What is Smartsheet’s approach to its customers’ privacy?
Beginning in 2017, Smartsheet, like many other companies based in the United States, participated in and self-certified to the EU-U.S. Privacy Shield program as a way to publicly commit and acknowledge its dedication to its customers’ privacy rights and treating customer data with the utmost care. Despite its invalidation as a result of the Schrems II decision in July 2020, Smartsheet continues to maintain its Privacy Shield Certification and is committed to continuing to protect personal data in accordance with the Privacy Shield Principles (more information about the Privacy Shield Principles is available here).
Smartsheet takes a global approach to privacy that adheres to international best practices for data handling, which focuses on facilitating an environment where all customers can be confident their information is protected and their privacy rights are respected. Smartsheet has demonstrated this commitment with our certifications to ISO 27018:2019 and ISO 27701:2019 (additional information available here). These are two comprehensive and global privacy standards that Smartsheet is audited and evaluated against by an independent third-party auditor. Smartsheet focuses on privacy by design, which ensures privacy principles are contemplated and incorporated in every part of its services, from the development of new features to communication with customers. Smartsheet believes fostering a culture of respect for its customers’ privacy is essential to the company’s success. Smartsheet’s privacy practices are informed by the privacy principles of transparency and security, which guide how Smartsheet uses personal data and interacts with its customers.