1) Definitions
-
Service: The
Mobile
Device Management Service.
-
Personal Data: Personal data means data about a
living individual who can be identified from that data (or from
that data and other information in our possession or likely to
come into our possession).
-
Usage Data: Usage data is automatically collected
data either generated by the use of the Service or from the
Service infrastructure itself (e.g. the duration of a page visit).
-
Data Controller: The Controller means the natural
or legal person, public authority, agency or other body which,
alone or jointly with others, determines the purposes and means of
the Processing of Personal Data.
-
Processing: Processing means any operation or set
of operations performed on personal data, including collection,
recording, organisation, structuring, storage, adaptation or
alteration, retrieval, consultation, use, disclosure by
transmission, dissemination or otherwise making available,
alignment or combination, restriction or erasure of personal data.
The terms “Process”, “Processed” shall be interpreted accordingly.
-
Data Processor (or Service Provider): Processor
(or Service Provider) means any natural or legal person who
processes data on behalf of the Data Controller. We may use the
Services of various Service Providers to process your data more
efficiently.
-
Sub-processor: Sub-processor means any
subcontractor engaged by us or our affiliates to assist us in
fulfilling our obligations in relation to the provision of the
Subscription Services under the Contract. Subcontractors may
include third parties or our affiliates, but exclude any
employee
or consultant.
-
Data Subject (or User): The data subject is any
living person who uses our Service and is the subject of personal
data.
-
Personal Data Breach: Personal Data Breach means
a breach of security resulting in the accidental or unlawful
destruction, loss, alteration, unauthorized disclosure of or
access to personal data transmitted, stored or otherwise processed
by us and/or our subsequent subcontractors in connection with the
provision of the Subscription Services. “Personal Data Breach”
does not include unsuccessful attempts or activities that do not
compromise the security of personal data, including unsuccessful
login attempts, pings, port scans, denial of service attacks and
other network attacks on firewalls or networked systems.
2) What is Personal Data?
The term “personal data” is the key to the GDPR’s enforcement: it
applies whenever a data processing operation involves personal data.
Personal data is any information relating to an identified or
identifiable natural person (Art.4 GDPR). Personal information is
information that identifies you or that can be combined by us or our
Service providers and affiliates with other information to identify
you. This information may include your first and last name, email
address, home address, telephone number, location data, Internet
Protocol (IP) address, cookie ID, image, and may include your age,
income and other similar information when associated with you.
Personal information may also include details such as whether you
have opened our promotional emails or how you have used our website,
if we can associate this personal information with you.
3) The Information We Collect
A. Personal data provided by the user for which
is Data
Controller:
-
Account Information: Email, first name, last
name, number of licenses, end of subscription, company address,
company phone number, company name, company country, email address
for accounting, email address for Google API Service.
-
Purpose: To provide the Service (login, billing, use
of Google APIs).
-
Storage Period: All personal data is deleted 6 months
after the account is deleted in order to be able to reinstate
the account in case of error. Primary contact details will be
stored for 5 years after account deletion for billing tracking
purposes, if applicable.
B. Personal data collected automatically and for which
is Data
Controller:
-
Dashboard Action Logs:
- Purpose: To ensure account security.
-
Storage Period: Deleted 6 months after account
deletion, or 2 years after the end of the subscription.
-
ID of the company using the Google API Service:
-
Purpose: To provide the Service (use of Google APIs).
-
Storage Period: Deleted 6 months after account
deletion, or 2 years after the end of the subscription.
-
Devices: Manufacturer, technical identifiers, IP,
SIM identifiers (ICCID, IMEI, phone number), installed
applications, operating system version, system signature, GPS
status.
-
Purpose: To provide the Service (monitoring and
management of listed devices).
-
Storage Period: Deleted immediately on effective
reset of the device; anonymized 6 months after account
deletion, or 2 years after the end of the subscription (all
references to personal data are removed).
C. Personal data provided by the Customer and for which
is a Data
Processor:
-
Managers’ Contact: Manager’s email.
-
Purpose: To allow different managers to log in to the
account and to ensure account security.
-
Storage Period: Deleted immediately if the Customer
deletes the Manager; deleted 6 months after account deletion,
or 2 years after the end of the subscription.
-
Devices (Naming): Device name.
-
Purpose: To assign a named device to a named user.
-
Storage Period: Deleted immediately upon an effective
reset of the device; anonymized 6 months after account
deletion, or 2 years after the end of the subscription (all
references to personal data are removed).
-
Wi-Fi Networks: List of Wi-Fi networks with
password, Wi-Fi EAP certificate.
-
Purpose: To allow devices to connect to corporate
Wi-Fi networks.
-
Storage Period: Deleted immediately when the network
is deleted; deleted 6 months after account deletion, or 2
years after the end of the subscription.
-
Policies (Configurations): Selected and saved
configurations for a group of devices.
-
Purpose: To ensure control of registered devices.
-
Storage Period: Deleted immediately upon deletion of
the policy; anonymized 6 months after account deletion, or 2
years after the end of the subscription (all references to
personal data are removed).
-
Users: Email, name, directory name, associated
device, custom fields.
- Purpose: To assign devices to named users.
-
Storage Period: Deleted immediately if the Customer
deletes the user; anonymized 6 months after account deletion,
or 2 years after the end of the subscription (all references
to personal data are removed).
-
Applications on the Store: Data to manage private
applications without going through the Google Play Store.
- Purpose: To manage private applications.
-
Storage Period: Deleted immediately when the
application is deleted; deleted 6 months after account
deletion, or 2 years after the end of the subscription.
D. Location Data
We may use and store information about the location of devices (last
50 location points) only if you grant permission to do so. We use
this data to provide features of our Service.
Note: Location tracking Services are designed to be used
only on company-owned devices. If you have been invited by your
company to add a work profile to your personal device, then we do
not collect any personal information related to the private use of
your device (outside of the work profile). You can disable location
authorization or not grant it the first time if you do not wish to
share location.
4) Difference between Personal and Company-Owned Mobile Devices
If you have been invited by your company to add a work profile to
your personal device, then we do not collect any personal
information related to the private use of your device (outside of
the work profile).
5) Purposes of Processing Personal Data
-
To Provide and Improve the Subscription Service:
We use your account information and customer data to provide you
with products and Services. For example, we use the email address
you provide during product registration to create your user
account. This data is used to develop and improve our products and
Services.
-
To Secure and Protect Our Products and
Users:
We use your account information to investigate and help prevent
security incidents. We may also use this information to meet legal
requirements, verify user accounts, detect product abuse, and
prevent unauthorized registrations.
-
To Provide Technical Support as Part of a Support
Ticket:
Authorized support agents, from an approved workstation, can
access your console using a secure password to assist you and
resolve technical issues. At no time will our support team ask you
for your login credentials or password. You can object to this
access by informing the support team, although doing so may
prevent our agents from connecting to your account.
-
To Communicate with You About the Services: We
use the data you provide when registering for the Subscription
Service to contact you via email or in-app notification regarding
billing, account management, event invitations, newsletter
mailings, technical and sales literature, updates to our Customer
Service Terms of Use or other legal agreements, and security
notifications.
-
To Improve Our Customer Relationship Management:
We may monitor and record communications with you (such as
telephone conversations and emails) for quality assurance,
training, fraud prevention, and compliance purposes.
-
To Facilitate Social Networking: Our websites
include social networking features (e.g., the LinkedIn or YouTube
“Like” button and share widgets) that may collect your IP address
and browsing behavior. These features are hosted by third parties
or directly on our websites and are governed by their respective
privacy policies.
6) Security Measures for Personal Data
We are committed to maintaining the confidentiality of your
information. We provide physical, electronic, and procedural
safeguards to protect the information we process and store. For
example, we restrict access to this information to authorized
employees and data processors who need to know it in order to
operate, develop, or improve our application. Although we strive to
provide reasonable security for the information we process and
store, no security system can prevent all potential security
breaches.
We use various security technologies and procedures to help protect
your personal data from unauthorized access, use, or disclosure. All
personal data is protected by appropriate physical, technical, and
organizational measures.
7) Use of Cookies
Cookies are small text files stored in your browser directory that
allow site owners to understand how visitors use their site,
remember user IDs, and store user preferences. They are one of the
primary tools that enable us to provide secure and efficient
Services. Essential cookies are required for the proper functioning
of our Site and Services (such as navigation and secure access).
Preference cookies are used to remember your preferences and
recognize you when you use our Services again. Statistical cookies
help us understand how visitors interact with our Services. Finally,
marketing cookies display ads relevant to our visitors.
You can disable cookies at any time, except for those necessary to
provide our Services. Disabling cookies may affect certain
functionalities of our Site or Services.
8) Changes
This Privacy Policy may be updated from time to time for any reason.
We will notify you of any changes by posting the new Privacy Policy
on this page. You should check this Privacy Policy periodically, as
your continued use of our Services constitutes your acceptance of
any changes.