Privacy Policy
JAMF Software, LLC
Privacy Policy
Your privacy is important to us. This Privacy Policy covers how we collect, use, disclose, transfer, and store your personal information. Please take a moment to familiarize yourself with our privacy practices and let us know if you have any questions.
A. Overview
JAMF Software, LLC, and its affiliates (“Jamf,” “we," or “us”) are committed to protecting the privacy of your personal information in accordance with applicable data protection laws worldwide.
This Privacy Policy explains how we collect, use, and protect your personal information when you use our “Services”, which means:
- visiting our corporate websites,
- registering or attend events or training courses hosted by Jamf,
- participating in our online user community, or
- contacting us to request more information.
This Privacy Policy also applies where we process personal information about individuals who have not directly interacted with our Services, including where we receive contact details from third-party data providers or channel partners for prospecting and marketing purposes.
This Privacy Policy applies where Jamf acts as the data controller of your personal information. It does not apply to personal information processed in connection with our “Product Offerings”. Where Jamf processes personal information through our Product Offerings, we do so on behalf of our customers and in accordance with our customer agreements, including the Software License and Services Agreement and Data Processing Agreement. You can also review these agreements on Jamf's Trust Center.
B. Collection and Sources of Information
Depending on how you interact with us, we may collect or receive the following information:
- Account and Profile Information: This includes information you provide when you create an account with our Services, request a trial, contact support, register for events, or complete surveys. It may include your name, username, email address, phone number, company name, state, country, LinkedIn URL, Twitter URL, GitHub URL, and your photo.
- Service Information: When you use our Services, we receive information generated through your use, either entered by you or others who use the Services, or from the Services infrastructure itself. This information may include name, username, company/organization, company/organization address, email address, phone number, IP address, or other information you provide to the Services. The information collected is kept to a minimum and depends on the use case and platforms used.
- Operational and Diagnostic Data: We may collect statistical, usage, and performance data related to your use of the Services to monitor and maintain the performance, integrity, and stability of our websites, online communities, and other Services.
- Payment Information: We use third-party payment processors to process payments. In connection with payment processing, we do not retain any personally identifiable information or any financial information such as credit card numbers. All such information is provided directly to our third-party processors whose use of your personal information is governed by their privacy policies. The privacy policies of our current third-party processors may be viewed at https://stripe.com/us/privacy, https://home.bluesnap.com/privacy-policy/, and https://www.cleverbridge.com/corporate/privacy-policy/.
- Information from Third Parties: We receive personal information about you from the following categories of third-party sources:
- Business contact data providers and sales intelligence platforms that supply contact details of individuals at organizations that may be interested in our products and services;
- public databases and professional networks, such as information you have made publicly available on LinkedIn or similar platforms;
- channel partners, resellers, and referral partners, who may share contact details of their customers or prospects in connection with a joint business relationship;
- event organizers and co-marketing partners, who provide attendee or registrant information where you have engaged with Jamf-related content or events; and
- other Jamf affiliates and subsidiaries, who may share information for group business operations and marketing purposes.
Where we obtain your personal information from third-party sources, we will provide you with the information required under applicable data protection law prior to communication with you.
- Location Information: Some Services collect general location information based on IP addresses. We use this information to customize the Services we provide to you. We do not use, disclose, or sell location information for the purposes of providing targeted marketing or advertisements.
- Automatically Collected Information: When you access our Services, we may collect information about your engagement on our corporate websites, content you provided during chat interactions with our third-party partners, forums, forms, and user experience and session replay technology, where applicable, to understand how you interact with our websites or apps. Session replay tools record behavioral interactions such as mouse movements, clicks, scrolling, and keystrokes to help us understand how visitors use our website and identify usability issues. These tools are configured to collect fully anonymized data only and do not capture personal information. Live chat and conversational tools operated by our third-party partners may also collect and process the content of your interactions in accordance with those partners’ privacy policies.
- Call Recordings, Transcriptions, and Summaries: When you interact with Jamf's sales or customer support teams, we may record, transcribe, and/or generate summaries of those calls and meetings. Where required by applicable law, we will notify you at the start of the call and obtain your consent to make these recordings, transcriptions, and summaries, which may contain personal information you share during the interaction, such as your name, contact details, and information about your organization. We use this information to provide and improve our Services, train our teams, ensure quality, resolve disputes, and to comply with applicable legal and regulatory requirements relating to record-keeping.
- Advertising Information: We and our third-party advertising partners may collect information about your visits to our websites, pages viewed, and interactions with our content through cookies and similar tracking technologies. This information is used to deliver relevant Jamf advertisements to you on third-party platforms and to measure the effectiveness of our advertising.
- Other Information: From time to time, we may collect additional demographic information through surveys, event registrations, or your interactions with our Services to help us analyze trends and improve the relevance of our Services and communications.
C. Use of Collected Information
We may use the personal information we collect automatically or when you use the Services for the following purposes:
- To carry out the purpose for which it was originally collected or received.
- To provide, operate, maintain, and improve our websites, online communities, and other Services.
- To respond to your inquiries and provide support.
- To process and complete transactions and send you related information.
- To market and sell our products and services, including by sending promotional communications where we have your consent or are otherwise permitted to do so under applicable law.
- To monitor and secure our websites, online communities, and other Services and to address or prevent technical or security issues.
- To address or prevent technical or security issues.
- To comply with applicable laws and regulations that apply to us or third parties, and to respond to lawful requests from regulatory agencies, law enforcement, and other public authorities.
- To record, transcribe, and summarize sales and support interactions for quality assurance, team training, service improvement, and dispute resolution.
- To serve Jamf advertisements to you on third-party platforms based on your interactions with our websites and content. This may involve sharing certain personal information, such as identifiers and online activity data, with advertising partners for cross-context behavioral advertising. For more information, including how to opt out, see Section E.
- To measure the effectiveness of our advertising campaigns, including transmitting hashed contact information to advertising partners for ad attribution and conversion measurement purposes.
- To analyze your preferences, interests, and interactions with our Services, including through automated processing and profiling, to provide personalized content, product recommendations, and targeted marketing communications.
We may supplement the personal information we collect directly from you with the information obtained from third party sources described above, to better understand your preferences and improve the relevance of our Services and communications. This data allows us to offer custom recommendations, content, and features that better match your needs. We use third-party marketing automation tools to streamline communication and deliver promotional content tailored to your interests and interactions with our platform. We do not sell or rent personal information to third parties and only share information as outlined in this Privacy Policy.
D. Artificial Intelligence and Machine Learning
We may use artificial intelligence (“AI”) technologies as part of our Services, to support certain business operations, including customer relationship management (CRM), talent acquisition, analytics, security monitoring, and communication tools that generate transcriptions, summaries, or sentiment analysis of sales and support interactions. These tools are used to improve communication, engagement, and service quality. As with other business operations described in this policy, AI-related processing described in this section is performed in our capacity as a data controller, in accordance with applicable laws, including GDPR and the EU AI Act.
Jamf does not deploy AI systems classified as 'prohibited' under the EU AI Act or equivalent applicable laws. Where we deploy AI tools that may fall within regulated categories under the EU AI Act or equivalent applicable laws, we implement appropriate risk management, transparency, and human oversight measures as required.
While we use automated processing, including profiling, to personalize content and marketing communications as described in Section C, we do not use solely automated decision-making that produces legal or similarly significant effects on individuals without appropriate safeguards, including the right to obtain human intervention.
E. Cookies and Similar Technologies
Jamf and our third-party partners, such as our advertising and analytics partners, use cookies and similar tracking technologies to operate our websites and applications and to understand how you interact with them, and to deliver relevant content and advertising.
Use of Cookies. We may collect various forms of information such as entry and exit points for our websites (i.e., referring URLs or domain names), website traffic statistics, operating system, and browser type (collectively referred to as “Traffic Data”). Traffic Data is anonymous information that does not personally identify you but is helpful for marketing purposes or for improving your experience on the sites. In addition, when you request pages on our sites, our servers automatically log your IP address. Depending on the cookie, the cookie may expire at the end of your browser session or may remain (or “persist”) on your computer until the expiration date specified in the cookie.
Controlling or Modifying Cookies. If you accept a cookie, you can delete it at any time (e.g., as soon as you leave our websites) through your web browser. If you do not wish to receive cookies or wish to manage when you accept cookies in general, you can set your browser to reject cookies or to alert you when a cookie is placed on your computer. If you choose to decline cookies, certain features or functionality of our Services that depend on your web browser accepting cookies may not work properly. You can also use opt-out tools provided by third-party partners, or by the Digital Advertising Alliance (http://www.aboutads.info/choices), the European Digital Advertising Alliance (http://www.youronlinechoices.eu), or similar entities. Where required, we obtain consent prior to using cookies.
Analytics. We use analytics services provided by Google to monitor our Services, including Firebase, Google Analytics for Firebase, and Crashlytics. You can learn more about the types of analytical data collected, how that data is processed, and how to opt out of certain features by visiting: www.google.com/policies/privacy/partners/.
Where you consent to advertising or analytics cookies, we may use conversion measurement features that transmit hashed contact information (such as email addresses) to advertising partners for ad attribution purposes described in Section C.
Do Not Track Signals. Jamf Services recognize Global Privacy Control (GPC) signals, which we treat as a valid opt-out of the sale or sharing of personal information under applicable U.S. state privacy laws. Learn more at globalprivacycontrol.org.
F. Lawful Basis for Processing Your Personal Information
Our lawful basis for collecting and using personal information will depend on the personal information concerned and the specific context in which we collect it. The types of personal information we collect and the purposes for which we collect them are described in Section B and C of this policy. Depending on the context, the lawful basis will be one or more of the following:
- Legitimate Interests: We process personal information where necessary to operate, maintain, and improve our business and Services, provided our interests are not overridden by your privacy rights and freedoms. This includes communicating with you about our products and services, conducting direct marketing activities, and promoting Jamf’s offerings to prospective and existing customers where consent is not otherwise required by law. These activities may include sending marketing communications, following up after events or webinars, using marketing tools to provide relevant content, conducting digital advertising and retargeting campaigns, and working with partners or professional sources to identify organizations that may benefit from our Services.
- Consent: Where applicable, we process your personal information when you provide your consent after being informed of the purpose of the processing. For example, we rely on consent when you sign up for events, complete website forms, accept cookies or similar technologies, consent to the recording, transcription, summarization, or AI-assisted analysis of sales or support calls (where consent to recording also covers any downstream AI processing of that recording), or opt in to receive marketing communications such as newsletters, blogs, or promotional emails. Where required by law, we also obtain consent before using advertising or analytics technologies, including conversion measurement features that may share hashed form submission data with advertising partners. You may withdraw your consent at any time, including through our cookie consent tool or browser settings for advertising cookies; however, this will not affect any processing already carried out based on your previous consent.
- Performance of Contract: We process certain personal information where it is necessary to fulfil our contract with you, such as providing access to our products, managing your subscriptions, or delivering support services. This includes activities like authenticating users, deploying software, and responding to service requests.
- Legal Obligations: We process personal information in accordance with legal or regulatory obligations. This includes responding to valid legal requests, maintaining required records, and complying with applicable laws such as tax, financial reporting, and employment laws.
G. Sharing Personal Information & Accountability for Onward Transfer
We engage third-party partners and processors to support business operations such as mailing services, data analysis, marketing, advertising, managing and optimizing customer data, data storage, payment processing, search functionality, and customer support. We permit these parties to use personal information only as necessary to perform services on our behalf.
We may also share your personal information, in accordance with applicable law in the event of any reorganization, merger, sale, joint venture, or transfer of assets. When personal information is shared, we will ensure that the third parties receiving the information are obligated to provide at least the same level of privacy protection as is required under this Privacy Policy. If we transfer information outside of a local jurisdiction, it will only be done with adequate protections in place and in compliance with applicable laws and standards.
We may share your personal information if we have a good faith belief that such action is necessary to (i) protect and defend our rights or property, (ii) enforce this Privacy Policy, (iii) participate in dispute resolution pursuant to this Privacy Policy, (iv) protect the interests of other users of the Services or any other person, or (v) operate or conduct maintenance and repair of the Services or equipment as necessary to provide Services to you.
We may be required to disclose your personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. If we receive a request for this personal information, we will (unless prohibited by law from doing so) inform the relevant individual as soon as reasonably practicable and take reasonable actions to address or assist in addressing such request.
We will remain liable under applicable laws and relevant contractual obligations for our processors, if they process your personal information in a manner inconsistent with applicable laws and contractual obligations.
H. Parents’ Rights and Children's Privacy
Our Services are not directed to anyone under the age of 16, and we do not knowingly solicit or collect information from individuals under 16 years of age (or below the applicable age of digital consent or legal majority in the relevant jurisdiction) except in connection with certain Product Offerings provided to educational institutions that serve children. In these cases, the educational institution is responsible for obtaining any required parental or guardian consent where required by applicable law. We are committed to protecting children’s privacy by limiting the collection of personal information to what is necessary to provide the educational service, restricting the use of children’s information to authorized educational purposes, and complying with applicable child privacy laws and standards.
- We collect only the minimum personal information necessary to provide and support the educational service.
- We do not knowingly request more information from children than is reasonably necessary for the operation of our Product Offerings.
- We do not use children’s personal information for advertising, marketing, or unrelated commercial purposes.
- We do not knowingly sell children’s personal information.
- We do not knowingly share children’s personal information except as necessary to provide the service, as directed by the educational institution, or as otherwise permitted or required by law.
- We may share children’s information with parents, guardians, educators, educational institutions, or other authorized parties in connection with providing our Services.
- We provide educational institutions with tools to access, correct, or delete student data upon request.
- We comply with applicable child privacy requirements, including the UK Age Appropriate Design Code where applicable.
- Parents or guardians seeking to review, correct, or request deletion of a child’s information should contact the educational institution directly.
If you or your child’s educational institution has concerns about how we handle children’s personal information and wish to raise a data protection complaint, you may do so under section V of the Privacy Policy. We will respond in clear language and, where the educational institution acts as the controller, we will direct the complaint to the institution first.
I. International Data Transfer
Your personal information might be transferred to and processed in countries other than the country in which you are a resident. These countries may have data protection and privacy laws that are different than the laws of your home country. We only transfer personal information to other countries in accordance with applicable data protection and privacy laws, provided there are legally adequate protections in place for the personal information. This includes transfers made by our processors and sub-processors acting on our behalf. Where we engage third-party service providers that process personal information outside the EEA, UK, or Switzerland, we require those providers to apply equivalent safeguards, such as Standard Contractual Clauses or another approved transfer mechanism, to any onward transfers they make. A list of our global offices can be found here.
If you are a resident of the European Economic Area (“EEA”) and your personal information is transferred outside of the EEA, we will:
- Process it in a territory which the European Commission has determined provides an adequate level of protection for personal information; or
- Otherwise implement appropriate safeguards to protect your personal information, including by EEA Standard Contractual Clauses (“EEA SCCs”) or another lawful transfer mechanism approved by the European Commission.
If you are a resident of the United Kingdom (“UK”) and your personal information is transferred outside of the UK, we will:
- Process it in a territory which the Information Commissioner’s Office (“ICO”) has determined provides an adequate level of protection for personal information; or
- Otherwise implement appropriate safeguards to protect your personal information, including by appending the UK Addendum to the EEA SCCs or another lawful transfer mechanism approved by the ICO.
If you are a resident of Switzerland and your personal information is transferred outside of Switzerland, we will:
- Process it in a territory which the Swiss government has determined provides an adequate level of protection for personal information; or
Otherwise implement appropriate safeguards to protect your personal information, including by using the EEA SCCs, subject to modifications and amendments prescribed by the Federal Data Protection and Information Commissioner (FDPIC).
J. Participation in the EU-U.S., UK, and Swiss Data Privacy Frameworks
In addition to the transfer mechanisms described above, to further demonstrate our commitment to privacy, JAMF Software LLC complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. JAMF Software, LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. JAMF Software, LLC has certified to the U.S. Department of Commerce that JAMF Software, LLC adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal information from Switzerland in reliance on the Swiss-U.S. DPF.
JAMF Software, LLC is certified under the DPF. No other Jamf affiliates or subsidiaries are covered by this certification. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles, the UK Extension to the EU-U.S. DPF and/or the Swiss-U.S. DPF Principles, the relevant DPF Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. Additionally, our organization commits to cooperating with the appropriate European data protection authority/ies (“DPAs”) (i.e., the EU DPAs, and, as applicable, the United Kingdom Information Commissioner’s Office and Gibraltar Regulatory Authority, and the Swiss Federal Data Protection and Information Commissioner) and comply with the advice given by such authority/ies regarding human resources data. JAMF Software, LLC’s Employee Privacy Notice is available here. In compliance with the EU-U.S. and Swiss-U.S. DPF Principles and the UK Extension to the EU-U.S. DPF, JAMF Software, LLC commits to resolve DPF Principles-related complaints about our collection or use of your personal information. European Union, Swiss and United Kingdom individuals with inquiries or complaints regarding our handling of personal information received in reliance on the EU-U.S. DPF, UK Extension to the EU-U.S. DPF and Swiss DPF should first contact us via Section W below.
In compliance with the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF, JAMF Software, LLC commits to refer unresolved privacy complaints concerning our handling of personal information received in reliance on the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs, which is based in the United States. If you do not receive timely acknowledgment of your DPF Principles complaint from us, or if JAMF Software, LLC has not addressed your DPF Principles-related complaint to your satisfaction, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information or to file a complaint. The services of BBB National Programs are provided at no cost to you.
Under certain conditions, you may invoke binding arbitration for certain residual claims as to data covered by the EU-U.S. DPF, the UK Extension to the EU.U.S. DPF and Swiss-U.S. DPF. The purpose of this option is to provide a prompt, independent, and fair mechanism, at your option, for resolution of any claimed violations of the EU-U.S. DPF, UK Extension to the EU-U.S. DPF or Swiss-U.S. DPF Principles not resolved by any of the other EU-U.S. DPF, UK Extension or Swiss-U.S. DPF mechanisms. For additional information on binding arbitration, see Annex I to the EU-U.S. DPF Principles found here https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
K. Protection and De-Identification of Information
Considering the risks involved in the processing, the nature of personal information processed, and to prevent loss, misuse, unauthorized access, disclosure, alteration, and destruction while maintaining data accuracy, we have implemented appropriate technical and administrative safeguards for the personal information we collect.
Where we maintain or use de-identified information, we will not attempt to re-identify the information.
For more information on how we protect information, see Jamf's Trust Center.
L. Retention
We retain your personal in an identifiable form for as long as needed or permitted considering the purposes for which it was collected. We look at the following criteria to determine our retention periods:
- The duration of our relationship with you, including the time we provide Services and any period after during which we may need to retain personal information to fulfill legitimate business needs;
- If we have a legal obligation to keep the personal information, for example, certain laws may require us to keep records of your transactions for a specified period before we can delete them; and
- If there is an applicable statute of limitations, litigation, or regulatory investigations that require us to retain the information.
M. Other Limits to Your Privacy
The Services may contain links to other non-Jamf websites. We are not responsible for the privacy practices or the content of such websites. We have no control over the use of non-Jamf websites, and you should exercise caution when deciding to disclose any information on these websites.
N. Choice
You have control over the personal information you provide to us. You may choose not to share certain information; however, this may limit functionality or prevent access to certain Services. You may opt out of marketing communications at any time by emailing privacy@jamf.com, clicking the unsubscribe link in our emails, or unsubscribing here. Please note that you may still receive service-related or operational communications after opting out of marketing messages.
Where we rely on legitimate interests for direct marketing, you also have the right under applicable data protection laws, including GDPR, to object to such processing at any time. This right applies to all forms of direct marketing, including email, phone, digital advertising, and related profiling activities. If you object, we will process your request as soon as reasonably possible and stop processing your personal information for direct marketing purposes upon receipt of an objection.
O. Legal Compliance
We may disclose your information in response to valid subpoenas, warrants, court orders, and other legal requests as required to comply with our legal obligations. If we receive any government agency requests, we will inform you in writing as soon as reasonably practical unless prohibited by law from doing so. We will cooperate with law enforcement agencies and authorities within the bounds of applicable laws and regulations while prioritizing the protection of your privacy.
P. Privacy Requests
If you would like to request to access, correct, update, suppress, restrict, or delete your personal information, object to or opt out of the processing of your personal information, or receive a copy of your personal information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us as set out in Section W below or by submitting a Data Subject Request (DSR) here.
To protect your privacy and security, we may also take reasonable steps to verify your identity before responding to DSRs. If you are dissatisfied with how we have handled your request, you may raise a data protection complaint under Section V of this Privacy Policy.
We may process certain types of personal information for our customers when providing our Product Offerings. We process this personal information to provide customers with the Product Offerings according to the license and services agreement between us and the customer. Often, we will not have a direct relationship with the data subjects of this personal information, as our relationship is with the business or organization, not an individual employee of the organization. If you have questions about your personal information, we recommend first contacting the organization that originally collected your personal information. The organization can contact us if further assistance is needed.
Q. Regulatory Oversight
For this Privacy Policy, its content, and our compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we are subject to the jurisdiction of the Federal Trade Commission (“FTC”). If we become subject to an FTC or court order based on non-compliance with this policy, applicable privacy laws, the EU-U.S. and Swiss-U.S. DPFs, or the UK Extension to the EU-U.S. DPF, we will make public any relevant information of any compliance or assessment reports submitted to the FTC, if consistent with confidentiality requirements.
R. Data Disclosure Notification
Should we become aware of a data breach or security incident involving unauthorized access to, disclosure of, or loss of your personal information, we will notify you as required by applicable laws. Our notification will include details of the breach, corrective actions, and contact information for further assistance. Our Information Security Breach Management process can be found here.
S. Privacy Rights for Residents of the United States
Depending on your place of residence, you may have certain privacy rights under U.S. state privacy laws, which Jamf honors. These rights may include the ability to access, correct, delete, or restrict the processing of your personal information. If eligible, you can submit a request through our webform or by emailing us at privacy@jamf.com.
We may require you to verify your identity by providing personal information that we will match against our records. Where permitted, you may designate an authorized agent to make a request on your behalf. Please refer to sub-section T.6.
T. California Notice—For Residents of California
This section applies to California residents and supplements the information provided above in the Privacy Policy. It does not apply to our employees or other personnel where the personal information we collect about those individuals relates to their current, former, or potential employment at Jamf.
T.1 Categories of Personal Information Collected and Sources
We may collect this personal information directly from you, from third parties, and from your interactions with our Services. As defined by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (collectively, the “CCPA”), the personal information categories we have collected about California consumers in the preceding 12 months are:
a. Personal information as defined in the California customer records law, such as name, contact details (address, phone number, email), and employment information, such as current employer.
b. Characteristics of protected classifications under California or federal law, such as primary language.
c. Commercial information, such as purchase history and transaction information.
d. Internet or network activity information, such as browsing history, online identifiers, search history, and interactions with our online properties or ads.
e. Geolocation data as approximate location derived from IP address.
f. Audio, electronic, visual, and similar information, such as photos and call or video recordings.
T.2 Purposes for Collection, Use, and Disclosure of Personal Information
We collect the categories of personal information outlined above for business operations, marketing, security, and legal and compliance purposes, as detailed in Section C. We may share this information with our service providers, affiliates, and business partners that support functions such as data analysis, data storage, payment processing, and customer support. We may disclose information to public and governmental authorities, including regulatory authorities and law enforcement, as described above in Section G.
T.3 Sensitive Personal Information
We have not collected, shared, or sold any sensitive personal information, as defined under the CCPA. We have not engaged in such activities in the 12 months preceding the date this Privacy Policy was last updated. Without limiting the foregoing, we do not “sell” or “share” sensitive personal information.
T.4 Categories of Personal Information Sold/Shared for Cross-Context Behavioral Advertising
We may disclose the categories of personal information listed above to third-party advertising partners in connection with our use of tracking technologies for cross-context behavioral advertising, or by providing lists of email addresses for potential customers, so that we can reach you across the web with advertisements for our products and services. This may be considered a “sale” or a “sharing” of personal information under the CCPA.
- Cross-context behavioral. We use tracking technologies, such as cookies and similar tools, that enable our advertising partners to collect identifiers and internet or network activity information in connection with your use of our Services. Our advertising partners use this information to deliver targeted Jamf advertisements to you on third-party platforms. This constitutes "sharing" under the CCPA.
- Audience matching and prospecting. We may provide contact information, such as email addresses, to advertising partners for the purpose of identifying and reaching potential customers through custom audience or lookalike audience features on third-party advertising platforms. This may constitute a "sale" under the CCPA.
- Conversion measurement. We may disclose hashed identifiers, such as email addresses submitted through website forms, to advertising partners to measure the effectiveness of our advertising campaigns. This may constitute "sharing" or a "sale" under the CCPA.
We do not knowingly “sell” or “share” the personal information, including the sensitive personal information, of minors under 16 years of age.
T.5 Individual Requests
Subject to applicable law, California residents may make the following requests regarding their personal information:
a. Right to Know
You may request that we disclose to you the following:
- The categories of personal information we collected about you and the categories of sources from which we collected such personal information;
- The business or commercial purpose for collecting, “selling,” or “sharing” personal information about you;
- The categories of personal information about you that we “sold” or “shared” and the categories of third parties to whom we “sold” or “shared” such personal information; and
- The categories of personal information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such personal information.
b. Right to Correct
- You may request to correct inaccuracies in your personal information.
c. Right to Delete
- You may request to have your personal information deleted.
d. Right to Access and Data Portability
- You may request to receive the specific pieces of your personal information, including a copy of the personal information you provided to us in a portable format.
e. Right to Opt Out of Sale or Sharing
- You may opt out of the “sale” or "sharing” of your personal information for cross-context behavioral advertising through cookie consent.
We will not unlawfully discriminate against you for exercising your privacy rights. To submit a request, please contact us at privacy@jamf.com or 888-755-1421. We will verify and respond to your request in accordance with applicable law, considering the type and sensitivity of the personal information involved.
To protect against fraudulent requests, we may ask you to provide additional information to verify your identity. If you have a password-protected account with us, we may verify your identity through our standard authentication process and require you to re-authenticate yourself before fulfilling certain requests. For deletion requests, we may ask you to confirm the request before proceeding.
We also process opt-out preference signals, such as the Global Privacy Control. These signals set your opt-out preferences only for the particular browser or device you are using. For information about how to use Global Privacy Control, please visit https://globalprivacycontrol.org/.
T.6 Authorized Agents
If an agent would like to make a request on your behalf as permitted by applicable law, the agent may use the submission methods noted in sub-section T.5. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in sub-section T.5 or confirm that you provided the agent permission to submit the request.
U. Changes to Our Privacy Policy
We may update this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we will notify you by posting the revised policy on our corporate website (https://www.jamf.com/trust-center/privacy/privacy-policy/), so please visit it periodically. The date of the most recent revision to this Privacy Policy will be posted at the end. Any revisions will become effective upon seven calendar days following such posting on our corporate website.
V. Data Protection Complaints
If you believe that we have infringed your rights under applicable data protection laws, you have the right to make a complaint directly to us.
You can submit a complaint by completing our online complaint form here, or by emailing privacy@jamf.com with the subject line "Data Protection Complaint." We also accept complaints submitted through any other channel, including social media. Where a compliant is received through a channel that does not include a private return contact method, we will ask you to provide one so that we can respond to you directly.
When we receive your complaint, we will acknowledge receipt within 30 days and investigate the matters you have raised without undue delay. We will notify you of the outcome of our investigation, including any actions we have taken or intend to take. Our response will describe the outcome of our investigation, the steps we have taken or will take to address your concern, and any limitations on what we can disclose or do, including where legal obligations apply.
If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority. For individuals in the United Kingdom, this is the Information Commissioner's Office (ICO), which can be contacted at ico.org.uk or by telephone on 0303 123 1113. For individuals in the European Economic Area, you may contact your local data protection authority. A list of EU data protection authorities is available here.
For complaints related specifically to personal information handled under the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, or the Swiss-U.S. DPF, please refer to Section J of this Privacy Policy.
W. How to Contact Us
If you have any questions or complaints about this Privacy Policy, please contact us as follows:
JAMF Software, LLC
100 Washington Avenue South
Suite 900
Minneapolis, MN 55401
If you would like to request access to the personal information that we may maintain about you, please submit a request here.
We have a designated externally appointed Data Protection Officer (“DPO”) to respond to questions and complaints. If you have questions regarding our privacy practices or how we handle your information, please email our DPO at privacy@jamf.com.
Date updated: June 25, 2026