従業員のプライバシーに関する通知 Jamf Software, LLC
Jamf Software, LLC
Employee Privacy Notice
本通知は、Jamfが処理する可能性のある従業員の個人情報に関する詳細情報を提供し、当社のプライバシーポリシーを補足するものです。プライバシーポリシーではJamfが個人情報をどのように取り扱うかについて概説していますが、本通知では雇用状況に特化した詳細な情報を提供しています。両者の間に矛盾が生じた場合は、従業員の個人情報に関しては本通知が優先されます。Jamfは本通知を定期的に更新する場合があります。重要な変更があった場合は、Eメールまたは当社のウェブサイトに改訂通知を掲載してお知らせします。最新改訂の発効日は本通知の末尾に記載され、更新内容は当社ウェブサイトに掲載されてから7日後に発効します。
For the purposes of this notice, “employee personal information” is included within the definition of “personal information” unless otherwise specified. An “Employee” at Jamf is defined as any current or former full-time, part-time, temporary, or contract worker, as well as interns, job applicants, and individuals whose personal information is collected in the employment context.
JAMF Software, LLC, or its affiliates (collectively, “Jamf”) may collect personal information from prospective and present Employees only for legitimate business purposes, as described in the Appendix to this notice and in accordance with applicable laws, including data privacy/protection laws and regulations. Employee personal information related to health, performance evaluations, disciplinary actions, and other sensitive Employee matters, whether it is stored manually or electronically, is only accessible to other Jamf Employees when required to fulfill authorized HR functions or comply with privacy obligations.
For legitimate human resources purposes, Employees may choose to voluntarily disclose personal information about family members and other individuals, including the beneficiaries of employment benefits and emergency contacts. If Jamf Employees choose to do this, the individual’s personal information shall be treated, for the purposes of this notice, the same as an Employee’s personal information. It is the Employee’s responsibility to inform any such individuals about this notice and ensure that the Employee has the right to provide the individual’s personal information to Jamf.
Employee personal information is never sold, leased, or rented to any third party. Employee personal information will never be disclosed to third parties except as follows:
- To those retained by Jamf for processing only for the purposes set out in this Notice;
- Where required pursuant to an applicable law, governmental or judicial order, law, or regulation, or to protect the rights or property of Jamf;
- In the event of sale of the business, merger, acquisition, etc.;
- Where authorized electronically or in writing by the Employee; and
- Where the Employee voluntarily provides personal information, and the context makes it clear that Employee personal information will be provided to a third party/processor (ex. payroll, benefits, travel, reimbursement, and other systems used in the Employment context).
Where personal information is transferred from the EU, UK, or Switzerland to the US in the context of the employment relationship, we will cooperate in investigations by and comply with the advice of relevant data protection authorities.
If you are a resident of California, please see the California Addendum below for additional details on how Jamf handles your personal information.
Appendix – Description and Uses of Employee Personal Information
1. Who is responsible for processing and who can I contact?
The data controller is Jamf Software, LLC, or its affiliates as applicable (“Jamf” or the “Company”) and the responsible person can be contacted with any questions about this Notice or Jamf’s privacy practices at privacy@jamf.com.
2. What sources and information do we use?
We may obtain your information directly from you (during the recruitment process and during employment) and from third parties, such as recruitment agencies, our affiliates, your colleagues and managers, references you provide, prior employers or schools, pre-employment screening services, such as background check providers (where permitted by law), job board websites, providers of employee benefits, social media networks, and publicly available databases.
Please see point 3 below for more information.
3. What categories of personal information do we process, why do we process the personal information, and on what legitimate basis?
|
Occasionally, and where appropriate, we may seek your consent in writing to process specific personal information. If we do that, we will explain the purpose of the processing. In these situations, you have the right to refuse or withdraw your consent at any time by contacting the appropriate person named in the consent document.
4. Who is the recipient of my information?
We will share your personal information with:
- Jamf affiliates;
- JamfのベンダーおよびJamfに代わって業務を行うサービスプロバイダー。
- Jamfの顧客(従業員が顧客関係において指名された連絡担当者として行動する場合、または法律で義務付けられている場合など、限定的な範囲内)。
- private health and benefit providers;
- insurers and pensions scheme providers;
- federal and state authorities, e.g., tax authority, social security authority, law enforcement;
- entities providing services to Jamf, such as IT or payroll services;
- potential purchasers and their professional advisers in the context of the sale or restructuring of the whole or part of our business; and
- hotels, airlines, reservation centers for business travel purposes.
5. Is personal information transferred to a third country or to an international organization?
Jamf is a global organization and to ensure the provision of effective and efficient services and communication throughout Jamf, we are required to transfer your personal information internationally.
そのため、お客様の個人情報は、データ保護規則が異なる可能性のある海外の国で保管および処理されることがあります。ただし、Jamfは、適切な保護措置が講じられている場合に限り、お客様の個人情報をEEA域外および英国域外に移転します。Jamfは、従業員の個人情報が国境を越えて第三者に移転された場合でも、適用される法律や規則で要求される保護を維持することを保証します。これには、EU標準契約条項(2021年)、EU標準契約条項に対する英国補足条項、企業グループ内移転契約、およびその他のデータ移転セーフガードの使用が含まれますが、これに限定されません。
For more information on how Jamf safeguards Employee personal information, please contact privacy@jamf.com.
6. How long will my personal information be retained?
Jamf retains your Employee personal information (including your sensitive personal information) for as long as needed or permitted considering the purposes for which it was collected and in accordance with applicable laws, including data privacy/protection laws and local labor laws. The criteria used to determine our retention periods include:
- The duration of your employment or contract with us;
- The length of time we have an ongoing relationship with you or your dependents/beneficiaries, plus the time needed thereafter to address any legitimate issues that may arise;
- Whether there is a legal obligation to which we are subject, for example, certain laws may require us to keep your employment records for a certain period of time; and
- Whether retention is advisable considering our legal position, such as regarding applicable statutes of limitations, litigation, or regulatory investigations.
7. How does Jamf secure my personal information?
Jamf takes your personal information seriously and implements technical, organizational, and administrative measures designed to prevent unauthorized access, loss, misuse, or disclosure and align with industry standards and data protection laws. This includes:
- Limiting access to personal information to only those who need it for their job.
- Using encryption and secure systems to keep data safe in storage and transit.
- Monitoring networks and systems to detect potential security threats.
- Training Employees in privacy and data protection best practices.
- Ensuring vendors and partners meet Jamf’s security standards.
If a data incident occurs, Jamf investigates, mitigates, and notifies affected individuals as required by applicable data privacy/protection laws.
8. What choices and rights do I have?
You may request further details regarding Jamf’s processing of your Employee personal information in accordance with applicable local laws.
You may have certain rights over your personal information, depending on the applicable jurisdiction, including but not limited to:
- 自身の個人情報の詳細を受け取り、それにアクセスする権利。
- 特定の個人情報を消去する権利。
- 特定の状況下で自身の個人情報の処理を停止する権利。
- 法的またはそれに類する重大な影響をもたらす、プロファイリングを含む、完全に自動化された意思決定の対象とならない権利。
- ポータビリティ(移植性)に関する権利。
- 自身の個人情報を修正する権利。
- 自身の個人情報の販売を拒否する権利。
- 処理がお客様の同意に基づく場合、撤回前の処理の適法性に影響を与えることなく、いつでも同意を撤回する権利。および、
- お客様の個人情報が違法に処理されたと確信する場合、該当するデータ保護監督当局(例えば、関連するEUデータ保護当局、英国情報コミッショナー事務所、またはスイス連邦データ保護情報コミッショナー)に苦情を申し立てる権利。
これらの権利については制限が設けられています。Jamfは、検証可能な権利要請に対して、受領後1か月以内に回答します。ただし、要請の複雑さにより必要と判断される場合は、最大2か月まで延長される場合があります。詳細については、privacy@jamf.comまたは人事担当者にお問い合わせください。
9. Do I have an obligation to make personal information available?
Providing the following personal information is necessary for the conclusion and performance of your employment with Jamf and has its legal basis in employment law: (a) first name (names) and surname; (b) date of birth; (c) contact details that you share with us (at least residential address); (d) education; (e) qualifications, if required to perform work in a given position or of a given type; (f) work experience (previous employment); (g) your personal identification number or type and series number of another document confirming your identity (e.g., government issued identification card); (h) your other personal information, as well as names and dates of birth of your children and other members of your immediate family, if the provision of such information is necessary due to the use of special rights provided for in the labour law; and (i) bank account number, unless you have requested cash payment of your remuneration. It is not possible to create and sustain an employment relationship or perform an employment contract (as applicable) without processing your personal information within the above scope.
Jamf as your employer may also request you to provide other personal information, if the obligation to provide it results from other provisions of law or if another lawful purpose exists.
10. Is Jamf a participant of the EU-U.S., UK, and Swiss Data Privacy Frameworks?
JAMF Software, LLC complies with the EU-U.S. Data Privacy Framework (DPF), including the UK Extension and the Swiss-U.S. DPF, as set forth by the U.S. Department of Commerce. JAMF Software, LLC has certified its adherence to the relevant DPF Principles for processing personal information received from the EU, United Kingdom (and Gibraltar), and Switzerland under these frameworks.
JAMF Software, LLC is certified under the Data Privacy Framework (DPF). No other Jamf affiliates or subsidiaries are covered by this certification. In the event of a conflict between this Employee Privacy Notice and the EU-U.S., UK Extension, or Swiss-U.S. DPF Principles, the relevant DPF Principles will govern. To learn more or view our certification, visit the DPF website. JAMF Software, LLC cooperates with the appropriate European data protection authorities—including the EU DPAs, the UK Information Commissioner’s Office, the Gibraltar Regulatory Authority, and the Swiss Federal Data Protection and Information Commissioner, and follows their guidance on human resources data. In compliance with the DPF Principles, JAMF Software, LLC is committed to resolving complaints related to personal information collected or used under the DPF. Individuals from the EU, UK, or Switzerland with inquiries or complaints should first contact us via Section 12 below.
In compliance with the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF, JAMF Software, LLC refers unresolved privacy complaints regarding personal information handled under these frameworks to Data Privacy Framework Services, an independent dispute resolution mechanism operated by BBB National Programs in the United States. If you do not receive timely acknowledgment or are unsatisfied with our response, please visit here for more information or to file a complaint. This service is provided to you at no cost.
Under certain conditions, you may invoke binding arbitration for unresolved residual claims related to data covered by the EU-U.S. DPF, the UK Extension, or Swiss-U.S. DPF. This option provides a prompt, independent, and fair mechanism to resolve any claimed violations not settled through other DPF mechanisms. For additional information on binding arbitration, see Annex I to the EU-U.S. DPF Principles found here.
11. California Addendum—For Residents of California
This California Addendum applies to California residents and supplements the information provided above in the Employee Privacy Notice.
11.1 Categories of Personal Information Collected and Disclosed
We may collect and process the personal information listed below for our operational, business and employment purposes, and we may also disclose certain categories of this information to third parties. The following chart details the categories of personal information we may have collected and processed, as well as the categories we may have disclosed to third parties, in the 12 months preceding the date this notice was last updated.
| Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes |
| Identifiers, such as name, contact details (address, phone number, email), date of birth, unique personal identifiers, IP address, account name, online identifiers, photo badges, beneficiary designations, and government-issued identifiers (e.g., Social Security number, driver’s license number, passport number) | Our affiliates; our customers; service providers that provide services such as payroll, background check vendors (where permitted by law), consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Personal information as defined in the California customer records law, such as name, contact information, signature, Social Security number, passport number, and medical, insurance, financial, education and employment information. | Our affiliates; our customers; service providers that provide services such as payroll, background check vendors, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Characteristics of protected classifications under California or federal law, such as sex, age, gender, race, disability, religion, medical conditions, citizenship, military/veteran status, gender identity and expression, primary language, immigration status, and requests for leave | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Commercial information, such as purchasing information and payment history related to business and travel expenses | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Internet or network activity information, such as browsing history and interactions with our and others’ websites, applications, and systems | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Telecommunication information, such as name, e-mail address, phone number, call history, SMS history (not messages), data usage, network traffic, SIM, device identifiers (if device is managed) | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Geolocation data, such as device location, approximate location derived from IP address | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Audio, electronic, visual, and similar information, such as call and video recordings, security camera footage, and information about the use of electronic devices and systems | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Education information subject to the federal Family Educational Rights and Privacy Act, such as student transcripts and confirmation of graduation | Our affiliates; service providers that provide services such as payroll, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Professional or employment-related information, such as work history and prior employer, information from reference checks, employment application, membership in professional organizations, personnel files, personal qualifications and training, eligibility for promotions and other career-related information, work preferences, business expenses, wage and payroll information, benefit information, information on leaves of absence or PTO, performance reviews, and information on internal investigations | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Inferences drawn from any of the personal information listed above to create a profile about, for example, an individual’s preferences, characteristics, predispositions, and abilities | Our affiliates; service providers that provide services such as payroll, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Sensitive Personal Information Personal information that reveals an individual’s Social Security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, citizenship, immigration status, or union membership; the contents of mail, email, and text messages unless Jamf is the intended recipient of the communication; The processing of biometric information for the purpose of uniquely identifying an individual; Personal information collected and analyzed may include an individual’s racial and ethnic origin, gender, veteran status, disability status, marital status, and LGBTQIA+ status, for DEIB reporting and government employment reporting. These identifiers may be optional, except where required by law; Personal information collected and analyzed concerning an individual’s health; and Personal information collected and analyzed concerning an individual’s sex life or sexual orientation. | Our affiliates; service providers that provide services such as analysis, payroll, benefits, consulting, reporting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
11.2 No Sale or Sharing of Personal or Sensitive Information
We do not “sell” or “share” your personal information, including your sensitive personal information, as defined under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act. We have not engaged in such activities in the 12 months preceding the date this notice was last updated. Without limiting the foregoing, we do not “sell” or “share” the personal information, including the sensitive personal information, of minors under 16 years of age.
11.3 Purposes for the Collection, Use, and Disclosure of Sensitive Personal Information
We collect, use, and disclose sensitive personal information to perform business services, support your employment, ensure security and safety, manage payroll and benefits, maintain workforce diversity, comply with legal obligations, and to prevent fraud or illegal activities. We do not use or disclose sensitive personal information for additional purposes.
11.4 Individual Requests
Subject to applicable law, California residents may make the following requests regarding their personal information:
a. Right to Know
You may request that we disclose to you the following (if applicable):
- The categories of personal information we collected about you and the categories of sources from which we collected such personal information;
- The business or commercial purpose for collecting, “selling,” or “sharing” personal information about you;
- The categories of personal information about you that we “sold” or “shared” and the categories of third parties to whom we “sold” or “shared” such personal information; and
- The categories of personal information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such personal information.
b. Right to Correct
- You may request to correct inaccuracies in your personal information.
c. Right to Delete
- You may request to have your personal information deleted.
d. Right to Access and Data Portability
- You may request to receive the specific pieces of your personal information, including a copy of the personal information you provided to us in a portable format.
e. Right to Opt Out of Sale or Sharing
- Cookieの同意、またはprivacy@jamf.comへのご連絡を通じて、クロスコンテキスト行動ターゲティング広告用の個人情報の「販売」または「共有」を拒否(オプトアウト)できます。
当社は、お客様のプライバシー権の行使を理由に不当に差別することはありません。要請を行うには、privacy@jamf.comまたは888-755-1421にお問い合わせください。当社は、お客様からのご要請の内容を受領後45日以内に確認の上、回答いたします。合理的に必要と判断される場合は、お客様に通知した上で、この期間をさらに45日間延長することがあります。当社は、関係する個人情報の種類および機密性を考慮し、適用法に従って対応します。
To protect against fraudulent requests, we may ask you to provide additional information to verify your identity. If you have a password-protected account with us, we may verify your identity through our standard authentication process and require you to re-authenticate yourself before fulfilling certain requests. For deletion requests, we may ask you to confirm the request before proceeding.
We also process opt-out preference signals, such as the Global Privacy Control. These signals set your opt-out preferences only for the particular browser or device you are using. For information about how to use Global Privacy Control, please visit https://globalprivacycontrol.org/.
11.5 Authorized Agents
If an agent would like to make a request on your behalf as permitted by applicable law, the agent may use the submission methods noted in sub-section 11.4. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in sub-section 11.4 or confirm that you provided the agent permission to submit the request.
12. How to Contact Us
If you have any questions or complaints about this Employee Privacy Notice, please contact us as follows:
JAMF Software, LLC
100 Washington Avenue South
Suite 900
Minneapolis, MN 55401
If you would like to request access to the personal information that we may maintain about you, please submit a request here.
当社では、質問や苦情対応のため、外部から任命された専任のデータ保護責任者(「DPO」)を置いています。当社の個人情報保護方針やお客様の情報の取り扱い方法についてご質問がある場合は、DPO(privacy@jamf.com)までメールでお問い合わせください。
更新日付:2026年6月25日