Privacy Policy (GDPR)


Epicor Software Corporation European Privacy Policy

Epicor Software Corporation ("Epicor" and “we”) provides this European Privacy Policy ("Privacy Policy") to help you understand how we collect, use and disclose data, including Personal Data (as defined below) relating to individuals in the scope of the General Data Protection Regulation. We collect Personal Data about such individuals in a variety of ways through our normal business activities, both online and offline. This includes, for example, when you and your organization place orders or purchase products or services, enter into agreements or communicate with us, visit with us at conferences or trade shows, visit and use versions of that have been created for visitors from the European Economic Area and that link to it (together, the “Site”), or communicate with us electronically such as by sending and receiving email. The Personal Data we receive from customers pursuant to agreements and Personal Data relating to employees is not subject to this Privacy Policy.

This Privacy Policy explains Epicor's information practices including:

  • How Epicor uses the Personal Data you share with us and that we learn about you because of our relationship when you use the Site.
  • What Personal Data, if any, Epicor may share about you and the conditions we use to protect your Personal Data if it must be shared that has been collected through the Site.
  • How to exercise your data subject rights, in particular to request access or changes to or deletion of Personal Data that we receive about you through the Site as well as how to exercise other rights in connection with your Personal Data.
  • Other things you should know about privacy and Epicor.

"Personal Data" means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

We process this Personal Data with your consent, to perform or enter into contracts with you, in conformance with our legitimate business interests (maintaining our books and records, maintaining the security and integrity of this Site and our systems, enforcing the terms and conditions and Privacy Policy associated with this Site and our systems, monitoring the use and performance of this Site and our systems, quality assurance of our customer service operations, and product improvement and development) where your interest do not outweigh our interests, and to comply with legal obligations.

This Privacy Policy does not apply to the products and services sold by Epicor.

Collected Data and Usage

Strictly necessary cookies are necessary to provide the Website to you. We use such cookies without your prior consent.

Epicor collects and uses Personal Data from you in several ways and for the purposes listed below. We only use your Personal Data as described below:

Directly from You through Site Forms. We receive the Personal Data you submit to us (e.g., name, address, telephone number, email address, and location) so we can complete a requested transaction and respond to your requests.

The processing of your Personal Data for these purposes is based on necessity for the performance of a contract with you. We retain the information as described below in this Privacy Policy.

Improve our Products and Services. When you provide us with feedback and other information through the Site about our products and services, we use it for developing, enhancing, and improving our products and services.

The processing of your Personal Data for these purposes is based on our legitimate interests. We retain the information as described below in this Privacy Policy.

Information about Site Usage and Electronic Message We Send. Epicor and engaged third party service providers uses “cookies,” web beacons, server logs and related technology to collect information about how visitors interact with the Site and messages we send to individuals (e.g., which pages visitors view or emails individuals open, which URL of the website used before visiting the Site), Site usage preferences (e.g., language), and the technical characteristics of their Internet browsers and connection (e.g., IP Address, browser type, device identifiers, operating system version). We use this information to improve how the Site functions, improve the content we send to you, and provide you with personalized content and advertising on the Site, on other websites and online services and in electronic messages, as further described in the Epicor Cookie Policy. For example, we use your IP Address to identify the country from which you are accessing the Site so we can provide you with the version of the Site that is intended for that country. We also use cookies to store information necessary for visitors logging into certain portions of the Site and to remember visitors and their preferences. We currently use Google Analytics to collect and process certain website usage data. To learn more about Google Analytics and how to opt out, please visit

You can learn how to decline or opt-out of cookies by reading the Epicor Cookie Policy.

The processing of your Personal Data for this purpose is based on your consent or necessity to provide the Site to you. We retain the information as described below in this Privacy Policy.

Commerce and Product Support. You may be asked to share Personal Data such as your name, address, telephone number, and email address when you make purchases, seek customer or technical support or otherwise interact with Epicor through the Site. When you buy directly from Epicor, Epicor and its vendors and suppliers who facilitate the purchase and delivery of products and services use this Personal Data to complete the transaction. Epicor shares Personal Data with its vendors and suppliers to complete transactions. Epicor has agreements in place with its vendors and suppliers to limit their use of the Personal Data to completing the transaction and performing services for Epicor. You may also interact directly with and provide Personal Data directly to Epicor’s vendors and suppliers when you purchase Epicor products and services or seek customer or technical support. In these circumstances, the vendors and suppliers collect and use your Personal Data subject to their privacy policies and will share Personal Data with us to complete the transaction.

The processing of your Personal Data for these purposes is based on the necessity for the performance of a contract with you. We retain the information as described below in this Privacy Policy.

Product Registration. Epicor allows customers to register products online or through similar ways. We request Personal Data, such as your name, address, email, and telephone number. Epicor receives this Personal Data and other product-related information in such submissions, and Epicor will use it to complete the registration.

The processing of your Personal Data for these purposes is based on the necessity for the performance of a contract with you. We retain the information as described below in this Privacy Policy.

Marketing and Other Informational Updates. With your consent and as otherwise permitted by law, we also use Personal Data (including address, telephone number, and e-mail address) and other information we receive from and about you from public sources (e.g., LinkedIn) to contact you with information from Epicor and its Affiliates /partners about their products and services, provide special offers and promotions that may be of interest to you, and notify you periodically about important changes to the Site (such as a material change to this Privacy Policy or notice of a security breach). You may withdraw your consent at any time by unsubscribing from such marketing communications or object to marketing measures at any time. Please note that withdrawing your consent will not affect the lawfulness of the processing before the withdrawal. In addition, withdrawing consent from marketing communications does not affect our ability to send you other communications, such as those related to providing services to you or responding to your requests.

You may opt out from receiving marketing-related communications by either clicking on the unsubscribe link at the bottom of marketing-related emails we send you or by clicking here. We will process opt-out requests without undue delay.

The processing of your Personal Data for this purpose is based on your consent or on our legitimate interests. We retain the information as described below in this Privacy Policy.

Online and Offline Promotions, Contests and Sweepstakes. You may be asked to provide an email address or screen name, or other Personal Data, for entry into a particular promotion, including sweepstakes and contests so that we can let you know if you won a prize. The specific rules and regulations governing the particular promotion, contest or sweepstakes will vary and your participation constitutes your agreement to abide by those rules and regulations. Certain promotions, contests or sweepstakes may be run by an Epicor service provider or vendor or co-branded with one of our partners. In these instances, the collection of your Personal Data may occur directly by the service provider or vendor or a third-party partner on their website. The promotion will state the privacy policy or policies governing the collection of such information if they should differ from this Privacy Policy.

The processing of your Personal Data for this purpose is based on your consent or on our legitimate interests. We retain the information as described below in this Privacy Policy.

Psuedonymisation and Anonymisation

In some circumstances, we may psuedonymise and/or anonymise your Personal Data for business purposes including to improve our products and services, in which case we may use such information without further notice to you. The processing of your Personal Data for this purpose is based on our legitimate interests. We retain the information as described below in this Privacy Policy.

When Epicor Shares Collected Data

As previously stated in this Privacy Policy, Epicor may share Personal Data within Epicor (including our worldwide affiliates and other members of the Epicor Group) to fulfill its obligations to you and operate its business consistent with this Privacy Policy and applicable data protection law. In addition to what is already stated in this Privacy Policy, we will also share your Personal Data with third parties in the following situations and for the following purposes:

  • Epicor Subsidiaries, Affiliates, Vendors, and Suppliers. Epicor works with many affiliated third parties, vendors, distributors, and suppliers. We will provide Personal Data to them to the extent it is necessary for them to provide their products and services to us and to you. Epicor may also sometimes permit our authorized service providers to have access to aggregate statistics about our customers, sales, traffic patterns, and related Site or Application information. These transfers of aggregate statistics do not involve Personal Data.
  • Recruitment and Job Applications. We receive Personal Data through the Site and from service providers supporting on the online job website when you apply for employment through the Site. The Personal Data includes the information contained on a resume or curriculum vitae and the information you otherwise provide to us. With your prior consent, we keep your information on file for future employment consideration, even if you are not selected for the particular job you applied for. As discussed below, we have operations around the world and we may consider you for employment in locations around the world. For this reason, our recruiting and employment departments around the world will have access to the Personal Data you submit with your job application. You consent to this transfer of Personal Data outside of the EEA when you submit your Personal Data for employment consideration.
  • Enabling Services on the Site. Epicor offers a variety of services and functions through its Site ("Epicor Services"). Personal Data that is collected through the Site will be used and/or disclosed to third parties in order to enable us to provide Epicor Services. For example, the Epicor Site allows you to interface with a third-party website. To facilitate that connection, we may use your Personal Data and/or disclose your Personal Data to the third party operating the website.
  • Public Areas. Any information disclosed in public areas of the Site (such as by using Facebook, YouTube or Twitter functionality, etc.) will become public information. We do not control the use by others of information disclosed in public forums on the Site, such as forums, bulletin boards, blogs, chat rooms, and networking functions of mobile-device applications. You should exercise caution when disclosing information in these public areas, and be careful how you disclose your Personal Data.
  • Mergers and Acquisitions. If Epicor should ever merge with another company, or if Epicor should decide to buy, sell, or reorganize some part or all of its business, Epicor may be required to transfer your Personal Data and in such events your Personal Data may be used or transferred in accordance with this Privacy Policy and as permitted by law.
  • As Required by Law and Other Extraordinary Disclosures. Epicor may be required to disclose your Personal Data if it: (i) believes in its sole judgment that such disclosure is reasonably necessary to comply with legal process (such as a court order, subpoena, search warrant, etc.) or other legal requirements of any governmental authority, (ii) would potentially mitigate our liability in an actual or potential lawsuit, (iii) is otherwise necessary to protect our rights or property, or (iv) is necessary to protect the legal rights or property of others.


Epicor maintains appropriate organizational and technical measures for the protection of the security, confidentiality, and integrity of Personal Data from unauthorised or unlawful access, accidental loss, destruction, damage, misuse, disclosure and alteration. Unfortunately, no data transmission over the Internet can be guaranteed to be secure, therefore, we cannot ensure the security of any information you send to us and you do so at your own risk. If Epicor learns of a security system's breach, we will comply with all applicable law to notify you about the breach so that you can take appropriate protective steps. Epicor may post a notice on the Site if a security breach occurs. If this happens, you will need a web browser or mobile device enabling you to view the Site. Epicor may also send an email to you at the email address you have provided to us in these circumstances or communicate with you by other means if we can. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

Accuracy of Personal Data and your Individual Rights

While we take various steps to ensure the accuracy and completeness of your Personal Data, we rely upon you to provide accurate and complete Personal Data when interacting with us. All persons in the scope of the General Data Protection Regulation whose Personal Data is being processed by Epicor have the legal right to request: (i) access, (ii) rectification (iii) erasure, (iv) restriction of processing, (v) object to processing, and/or (vi) data portability of their Personal Data. Any such requests should be submitted using the Individual Rights Request Form.

You also have the right to lodge a complaint with an EU supervisory authority. However, if you have a complaint regarding the processing of your Personal Data we kindly request that you first contact us directly as indicated in the Contacting Epicor section of this Privacy Policy, and we will reply promptly.

How long we keep your Personal Data

We consider several factors to determine how long we keep Personal Data. We consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. Once we no longer have a need for your Personal Data, we will securely destroy it in accordance with our standards and applicable laws and regulations.

Links to Third-Party Sites and Co-Branded Sites

The Site may contain links to third-party websites, however, please be aware that Epicor is not responsible for and does not control the privacy practices of these other websites. We encourage you to read the privacy policies for these other websites, as they may differ from ours. The Site also contains links to co-branded websites that may display Epicor's logo and trademarks but which are maintained by third parties. Such websites may be identified by the fact that they do not display an "" URL. Please read the privacy policy on the co-branded website for the applicable privacy practices relating to personal information collected via that website, as it may differ from this Privacy Policy.

Where Personal Data Is Used and Stored

Because Epicor operates globally, we will transfer your Personal Data within our global operations to fulfill our obligations to you, subject to the limitations of applicable data protection law and this Privacy Policy. Privacy laws differ across the globe. To help visitors whose native language may not be English understand our privacy practices, we may provide special information on our Privacy Policies that may be applicable to these visitors in different languages. Epicor entities outside the European Economic Area may also have supplemental privacy policies that may apply in those countries.

You understand that when Personal Data is collected through the Site, we will transfer it within Epicor to the United States and other locations around the world. The United States and other jurisdictions may not provide data protection or privacy laws equivalent to the laws of your country, however, we put appropriate measures in place to protect your personal information, such as EU Standard Contractual Clauses. You may contact us at [email address], to request a copy of the safeguards we have in place.

Enforcement and More Information

When Epicor receives formal written inquiries or complaints, Epicor will contact the individual regarding his/her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the handling of Personal Data that cannot be resolved between Epicor and an individual.

Changes to This Privacy Policy by Epicor

We encourage you to periodically review this Privacy Policy. If we change our privacy practices, an updated version of this Privacy Policy will reflect those changes. Without prejudice to your rights under applicable law, we reserve the right to update and amend this Privacy Policy without prior notice to reflect technological advancements, legal and regulatory changes and good business practices to the extent that it does not change the privacy practices as set out in this Privacy Policy. If you do not agree to the changes to this Privacy Policy, you should request deletion of your Personal Data by submitting a request using the Individual Rights Request Form.

Contacting Epicor

The Data Controller for the Site is the organization listed below. If you have any questions, comments, or concerns about this Privacy Policy, please write to us at:

Epicor Software Corporation
Las Cimas II- 807 Las Cimas Parkway, Suite 400
Austin, Texas 78746

Attention: Legal Department

You may also contact our Data Privacy Officer by postal mail or email anytime.

Epicor Software Corporation
Attention: Data Privacy Officer
6 Arlington Square West
Bracknell RG12 1PU
United Kingdom