Privacy Policy

This Privacy Policy is effective January 12, 2011.

Heroku, Inc. (“Heroku” or the “Company”) is committed to protecting the privacy of your information. This Privacy Statement describes Heroku’s Web site privacy practices.

1. Web Site Covered

This Privacy Statement covers the information practices of http://heroku.com.

2. Information Collected

Heroku offers a variety of services that are collectively referred to as the “Services.” Heroku collects information from individuals who visit the Company’s Web site (“Visitors”) and individuals who register to use the Services (“Customers”).

When expressing an interest in obtaining additional information about the Services or registering to use the Services, Heroku requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Heroku requires you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Heroku may also ask you to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information are referred to collectively as “Data About Heroku Customers.”

As you navigate the Company’s Web site, Heroku may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web site (such as the Web pages viewed and the links clicked).

3. Use of Information Collected

The Company uses Data About Heroku Customers to perform the services requested. For example, if you fill out a “Contact Me” Web form, the Company will use the information provided to contact you about your interest in the Services.

The Company may also use Data About Heroku Customers for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company and its partners, such as information about promotions or events.

Heroku uses credit card information solely to check the financial qualifications of prospective Customers and to collect payment for the Services.

Heroku uses Web Site Navigational Information to operate and improve the Company’s Web site. The Company may also use Web Site Navigational Information alone or in combination with Data About Heroku Customers to provide personalized information about the Company.

4. Web Site Navigational Information

Heroku uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web site (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company’s Web site and how this information may be used.

4.1 Cookies - Heroku uses cookies to make interactions with the Company’s Web site easy and meaningful. When you visit the Company’s Web site, Heroku’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you. They merely recognize your Web browser. Unless you choose to identify yourself to Heroku, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Me” or a “30 Day Free Trial” Web form), you remain anonymous to the Company. Heroku uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer.

If you have chosen to identify yourself to Heroku, the Company uses session cookies containing encrypted information to allow the Company to uniquely identify you. Each time you log into the Services, a session cookie containing an encrypted, unique identifier that is tied to your account is placed your browser. These session cookies allow the Company to uniquely identify you when you are logged into the Services and to process your online transactions and requests. Session cookies are required to use the Services.

Heroku uses persistent cookies that only the Company can read and use to identify browsers that have previously visited the Company’s Web site. When you purchase the Services or provide the Company with personal information, a unique identifier is assigned you. This unique identifier is associated with a persistent cookie that the Company places on your Web browser. The Company is especially careful about the security and confidentiality of the information stored in persistent cookies. For example, the Company does not store account numbers or passwords in persistent cookies. If you disable your Web browser’s ability to accept cookies, you will be able to navigate the Company’s Web site, but you will not be able to successfully use the Services.

Heroku may use information from session and persistent cookies in combination with Data About Heroku Customers to provide you with information about the Company and the Services.

4.2 Web Beacons - Heroku uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web site and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Heroku may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web site. Heroku uses Web beacons to operate and improve the Company’s Web site and email communications.

Heroku may use information from Web beacons in combination with Data About Heroku Customers to provide you with information about the Company and the Services.

4.3 Flash Cookies - Heroku may use local shared objects, also known as Flash cookies, to store your preferences or display content based upon what you view on our site to personalize your visit. Third parties, with whom the Company partners to provide certain features on our site or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information.

Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies. To learn how to manage privacy and storage settings for Flash cookies click here.

4.4 IP Addresses - When you visit Heroku’s Web site, the Company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Heroku uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Web site.

4.5 Third Party Cookies - From time-to-time, Heroku engages third parties to track and analyze usage and volume statistical information from individuals who visit the Company’s Web site. Heroku may also use other third-party cookies to track the performance of Company advertisements. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the Company receives it.

Heroku may also contract with third-party advertising networks that collect IP addresses and other Web Site Navigational Information on the Company’s Web site and emails and on third-party Web sites. Ad networks follow your online activities over time by collecting Web Site Navigational Information through automated means, including through the use of cookies. They use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other Web sites. This process also helps us manage and track the effectiveness of our marketing efforts. To learn more about these and other advertising networks and their opt-out instructions, click here.

5. Public Forums, Refer a Friend, and Customer Testimonials

Heroku may provide bulletin boards, blogs, or chat rooms on the Company’s Web site. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Heroku is not responsible for the personal information you choose to submit in these forums.

Customers and Visitors may elect to use the Company’s referral program to inform friends about the Company’s Web site. When using the referral program, the Company requests the friend’s name and email address. Heroku will automatically send the friend a one-time email inviting him or her to visit the Company’s Web site. Heroku does not store this information.

Heroku may post a list of Customers and testimonials on the Company’s Web site that contain information such as Customer names and titles. Heroku obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.

6. Sharing of Information Collected

Heroku may share Data About Heroku Customers with the Company’s service providers so that these service providers can contact Customers and Visitors who have provided contact information on our behalf. Heroku may also share Data About Heroku Customers with the Company’s service providers to ensure the quality of information provided. Unless described in this privacy statement, Heroku does not share, sell, rent, or trade any information provided with third parties for their promotional purposes.

From time to time, Heroku may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Heroku, the Company may share Data About Heroku Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Heroku does not control our business partners’ use of the Data About Heroku Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.

Heroku uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.

Heroku reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

7. International Transfer of Information Collected

To facilitate Heroku’s global operations, the Company may transfer and access Data About Heroku Customers from around the world, including the United States. This Privacy Statement shall apply even if Heroku transfers Data About Heroku Customers to other countries.

8. Communications Preferences

Heroku offers Customers and Visitors who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may send a request specifying your communications preferences to support@heroku.com. Customers cannot opt out of receiving transactional emails related to their account with Heroku or the Services.

9. Correcting and Updating Your Information

Customers may update or change their registration information by logging in to their accounts at http://heroku.com. Requests to access, change, or delete your information will be handled within 30 days.

10. Security

Heroku uses appropriate administrative, technical, and physical security measures to protect Data About Heroku Customers.

11. Changes to this Privacy Statement

Heroku reserves the right to change this Privacy Statement. Heroku will provide notification of the material changes to this Privacy Statement through the Company’s Web site at least thirty (30) business days prior to the change taking effect.

12. Contacting Us

Questions regarding this Privacy Statement or the information practices of the Company’s Web site should be directed to privacy@heroku.com or by mailing Heroku Privacy, 650 7th St, San Francisco, CA 94103.