Trust is our #1 value.

Our customers trust us to help them build meaningful relationships with their own customers. Salesforce’s top priority is the security and privacy of the data that we are entrusted to protect.

Turn data privacy into an opportunity to enhance customer experiences.

As the #1 CRM platform, Salesforce provides companies like yours with the tools to build trust while enhancing customer experiences. Gain increased transparency and control of your customers’ data, all while harnessing the power of that data to connect with customers in new ways.

Privacy for every customer

No matter where your customers are located, we care about helping you protect their personal data.

Comprehensive privacy and security standards

We safeguard our customers’ data with a robust, comprehensive, and transparent privacy and security program.

Global privacy support

Salesforce helps our customers operate globally in compliance with applicable privacy laws. We make it easy for companies to protect and respect the privacy of their customers' data.

Privacy on the world’s #1 CRM

Our trusted cloud makes it possible for global companies to leverage the world’s #1 CRM platform. Salesforce’s cloud services are designed to help customers comply with privacy laws around the world.

First Four Steps to Building a Privacy Program

PwC shares four key steps that will help you remove roadblocks to building a global privacy program.


What should customers do?


1. Get buy-in and build a team

  • Raise awareness of the importance of privacy with organization leaders.

  • Obtain executive support for necessary staff resources and financial investments.

  • Choose someone to lead the effort in establishing and maintaining a global privacy program.

  • Build a steering committee of key functional leaders, including people within security, marketing, sales and compliance.

  • Identify privacy champions throughout the organization.

2. Assess the organization

  • Understand in which countries you operate and what data protection laws in those countries apply to your organization.

  • Review existing privacy and security efforts to identify strengths and weaknesses.

  • Identify all the systems where the organization stores personal data and create a data inventory.

  • Create a register of data processing activities and carry out a privacy impact assessment for each high-risk activity.


3. Establish controls and processes

  • Confirm privacy notices are accessible wherever personal data is collected.

  • Implement controls to limit the organization’s use of data to the purposes for which data was originally collected.

  • Establish mechanisms to manage individuals’ preferences, such as consent management.

  • Implement appropriate administrative, physical, and technical security measures and processes to detect and respond to security breaches.

  • Establish procedures for responding to individuals’ requests for access, rectification, objection, restriction, portability, deletion (right to be forgotten), and other potentially applicable rights such as to opt out from “sales” or direct marketing.

  • Enter into contracts with affiliates and vendors that collect, receive, or process personal data.

  • Establish a privacy impact assessment process.

  • Train employees and vendors to increase privacy and security awareness training.

4. Document compliance

  • Compile and maintain up-to-date and accurate copies of privacy notices and consent forms, data inventory and register of data processing activities, written policies and procedures, training materials, intracompany data transfer agreements, and vendor contracts.

  • If required, appoint a data protection officer.

  • Conduct periodic risk assessments.


“At Salesforce, trust is our #1 value. The protection of our customers’ data is paramount.”


Global Privacy Readiness

Build trust and transparency around your data with Salesforce.

Privacy Resources





Salesforce understands better customer experiences start with
data privacy.

Contact us if you have questions, comments, or requests related to Salesforce’s Privacy Statement, our data privacy practices, or how Salesforce embraces privacy and data protection laws.