In addition to covering how we collect, use, disclose, transfer and store your information, this policy also discloses our purpose and lawful basis for processing your personal information, and your related rights. Our legal basis for collecting and using personal information will depend on the personal information concerned and the specific context in which we collect it. In most cases, the lawful basis will be that the processing (i) is necessary for our legitimate interests in carrying out our business with you, including direct marketing, provided those interests are not outweighed by your rights and interests, or (ii) is necessary to perform a contract with you. Where processing is based on your consent, we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent. If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
Our Services are not directed to anyone under the age of 16, and Jamf does not knowingly solicit or collect information from anyone under 16 years of age. If you are a parent or guardian and believe we may have collected information about a child, please contact us at email@example.com.
B. Collection of Information
Depending on the context in which you interact with us, Jamf may collect or receive the following information:
- Account and Profile Information: This includes information you provide when you create an account with our Services, request a trial, contact support, register for events and complete surveys and may include name, username, email address, phone number, company name, state, country, LinkedIn URL, Twitter URL, GitHub URL, and your photo.
- Service Information: When you use our Services, we receive information generated through your use of the Services, either entered by you or others who use the Services, or from the Services infrastructure itself. This information may include but is not limited to: name, username, company/organization, company/organization address, email address, phone number, IP address, MAC address, latitude, longitude, AppleCare ID, Apple ID, device name(s), device ID(s) and directory ID or other information you place within the Services. The information collected is kept to a minimum and depends on the use case and platforms used.
- Performance and Usage Data: We may collect statistical, usage, configuration and performance data of the Services to monitor the performance, integrity, and stability of the Services. Further, we may use and disclose this information for any purpose, provided that such data is first de-identified.
- Payment Information: We use third-party payment processors to process payments made to us. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to our third-party processors whose use of your personal information is governed by their privacy policies. The privacy policies of our current third-party processors may be viewed at https://stripe.com/us/privacy, https://www.digitalriver.com/privacy-policy/, https://home.bluesnap.com/privacy-policy/, https://www.cleverbridge.com/corporate/privacy-policy/ and https://usaepay.info/policy.
- Information from Third Parties: We receive information from third-party business partners such as the contact details of prospects and sales leads from our resellers. In addition, we collect information from public databases or other data you may have made publicly available, such as information posted on professional networks and social media platforms.
- Location Information: Some of our applications collect general location information based on IP address. This information is used to customize the services provided to you, such as location-based information of specific managed devices. Location information is only viewable by the end user. We do not use, disclose, or sell location information for the purposes of providing targeted marketing or advertisements.
C. Use of Collected Information
We may use the information we collect or receive for the following purposes:
- To carry out the purpose for which it was originally collected or received.
- To provide, operate, maintain and improve our products and services.
- To respond to your inquiries and provide support.
- To process and complete transactions and send you related information.
- To market and sell our products and services. If we do so, we will provide you with an easy way to opt-out of receiving such communications in the future.
- To monitor the performance, integrity and stability of the Services.
- To address or prevent technical or security issues.
- To customize your experience related to the Services and display content that we think you might be interested in according to your preferences.
D. Cookies and Similar Technologies
Controlling or Modifying Cookies. If you accept a cookie, you can delete it at any time (e.g., as soon as you leave our websites) through your web browser. If you do not wish to receive cookies or wish to manage when you accept cookies in general, you can set your browser to reject cookies or to alert you when a cookie is placed on your computer. If you choose to decline cookies, you may not be able to use certain features or functionality of our Services that depend on your web browser accepting cookies. You can also use opt-out tools provided by third party partners, or by the Digital Advertising Alliance (http://www.aboutads.info/choices), the EU Internet advertising industry (http://www.youronlinechoices.eu), or similar entities. Where required, Jamf obtains consent prior to using cookies.
Analytics. Jamf uses analytical services provided by Google to monitor our Services, such as Firebase, Google Analytics for Firebase, and Crashlytics. You can find out more about the types of analytical data collected, how that data is processed and how to opt out of certain features by visiting www.google.com/policies/privacy/partners/.
Do Not Track Signals. Jamf Services do not respond to Do Not Track Signals.
Sharing of Personal Information & Accountability for Onward Transfer. From time to time, Jamf may engage third-party business partners, vendors or sub-processors to perform functions such as sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data, providing marketing assistance, data storage, processing credit card payments, providing search results and links (including paid listings and links) and providing customer service. Such companies shall only use your information for those purposes required to perform their functions. Additionally, Jamf may share your information, without your prior consent, in the event of any reorganization, merger, sale, joint venture, or transfer of assets. When information is shared, Jamf will ascertain that the third parties receiving the information are obligated to provide at least the same level of privacy protection as is required under this policy. Should Jamf transfer information outside of a local jurisdiction, it shall only be done with adequate protections in place and in compliance with applicable laws and standards.
Jamf may be required to disclose an individual’s information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Jamf shall remain liable under applicable law and relevant contract obligations for its sub-processors, if they process your information in a manner inconsistent with applicable law and contract obligations unless Jamf proves that it is not responsible for the event giving rise to the damage.
E: International Data Transfer
Your personal information might be transferred to, and processed in, countries other than the country in which you are a resident. These countries may have data protection and privacy laws that are different than the laws of your home country. Jamf only transfers personal information to other countries in accordance with applicable data protection and privacy laws, provided there are legally adequate protections in place for the personal information. View a list of Jamf’s global offices.
If you are a resident of the European Economic Area (“EEA”) and your personal information is transferred outside of the EEA, we will:
- Process it in a territory which the European Commission has determined provides an adequate level of protection for personal information; or
- Otherwise implement appropriate safeguards to protect your personal information, including by EEA Standard Contractual Clauses (“EEA SCCs”) or another lawful transfer mechanism approved by the European Commission.
If you are a resident of the United Kingdom (“UK”) and your personal information is transferred outside of the UK, we will:
- Process it in a territory which the Information Commissioner Office (“ICO”) has determined provides an adequate level of protection for personal information; or
- Otherwise implement appropriate safeguards to protect your personal information, including by appending the UK Addendum to the EEA SCCs or another lawful transfer mechanism approved by the Information Commission Office
Jamf will continue to adhere to the Privacy Shield Frameworks and Principles even though the Court of Justice of the European Union (“CJEU”) determined in July 2020 that the EU-U.S. Privacy Shield Framework is no longer an adequate transfer mechanism for the transfer of EU personal information to the U.S. Jamf has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you. Under certain circumstances, individuals may invoke binding arbitration.
F. Protection of Information
Taking into account the risks involved in the processing, the nature of information processed, and to prevent loss, misuse, unauthorized access, disclosure, alteration and destruction while maintaining data accuracy, Jamf has put in place appropriate physical, electronic, and managerial policies and procedures to safeguard the information Jamf collects. Any payment transactions will be encrypted using SSL technology. However, the safety and security of your information also depends on you. Where you have chosen or we have given you a username and password for access to certain parts of the Services, you are responsible for keeping the username and password confidential. Although we do our best to protect the information, we cannot and do not guarantee the security of your information.
For more information on how we protect information, see https://www.jamf.com/trust-center/.
Jamf will only retain your information in an identifiable form for as long as it serves the purposes for which it was collected.
H. Other Limits to Your Privacy
The Services may contain links to other non-Jamf websites. Jamf is not responsible for the privacy practices or the content of such websites. Jamf has no control over the use of such websites, and you should exercise caution when deciding to disclose any information on these websites.
We seek to provide you with choices regarding the information you provide to us. You can always opt not to disclose information. However, if you elect to opt out of disclosing information, such election may impact functionality or prevent the use of Jamf’s products or Services. You have the right, at any time, to opt out of receiving marketing messages from Jamf by sending an email to firstname.lastname@example.org, by unsubscribing through the unsubscribe or opt-out link in an email, or by unsubscribing here. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing-related emails from us, we may still send you important operational or administrative messages.
J. Access and Correction
You have the right to access the personal information we hold about you. You may access your information that Jamf holds by contacting us via Section M below. You have the right to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of applicable privacy laws, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
To protect your privacy and security, Jamf may also take reasonable steps to verify your identity before making corrections to or deleting your account.
Jamf processes some personal information solely on behalf of its customers in the course of delivering Services. This personal information is processed to accomplish the business purposes of the customer to whom the Services are provided, and often, Jamf will not have a direct relationship with the subject of this personal information. In these cases, Jamf recommends first contacting the organization to which your personal information was originally provided with any data privacy questions. The organization can contact Jamf if escalation of your query is necessary.
K. Regulatory Oversight
L. How to Contact Us
JAMF Software, LLC
100 Washington Avenue South Suite 1100
Minneapolis, MN 55401
Date Posted: June 30, 2022