In addition to covering how we collect, use, disclose, transfer, and store your information, this policy also discloses our purpose and lawful basis for processing your information, and your related rights. Our legal basis for collecting and using personal information will depend on the personal information concerned and the specific context in which we collect it. In most cases, the lawful basis will be that the processing: (i) is necessary for our legitimate interests in carrying out our business with you, including direct marketing, provided those interests are not outweighed by your rights and interests, or (ii) is necessary to perform a contract with you. Where processing is based on your consent, we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent. If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
Our Services are not directed to anyone under the age of 16, and Jamf does not knowingly solicit or collect information from anyone under 16 years of age. If you are a parent or guardian and believe we may have collected information about a child, please contact us at email@example.com.
B. Collection of Information
Depending on the context in which you interact with us, Jamf may collect or receive the following information:
- Account and Profile Information: This includes information you provide when you create an account with our Services, request a trial, contact support, register for events, complete surveys and may include name, username, email address, phone number, company name, state, country, LinkedIn URL, Twitter URL, GitHub URL, and your photo.
- Service Information: When you use our Services, we receive information generated through the use of the Services, either entered by you or others who use the Services, or from the Services infrastructure itself. This information may include, but is not limited to, name, username, company/organization, company/organization address, email address, phone number, IP address, MAC address, latitude, longitude, AppleCare ID, Apple ID, device name(s), device ID(s), and directory ID or other information you place within the Services.
- Performance and Usage Data: We may collect statistical, usage, configuration, and performance data of the Services to monitor the performance, integrity, and stability of the Services. Further, we may use and disclose this information for any purpose, provided that such data is first de-identified.
- Payment Information: We use third party payment processors to process payments made to us. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to our third party processors whose use of your personal information is governed by their privacy policies. The privacy policies of our current third party processors may be viewed at https://stripe.com/us/privacy, https://home.bluesnap.com/privacy-policy/, https://www.cleverbridge.com/corporate/privacy-policy/ and https://usaepay.info/policy.
- Information from Third Parties: We receive information from third party business partners such as the contact details of prospects and sales leads from our resellers. In addition, we collect information from public databases or other data you may have made publicly available, such as information posted on professional networks and social media platforms.
- Location Information: Some of our applications collect general location information based on IP address. This information is used to customize the services provided to you, such as location-based information of specific managed devices. Location information is only viewable by the end user. We do not use, disclose, or sell location information for the purposes of providing targeted marketing or advertisements.
C. Use of Collected Information
We may use the information we collect or receive for the following purposes:
- To carry out the purpose for which it was originally collected or received.
- To provide, operate, maintain and improve our products and services.
- To respond to your inquiries and provide support.
- To process and complete transactions, and send you related information.
- To market and sell our products and services. If we do so, we will provide you with an easy way to opt-out of receiving such communications in the future.
- To monitor the performance, integrity and stability of the Services.
- To address or prevent technical or security issues.
- To customize your experience related to the Services and display content that we think you might be interested in according to your preferences.
Jamf does not sell or rent information to third parties and we do not share information with third parties except as described in this Policy.
D. Cookies and Similar Technologies
Controlling or Modifying Cookies. If you accept a cookie, you can delete it at any time (e.g., as soon as you leave our websites) through your web browser. If you do not wish to receive cookies or wish to manage when you accept cookies in general, you can set your browser to reject cookies or to alert you when a cookie is placed on your computer. If you choose to decline cookies, you may not be able to use certain features or functionality of our Services that depend on your web browser accepting cookies. You can also use opt-out tools provided by third party partners, or by the Digital Advertising Alliance (http://www.aboutads.info/choices), the EU Internet advertising industry (http://www.youronlinechoices.eu), or similar entities. Where required, Jamf obtains consent prior to using cookies.
Analytics. Jamf websites use analytical services provided by Google to monitor our Services, such as Firebase, Google Analytics for Firebase, and Crashlytics. You can find out more about the types of analytical data collected, how that data is processed, and how to opt out of certain features by visiting www.google.com/policies/privacy/partners/.
Jamf products may also collect usage and crash analytics in accordance with our license agreements. The privacy policies of these third party tools currently used for these purposes may be viewed at https://www.pendo.io/data-privacy-security/ (Pendo), https://sentry.io/privacy/ (Sentry), and https://www.hotjar.com/legal/policies/privacy/ (HotJar).
Do Not Track Signals. Jamf Services do not respond to Do Not Track Signals.
E. Employee Information
JAMF Software, LLC or its Affiliates may collect employee information from prospective and present employees only for legitimate business purposes, including the administration of health insurance and other benefits. Our European Union and Swiss employees at the time of their employment are notified in detail how their personal information will be used. Employee information on health, performance evaluations, and disciplinary actions and other sensitive employee matters, whether it is stored manually or electronically, is accessible by other Jamf employees only if necessary with respect to legitimate human resource functions or issues; however, an employee’s picture and any information the employee chooses to provide may be placed on the Jamf intranet. Likewise, from time to time, an employee’s picture along with personal information may be published in Jamf directories, internal websites and used in presentations. JAMF Holdings, Inc. entities collecting employee information include JAMF Software, LLC, JAMF International, Inc., JAMF Software Atlantic, B.V., JAMF Software Poland, sp.z.o.o., JAMF Software Germany, GmbH, JAMF Software France, SARL, JAMF Software UK, Limited, JAMF Software Pacific, Limited, JAMF Software Australia Pty Limited, JAMF Japan KK, Jamf Sweden AB, ZuluDesk BV, and ZuluDesk Inc.
- to those retained by JAMF Software, LLC or its affiliates for processing only for the purposes set forth above;
- where required pursuant to an applicable law, governmental or judicial order, law or regulation, or to protect the rights or property of JAMF Software, LLC or its affiliates;
- in the event of sale of the business, merger, acquisition, etc.;
- where authorized electronically or in writing by the employee; and
- where the employee voluntarily provides personal information and the context makes it clear that employee information will be provided to a third party/subprocessor (ex. payroll, benefits, travel, reimbursement, and other systems used in the employment context).
Where personal information is transferred from the EU or Switzerland to the US in the context of the employment relationship, we will cooperate in investigations by and comply with the advice of the EU Data Protection Authorities (DPAs) and Swiss Federal Data Protection and Information Commission (FDPIC).
F. Sharing of Personal Information & Accountability for Onward Transfer
From time to time, Jamf may engage third party business partners, vendors, or subprocessors to perform functions such as sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data, providing marketing assistance, data storage, processing credit card payments, providing search results and links (including paid listings and links), and providing customer service. Such companies shall only use your information for those purposes required to perform their functions. Additionally, Jamf may share your information, without your prior consent, in the event of any reorganization, merger, sale, joint venture, or transfer of assets. When information is shared, Jamf will ascertain that any third parties are obligated to provide at least the same level of privacy protection as is required under this policy. Should Jamf transfer information outside of a local jurisdiction, it shall only be done with adequate protections in place and in compliance with applicable laws and standards.
Jamf may be required to disclose an individual’s information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Jamf shall remain liable under the Principle of Accountability for Onward Transfer if its subprocessors process your information in a manner inconsistent with the Privacy Shield Principles, unless Jamf proves that it is not responsible for the event giving rise to the damage.
G. International Data Transfer
Your personal information might be transferred to, and processed in, countries other than the country in which you are a resident. These countries may have data protection and privacy laws that are different than the laws of your home country. Jamf only transfers personal data to another country in accordance with applicable data protection and privacy laws, provided there are legally adequate protections in place for the personal data. A list of Jamfs’ global offices is available here.
If you are a resident of the European Economic Area (EEA), and your personal data is transferred outside of the EEA, we will:
- Process it in a territory which the European Commission has determined provides an adequate level of protection for personal data; or
- Otherwise implement appropriate safeguards to protect your personal data, including through the use of Standard Contractual Clauses or another lawful transfer mechanism approved by the European Commission.
H. Privacy Shield
Jamf has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
I. Protection of Information
Taking into account the risks involved in the processing and nature of information and to prevent loss, misuse, unauthorized access, disclosure, alteration and destruction and while maintaining data accuracy, Jamf has put in place appropriate physical, electronic, and managerial policies and procedures to safeguard the information Jamf collects. Any payment transactions will be encrypted using SSL technology. However, the safety and security of your information also depends on you. Where you have chosen or we have given you a user name and password for access to certain parts of the Services, you are responsible for keeping the user name and password confidential. Although we do our best to protect the information, we cannot and do not guarantee the security of your information.
Jamf will retain your information for only as long as it serves the purposes for which it was collected and will be retained in a form identifying or making identifiable only for as long as it serves a purpose of processing.
K. Other Limits to Your Privacy
The Services may contain links to other non-Jamf websites. Jamf is not responsible for the privacy practices or the content of such websites. Jamf has no control over the use of such websites and you should exercise caution when deciding to disclose any information on these websites.
We seek to provide you with choices regarding the information you provide to us. You can always opt not to disclose information. However, if you elect to do so, this may impact functionality or prevent the use of Jamf’s products or services. You have the right, at any time, to opt-out of receiving marketing messages from Jamf by sending an email to firstname.lastname@example.org, by unsubscribing through the unsubscribe or opt-out link in an email, or by unsubscribing here. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important operational or administrative messages.
M. Access and Correction
You have the right to access the personal information we hold about you. You may access your information that Jamf holds by contacting us via Section O below. You have the right to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
To protect your privacy and security, Jamf may also take reasonable steps to verify your identity before making corrections to or deleting your account.
N. Regulatory Oversight
O. How to Contact Us
JAMF Software, LLC
100 Washington Avenue South
Minneapolis, MN 55401
Date Posted: December 31, 2020