SONAR
Frequently asked questions
The purpose of this FAQ is to answer common questions that customers ask about SonarSource agreements. This FAQ is for informational purposes only.
Last updated July 3, 2024
How do we provide legal notices to Sonar?
For general notices please email: contact@sonarsource.com.
For claims of breach, infringement of IP, or termination for cause, please send physical notice to SonarSource, Capitol Tower, 206 E 9th St, Suite 1800, Austin, TX 78701, and a digital copy to legal@sonarsource.com.
Do the SonarQube Server Terms and Conditions apply if we have purchased SonarQube Server through a reseller partner?
Yes, the SonarQube Server Terms and Conditions will govern a customer’s use of SonarQube Server even if they have purchased through a channel partner.
How can we be notified if Sonar updates is terms and policies?
Sonar will provide at least thirty days’ advance notice of any material updates to its terms or policies. Notices will be published on Sonar’s Legal Documentation page.
What are Support and Advisory Services?
Sonar provides support and premium support via an online helpdesk for customers who purchase or are otherwise eligible for support. This support does not involve on-site visits or remote access.
Sonar provides advisory services to help select SonarQube Server customers optimize their use of the product. Sonar does not provide hands-on-keyboard professional services or any customized software.
Why do Sonar agreements contain arbitration clauses?
Sonar products are provided via the Internet by our parent company, SonarSource SA, from Switzerland. For this reason, our agreement contains an expedited arbitration clause. Expedited arbitration allows for cost-efficient outcomes that are automatically recognized and enforceable in different countries (unlike national court judgments).
How can we sign a Data Processing Addendum (DPA) with Sonar?
The Sonar DPA forms part of the SonarQube Cloud Terms of Service and SonarQube Server Terms and Conditions, so it does not need to be signed separately.
How does the Sonar DPA apply?
The DPA applies automatically when your organization accepts the SonarQube Cloud Terms of Service or the SonarQube Server Terms and Conditions. The DPA covers the processing of Customer Data by Sonar in connection with SonarQube Server, SonarQube Cloud, and related Support, as further described in the DPA.
Why won’t Sonar sign a customer’s DPA?
The Sonar DPA is drafted to reflect how Sonar provides its products and related support to hundreds of thousands of customers worldwide. This scale requires that we maintain a uniform privacy and security program without operationalizing individual customers' specific requirements.
What is the scope of the Sonar DPA?
The Sonar DPA defines Sonar’s legal obligations with respect to the processing of personal data. It covers customers worldwide.
What is Sonar’s role under the DPA?
The Sonar DPA provides that Sonar will act as a processor with respect to Customer Data and as a controller with respect to Account Data, Usage Data, and Results Data, to the extent that those types of data include Personal Data and for the limited purposes set forth in the DPA. The types of data are defined in the DPA.
Who are Sonar’s sub-processors?
Sonar’s Trust Center contains a list of our Sub-processors.
What transfer mechanisms does Sonar use for international transfers of personal data?
Sonar offers Standard Contractual Clauses as the transfer mechanism to facilitate the transfer of personal data. Please see Schedule 2 of the DPA.