.privacyshield.gov/list.

Under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, we are responsible for the processing of personal information we receive from the EU and Switzerland and onward transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of personal information from the European Union and Switzerland, including the onward transfer of liability provisions.

You can direct any questions or complaints about the use of disclosure of your personal information to us at legal@split.io. We will investigate and resolve any complaints or disputes regarding the use of personal information within forty-five (45) days of receiving your complaint.

We encourage you to contact us as provided above should you have a Privacy Shield-related (or general privacy-related) complaint. However if you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may contact JAMS, a U.S. based independent third-party dispute resolution body that will assist you free of charge. A binding arbitration option may also be available to you in order to resolve complaints not resolved by other means. You can file a claim on their website (https://www.jamsadr.com/eu-us-privacy-shield).

Under certain conditions, more fully described on the Privacy Shield website, https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted as per Annex I of Privacy Shield, https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

With respect to personal information received or transferred pursuant to the Privacy Shield Framework, we are subject to the regulatory and enforcement powers of the US Federal Trade Commission (“FTC”). In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Data retention

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Your data protection rights

You have the following data protection rights:

Access, correct update or request deletion

If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.

Object to processing, restrict processing, or request portability

In addition, if you are a resident of the European Union, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the “How to contact us” heading below.


You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “How to contact us” heading below.

Withdraw consent

Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

Right to complain

You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area are available here.)

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

Updates to this Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Privacy Policy.

How to contact us

If you have any questions or concerns about our use of your personal information, please contact legal@split.io.