員工隱私權通知 Jamf Software, LLC
Jamf Software, LLC
Employee Privacy Notice
本通知向您提供有關 Jamf 可能處理的員工個人資訊的進一步詳細資訊,是對我們的隱私權政策的補充說明。隱私權政策描述了 Jamf 如何處理個人資訊的一般情況;本通知則針對僱傭場景下的信息處理提供了其他詳細資訊,如果兩者之間存在任何衝突,則本通知優先適用於員工個人資訊。Jamf 可能會定期更新此通知。如果發生重大變更,我們將透過電子郵件或在公司網站上發佈修訂後的通知來通知您。最新修訂的生效日期將出現在本通知的末尾,任何更新將在發佈到我們公司網站後七(7)個日曆日內生效。
For the purposes of this notice, “employee personal information” is included within the definition of “personal information” unless otherwise specified. An “Employee” at Jamf is defined as any current or former full-time, part-time, temporary, or contract worker, as well as interns, job applicants, and individuals whose personal information is collected in the employment context.
JAMF Software, LLC, or its affiliates (collectively, “Jamf”) may collect personal information from prospective and present Employees only for legitimate business purposes, as described in the Appendix to this notice and in accordance with applicable laws, including data privacy/protection laws and regulations. Employee personal information related to health, performance evaluations, disciplinary actions, and other sensitive Employee matters, whether it is stored manually or electronically, is only accessible to other Jamf Employees when required to fulfill authorized HR functions or comply with privacy obligations.
For legitimate human resources purposes, Employees may choose to voluntarily disclose personal information about family members and other individuals, including the beneficiaries of employment benefits and emergency contacts. If Jamf Employees choose to do this, the individual’s personal information shall be treated, for the purposes of this notice, the same as an Employee’s personal information. It is the Employee’s responsibility to inform any such individuals about this notice and ensure that the Employee has the right to provide the individual’s personal information to Jamf.
Employee personal information is never sold, leased, or rented to any third party. Employee personal information will never be disclosed to third parties except as follows:
- To those retained by Jamf for processing only for the purposes set out in this Notice;
- Where required pursuant to an applicable law, governmental or judicial order, law, or regulation, or to protect the rights or property of Jamf;
- In the event of sale of the business, merger, acquisition, etc.;
- Where authorized electronically or in writing by the Employee; and
- Where the Employee voluntarily provides personal information, and the context makes it clear that Employee personal information will be provided to a third party/processor (ex. payroll, benefits, travel, reimbursement, and other systems used in the Employment context).
Where personal information is transferred from the EU, UK, or Switzerland to the US in the context of the employment relationship, we will cooperate in investigations by and comply with the advice of relevant data protection authorities.
If you are a resident of California, please see the California Addendum below for additional details on how Jamf handles your personal information.
Appendix – Description and Uses of Employee Personal Information
1. Who is responsible for processing and who can I contact?
The data controller is Jamf Software, LLC, or its affiliates as applicable (“Jamf” or the “Company”) and the responsible person can be contacted with any questions about this Notice or Jamf’s privacy practices at privacy@jamf.com.
2. What sources and information do we use?
We may obtain your information directly from you (during the recruitment process and during employment) and from third parties, such as recruitment agencies, our affiliates, your colleagues and managers, references you provide, prior employers or schools, pre-employment screening services, such as background check providers (where permitted by law), job board websites, providers of employee benefits, social media networks, and publicly available databases.
Please see point 3 below for more information.
3. What categories of personal information do we process, why do we process the personal information, and on what legitimate basis?
|
Occasionally, and where appropriate, we may seek your consent in writing to process specific personal information. If we do that, we will explain the purpose of the processing. In these situations, you have the right to refuse or withdraw your consent at any time by contacting the appropriate person named in the consent document.
4. Who is the recipient of my information?
We will share your personal information with:
- Jamf affiliates;
- 代表 Jamf 行事的 Jamf 的供應商和服務提供者;
- Jamf 的客戶,在有限範圍內,當員工擔任客戶關係中的指定聯絡人或法律另有規定時;
- private health and benefit providers;
- insurers and pensions scheme providers;
- federal and state authorities, e.g., tax authority, social security authority, law enforcement;
- entities providing services to Jamf, such as IT or payroll services;
- potential purchasers and their professional advisers in the context of the sale or restructuring of the whole or part of our business; and
- hotels, airlines, reservation centers for business travel purposes.
5. Is personal information transferred to a third country or to an international organization?
Jamf is a global organization and to ensure the provision of effective and efficient services and communication throughout Jamf, we are required to transfer your personal information internationally.
因此,您的個人資訊可能會在國外儲存和處理,而這些國家的資料保護規則可能與其他國家不同。但是,只有在採取適當保障措施的情況下,Jamf 才會將您的個人資訊傳輸到歐洲經濟區和英國以外的地區。Jamf 將確保員工個人資訊按照適用法律和法規的要求受到保護,即使跨境轉移給第三方,也包括但不限於使用歐盟標準合約條款(2021)及其英國補充條款、公司內部集團轉移協議和其他資料傳輸保障措施。
For more information on how Jamf safeguards Employee personal information, please contact privacy@jamf.com.
6. How long will my personal information be retained?
Jamf retains your Employee personal information (including your sensitive personal information) for as long as needed or permitted considering the purposes for which it was collected and in accordance with applicable laws, including data privacy/protection laws and local labor laws. The criteria used to determine our retention periods include:
- The duration of your employment or contract with us;
- The length of time we have an ongoing relationship with you or your dependents/beneficiaries, plus the time needed thereafter to address any legitimate issues that may arise;
- Whether there is a legal obligation to which we are subject, for example, certain laws may require us to keep your employment records for a certain period of time; and
- Whether retention is advisable considering our legal position, such as regarding applicable statutes of limitations, litigation, or regulatory investigations.
7. How does Jamf secure my personal information?
Jamf takes your personal information seriously and implements technical, organizational, and administrative measures designed to prevent unauthorized access, loss, misuse, or disclosure and align with industry standards and data protection laws. This includes:
- Limiting access to personal information to only those who need it for their job.
- Using encryption and secure systems to keep data safe in storage and transit.
- Monitoring networks and systems to detect potential security threats.
- Training Employees in privacy and data protection best practices.
- Ensuring vendors and partners meet Jamf’s security standards.
If a data incident occurs, Jamf investigates, mitigates, and notifies affected individuals as required by applicable data privacy/protection laws.
8. What choices and rights do I have?
You may request further details regarding Jamf’s processing of your Employee personal information in accordance with applicable local laws.
You may have certain rights over your personal information, depending on the applicable jurisdiction, including but not limited to:
- 您有權取得有關您個人資訊的詳細資訊或存取權限;
- 有權要求刪除某些個人資訊;
- 在特定情況下,您有權停止處理您的個人資訊;
- 不接受僅基於自動化決策(包括行為特徵分析)做出的會產生法律效力或類似重大影響的處理決定的權利;
- 可攜帶的權利;
- 更正您的個人資訊的權利;
- 選擇不出售您的個人資訊的權利。
- 隨時撤回基於您同意的處理的權利,且撤回同意不影響撤回前已進行的合法性或處理;以及
- 如果您認為您的個人資訊已被非法處理,您有權向適用的資料保護監管機構(例如,相關的歐盟資料保護機構、英國資訊專員辦公室或瑞士聯邦資料保護和資訊專員)提出申訴。
這些權利也存在一些限制。Jamf 將在收到可驗證的權利請求後一(1)個月內回應,如有必要,考慮到請求的複雜性,回應期限最多可延長兩個月。請聯絡 privacy@jamf.com 或您的人力資源代表以瞭解更多詳情。
9. Do I have an obligation to make personal information available?
Providing the following personal information is necessary for the conclusion and performance of your employment with Jamf and has its legal basis in employment law: (a) first name (names) and surname; (b) date of birth; (c) contact details that you share with us (at least residential address); (d) education; (e) qualifications, if required to perform work in a given position or of a given type; (f) work experience (previous employment); (g) your personal identification number or type and series number of another document confirming your identity (e.g., government issued identification card); (h) your other personal information, as well as names and dates of birth of your children and other members of your immediate family, if the provision of such information is necessary due to the use of special rights provided for in the labour law; and (i) bank account number, unless you have requested cash payment of your remuneration. It is not possible to create and sustain an employment relationship or perform an employment contract (as applicable) without processing your personal information within the above scope.
Jamf as your employer may also request you to provide other personal information, if the obligation to provide it results from other provisions of law or if another lawful purpose exists.
10. Is Jamf a participant of the EU-U.S., UK, and Swiss Data Privacy Frameworks?
JAMF Software, LLC complies with the EU-U.S. Data Privacy Framework (DPF), including the UK Extension and the Swiss-U.S. DPF, as set forth by the U.S. Department of Commerce. JAMF Software, LLC has certified its adherence to the relevant DPF Principles for processing personal information received from the EU, United Kingdom (and Gibraltar), and Switzerland under these frameworks.
JAMF Software, LLC is certified under the Data Privacy Framework (DPF). No other Jamf affiliates or subsidiaries are covered by this certification. In the event of a conflict between this Employee Privacy Notice and the EU-U.S., UK Extension, or Swiss-U.S. DPF Principles, the relevant DPF Principles will govern. To learn more or view our certification, visit the DPF website. JAMF Software, LLC cooperates with the appropriate European data protection authorities—including the EU DPAs, the UK Information Commissioner’s Office, the Gibraltar Regulatory Authority, and the Swiss Federal Data Protection and Information Commissioner, and follows their guidance on human resources data. In compliance with the DPF Principles, JAMF Software, LLC is committed to resolving complaints related to personal information collected or used under the DPF. Individuals from the EU, UK, or Switzerland with inquiries or complaints should first contact us via Section 12 below.
In compliance with the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF, JAMF Software, LLC refers unresolved privacy complaints regarding personal information handled under these frameworks to Data Privacy Framework Services, an independent dispute resolution mechanism operated by BBB National Programs in the United States. If you do not receive timely acknowledgment or are unsatisfied with our response, please visit here for more information or to file a complaint. This service is provided to you at no cost.
Under certain conditions, you may invoke binding arbitration for unresolved residual claims related to data covered by the EU-U.S. DPF, the UK Extension, or Swiss-U.S. DPF. This option provides a prompt, independent, and fair mechanism to resolve any claimed violations not settled through other DPF mechanisms. For additional information on binding arbitration, see Annex I to the EU-U.S. DPF Principles found here.
11. California Addendum—For Residents of California
This California Addendum applies to California residents and supplements the information provided above in the Employee Privacy Notice.
11.1 Categories of Personal Information Collected and Disclosed
We may collect and process the personal information listed below for our operational, business and employment purposes, and we may also disclose certain categories of this information to third parties. The following chart details the categories of personal information we may have collected and processed, as well as the categories we may have disclosed to third parties, in the 12 months preceding the date this notice was last updated.
| Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes |
| Identifiers, such as name, contact details (address, phone number, email), date of birth, unique personal identifiers, IP address, account name, online identifiers, photo badges, beneficiary designations, and government-issued identifiers (e.g., Social Security number, driver’s license number, passport number) | Our affiliates; our customers; service providers that provide services such as payroll, background check vendors (where permitted by law), consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Personal information as defined in the California customer records law, such as name, contact information, signature, Social Security number, passport number, and medical, insurance, financial, education and employment information. | Our affiliates; our customers; service providers that provide services such as payroll, background check vendors, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Characteristics of protected classifications under California or federal law, such as sex, age, gender, race, disability, religion, medical conditions, citizenship, military/veteran status, gender identity and expression, primary language, immigration status, and requests for leave | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Commercial information, such as purchasing information and payment history related to business and travel expenses | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Internet or network activity information, such as browsing history and interactions with our and others’ websites, applications, and systems | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Telecommunication information, such as name, e-mail address, phone number, call history, SMS history (not messages), data usage, network traffic, SIM, device identifiers (if device is managed) | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Geolocation data, such as device location, approximate location derived from IP address | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Audio, electronic, visual, and similar information, such as call and video recordings, security camera footage, and information about the use of electronic devices and systems | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Education information subject to the federal Family Educational Rights and Privacy Act, such as student transcripts and confirmation of graduation | Our affiliates; service providers that provide services such as payroll, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Professional or employment-related information, such as work history and prior employer, information from reference checks, employment application, membership in professional organizations, personnel files, personal qualifications and training, eligibility for promotions and other career-related information, work preferences, business expenses, wage and payroll information, benefit information, information on leaves of absence or PTO, performance reviews, and information on internal investigations | Our affiliates; service providers that provide services such as payroll, consulting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
| Inferences drawn from any of the personal information listed above to create a profile about, for example, an individual’s preferences, characteristics, predispositions, and abilities | Our affiliates; service providers that provide services such as payroll, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement |
| Sensitive Personal Information Personal information that reveals an individual’s Social Security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, citizenship, immigration status, or union membership; the contents of mail, email, and text messages unless Jamf is the intended recipient of the communication; The processing of biometric information for the purpose of uniquely identifying an individual; Personal information collected and analyzed may include an individual’s racial and ethnic origin, gender, veteran status, disability status, marital status, and LGBTQIA+ status, for DEIB reporting and government employment reporting. These identifiers may be optional, except where required by law; Personal information collected and analyzed concerning an individual’s health; and Personal information collected and analyzed concerning an individual’s sex life or sexual orientation. | Our affiliates; service providers that provide services such as analysis, payroll, benefits, consulting, reporting, training, expense management, medical/health, IT, and other services; health, insurance, and benefits providers; professional advisors, such as accountants, auditors, bankers, and lawyers; third-party travel providers, for business travel purposes; public and governmental authorities, such as regulatory authorities and law enforcement |
11.2 No Sale or Sharing of Personal or Sensitive Information
We do not “sell” or “share” your personal information, including your sensitive personal information, as defined under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act. We have not engaged in such activities in the 12 months preceding the date this notice was last updated. Without limiting the foregoing, we do not “sell” or “share” the personal information, including the sensitive personal information, of minors under 16 years of age.
11.3 Purposes for the Collection, Use, and Disclosure of Sensitive Personal Information
We collect, use, and disclose sensitive personal information to perform business services, support your employment, ensure security and safety, manage payroll and benefits, maintain workforce diversity, comply with legal obligations, and to prevent fraud or illegal activities. We do not use or disclose sensitive personal information for additional purposes.
11.4 Individual Requests
Subject to applicable law, California residents may make the following requests regarding their personal information:
a. Right to Know
You may request that we disclose to you the following (if applicable):
- The categories of personal information we collected about you and the categories of sources from which we collected such personal information;
- The business or commercial purpose for collecting, “selling,” or “sharing” personal information about you;
- The categories of personal information about you that we “sold” or “shared” and the categories of third parties to whom we “sold” or “shared” such personal information; and
- The categories of personal information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such personal information.
b. Right to Correct
- You may request to correct inaccuracies in your personal information.
c. Right to Delete
- You may request to have your personal information deleted.
d. Right to Access and Data Portability
- You may request to receive the specific pieces of your personal information, including a copy of the personal information you provided to us in a portable format.
e. Right to Opt Out of Sale or Sharing
- 您可以透過 Cookie 同意,或透過 privacy@jamf.com 聯絡我們,選擇不「銷售」或「共享」您的個人資訊以用於跨情境行為廣告。
我們不會因您行使隱私權而非法歧視您。如需提交請求,請透過以下方式與我們聯絡:privacy@jamf.com 或 888-755-1421。我們將在收到您的請求後四十五(45)天內進行核實並予以回應,如有必要,我們可能會將此期限再延長四十五(45)天,並會通知您。我們將根據適用法律,考慮所涉及的個人資訊的類型和敏感性予以回應,
To protect against fraudulent requests, we may ask you to provide additional information to verify your identity. If you have a password-protected account with us, we may verify your identity through our standard authentication process and require you to re-authenticate yourself before fulfilling certain requests. For deletion requests, we may ask you to confirm the request before proceeding.
We also process opt-out preference signals, such as the Global Privacy Control. These signals set your opt-out preferences only for the particular browser or device you are using. For information about how to use Global Privacy Control, please visit https://globalprivacycontrol.org/.
11.5 Authorized Agents
If an agent would like to make a request on your behalf as permitted by applicable law, the agent may use the submission methods noted in sub-section 11.4. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in sub-section 11.4 or confirm that you provided the agent permission to submit the request.
12. How to Contact Us
If you have any questions or complaints about this Employee Privacy Notice, please contact us as follows:
JAMF Software, LLC
100 Washington Avenue South
Suite 900
Minneapolis, MN 55401
If you would like to request access to the personal information that we may maintain about you, please submit a request here.
我們指定了一名外部任命的資料保護官(「DPO」)來回應問題和投訴。如果您對我們的隱私權實作活動或我們如何處理您的資訊有疑問,請傳送電子郵件至我們的 DPO:privacy@jamf.com。
更新日期:2026年6月25日