Concert Privacy Policy

Last Updated: August 27, 2019

Our privacy policy will help you understand what information we collect at Concert, how we use it, and what choices you have.

We use the words “Concert,” “we,” “our,” or “us” in this policy, to refer to Concert Cloud, Inc., the company that provides the “Services.”  “Services” refers to our online incentive compensation applications and platform. Our Services are currently available for use via a web browser.

Information We Collect and Receive

1. Customer Data

Content and information submitted by users to the Services is referred to, in this policy, as “Customer Data.” As further explained below, Customer Data is controlled by the organization or other third party that manages Customer Data (the “Customer”). Where Concert collects or processes Customer Data, it does so on behalf of the Customer.

If you join a workspace and create a user account, you are a “User.” If you are using the Services by invitation of a Customer, whether that Customer is your employer, another organization, or an individual, that Customer determines its own policies regarding storage, access, modification, deletion, sharing, and retention of Customer Data which may apply to your use of the Services. Please check with the Customer about the policies and settings it has in place.

2. Other Information

Concert may also collect and receive the following information:

  • Account creation information. Users may provide information such as a name, email address, phone number, and password to create an account.

  • Setup information. When a Customer begins to use the Services, we may collect an email address, a Company name, a Company photo logo, domain details, user name for the individual who is setting up the Services, and password. We may also collect administrative team contact info, such as a mailing address.

  • Billing and other information. Our third party payment processors may collect and store billing address and credit card information on our behalf or we may do this ourselves.

  • Order and sales information.  When a Customer utilizes their workspace, you will upload your sales data, including third party names, email addresses, and product purchase history.

  • Incentive compensation and payment information.  When a Customer utilizes their workspace for incentive compensation, you will store commissions and bonus calculations.

  • Services usage information. This is information about how you are accessing and using the Services,  which may include administrative and support communications with us, information about the Services, channels, people, features, content, and links you interact with, and what third party integrations you use (if any).

  • Contact information. With your permission, any contact information you choose to import is collected when using the Services.

  • Log data. When you use the Services, our servers automatically record information. This includes data that your browser or Slack bot send when you are using the Services. This log data may include your Internet Protocol address, your browser type, the date and time of your use of the Services, language preferences, and cookie data.

  • Device information. We may collect information about the device you are using to access the Services. This includes the type of device it is, the operating system you are using, application IDs, and crash data. Whether we collect some or all of this information is often dependent on the device type and its settings.

  • Geo-location information. WiFi and IP addresses received from your browser or device may be used to determine approximate location.

  • Services integrations. If, when using the Services, you integrate with a third party service, we will connect that service to ours. The third party provider of the integration may share certain information about your account with Concert. However, we do not receive or store your passwords for any of these third party services.

  • Third party data. Concert may also receive information from affiliates in our corporate group, our partners or others to optimize and improve our Services.

Our Cookie Policy

Concert uses cookies and similar technologies to provide and support our websites and Services.

How We Use Your Information

We use your information to provide and improve the Services.

1. Customer Data

Concert may access and use Customer Data as reasonably necessary and in accordance with Customer’s instructions to (a) provide, maintain and improve the Services; (b) to prevent or address service, security, technical issues or at a Customer’s request in connection with customer support matters; (c) as required by law and (d) as set forth in our agreement with the Customer or as expressly permitted in writing by the Customer. Additional information about Concert’s confidentiality and security practices with respect to Customer Data is available in our Security Practices Policy.

2. Other Information

We use other kinds of information in providing the Services. Specifically:

  • To understand and improve our Services. We carry out research and analyze trends to better understand how users are using the Services and improve them.

  • To communicate with you by:

    • Responding to your requests. We use your information to respond when you contact us with a problem or question.

    • Sending messages via e-mail, Slack, and other messaging services. We may send you Service and administrative emails and messages. This may also include information regarding changes in our Services, Service offerings and important Service related notices, such as security and fraud notices. These emails and messages are part of the Services and you may not opt-out of them. In addition, we may send emails regarding news about Concert or new product features. You can opt out of these at any time.

  • Billing and account management. We use account data to administer accounts and keep track of billing and payments.

  • Communicating with you and marketing. We often need to contact you for invoicing, account management and similar reasons. We may also use your contact information for our own marketing or advertising purposes. You can opt out of these at any time.

  • Investigating and preventing bad stuff from happening. We work hard to keep the Services secure and to prevent abuse and fraud.

This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so long as it is no longer associated with an identifiable user or Customer of the Services.

Your Choices

1. Customer Data

Customer provides us with instructions on what to do with Customer Data. Our Customer has many choices and control over their Customer Data. For example, Customer may provision or deprovision access to the Services, enable or disable third party integrations, manage permissions, retention and export settings, transfer or assign Services, and consolidate Services. Since these choices and instructions may result in the access, use, disclosure, modification or deletion of certain or all Customer Data, please contact your account manager for more information about these choices and instructions.

2. Other information

If you have any questions about your information, our use of this information, or your rights when it comes to any of the foregoing, contact us at

3. Other Choices

In addition, the browser you use may provide you with the ability to control cookies or other types of local data storage. Your mobile device may provide you with choices around how and whether location or other data is collected and shared. Concert does not control these choices, or default settings, which are offered by makers of your browser or mobile device operating system.

Sharing and Disclosure

There are times when information described in this privacy policy may be shared by Concert. This section discusses only how Concert may share such information. Customers determine their own policies for the sharing and disclosure of Customer Data. Concert does not control how Customers or their third parties choose to share or disclose Customer Data.

1. Customer Data

Concert may share Customer Data in accordance with our agreement with the Customer and the Customer’s instructions, including:

  • With third party service providers and agents. We may engage third party companies or individuals to process Customer Data.

  • With affiliates. We may engage affiliates in our corporate group to process Customer Data.

  • With third party integrations. Concert may, acting on our Customer’s behalf, share Customer Data with the provider of an integration added by Customer. Concert is not responsible for how the provider of an integration may collect, use, and share Customer Data.

2. Other information

Concert may share other information as follows:

  • About you with the Customer. There may be times when you contact Concert to help resolve an issue specific to a workspace of which you are a user. In order to help resolve the issue and given our relationship with our Customer, we may share your concern with our Customer.

  • With third party service providers and agents. We may engage third party companies or individuals, such as third party payment processors, to process information on our behalf.

  • With affiliates. We may engage affiliates in our corporate group to process other information.

3. Other types of disclosure

Concert may share or disclose Customer Data and other information as follows:

  • During changes to our business structure. If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Concert’s assets, financing, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence).

  • To comply with laws. To comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.

  • To enforce our rights, prevent fraud and for safety. To protect and defend the rights, property, or safety of us or third parties. This includes enforcing contracts, or policies, or in connection with investigating and preventing fraud.

We may disclose or use aggregate or de-identified information for any purpose. For example, we may share aggregated or de-identified information with our partners or others for business or research purposes like telling a prospective Concert Customer the numbers and sizes of transactions processed using the Services in a time period.


Concert takes security seriously. We take various steps to protect information you provide to us from loss, misuse and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store, and the current state of technology.

To learn more about current practices and policies regarding security and confidentiality of Customer Data and other information, please see our Security Practices; we keep that document updated as these practices evolve over time.

Children’s Information

Our Services are not directed to children under 13. If you learn that a child under 13 has provided us with personal information without consent, please contact us.

General Data Protection Regulation (GDPR)

Protecting our Customers’ information and their users’ and clients’ privacy is extremely important to us, and as a result Concert takes measures to help our Customers comply with GDPR, including capturing the minimum required user and client data to deliver the services, simple data export tools, and an easy way to delete personal information.  Concert’s account management team is able to support Customers who may need help with these changes.

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Concert is in the process of self-certifying to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks set forth by the U.S Department of Commerce with respect to collection, use and retention of Customer Data. For more information, see our Privacy Shield Notice. We may process some personal data from individuals or companies via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses. To learn more about the Privacy Shield program, refer to

Changes to This Privacy Policy

We may change this policy from time to time, and if we do we will post any changes on this page. If you continue to use the Services after those changes are in effect, you agree to the revised policy.

Contacting Concert

Please feel free to contact us if you have any questions about Concert’s Privacy Policy or practices. You may contact us at  or at our mailing address below:

Concert Cloud, Inc.

7 West 18th Street, 5th Floor

New York, NY 10010