{"id":12678,"date":"2018-02-01T15:36:20","date_gmt":"2018-02-01T22:36:20","guid":{"rendered":"https:\/\/www.jumpcloud.com\/?page_id=12678"},"modified":"2024-12-23T10:50:39","modified_gmt":"2024-12-23T15:50:39","slug":"gdpr","status":"publish","type":"page","link":"https:\/\/jumpcloud.com\/gdpr","title":{"rendered":"JumpCloud GDPR Compliance"},"content":{"rendered":"\n<p>Data security and trust are integral to JumpCloud\u2019s <a href=\"https:\/\/jumpcloud.com\/\">Directory-as-a-Service\u00ae<\/a> platform. This webpage is a broad overview of JumpCloud\u2019s compliance with the <a href=\"https:\/\/gdpr.eu\/\" target=\"_blank\" rel=\"noreferrer noopener\">EU General Data Protection Regulation (GDPR)<\/a> and is informational in nature. The content of this webpage is not a legally binding document and should not be considered a substitute for legal advice. JumpCloud\u2019s Data Processing Addendum (DPA) is incorporated into the <a href=\"https:\/\/jumpcloud.com\/legal\">Directory-as-a-Service Agreement (DAASA)<\/a> that JumpCloud enters with its customers. A <a href=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/08\/JumpCloud-Customer-DPA-August-1-2024.pdf\">copy of JumpCloud\u2019s DPA<\/a> is available here for your review.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-gdpr-overview\">GDPR Overview<\/h3>\n\n\n\n<p>The GDPR is a data privacy and protection regulation that is applicable to organizations processing personal data from data subjects in the EU, EEA, Switzerland, and the United Kingdom. The GDPR protects data subjects\u2019 personal data and requires controllers and processors to take certain measures to safeguard personal data. Additionally, the GDPR provides data subjects the ability to request review and deletion of their personal data.<\/p>\n\n\n\n<p>The GDPR defines Personal Data as \u201cany information relating to an identified or identifiable natural person\u201d and includes personal identifiers such as names, email addresses, identification numbers, location data, and other online identifiers. The \u201cidentified or identifiable natural person\u201d is called the Data Subject under the GDPR.<\/p>\n\n\n\n<p>There are two types of organizations that process a Data Subject\u2019s Personal Data: Controllers and Processors. Controllers determine the reason for processing a Data Subject\u2019s Personal Data. Processors process Personal Data based on the instructions from the relevant Controller. The GDPR requires Controllers and Processors to take care of Personal Data by using strong controls and security measures. JumpCloud monitors and will continue to monitor and evaluate any changes to the GDPR. JumpCloud has adopted the Standard Contractual Clauses in its DPA as the basis for the transfer of personal data from the EU, EEA, Switzerland, and the United Kingdom to the United States. The Standard Contractual Clauses are standard terms provided by the European Commission that JumpCloud uses for a compliant transfer of personal data from the EU. The Standard Contractual Clauses are expressly incorporated into JumpCloud\u2019s DPA.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-jumpcloud-amp-data-security\">JumpCloud & Data Security<\/h3>\n\n\n\n<p>Privacy by design and protective security measures are critical elements of GDPR compliance. JumpCloud takes security of its systems and all customer Personal Data extremely seriously. JumpCloud safeguards Personal Data in many ways, including but not limited to encrypting all data at rest and in transit, training employees in security awareness and performing appropriate background checks, maintaining access controls, active software monitoring of JumpCloud user logins and privileged commands, and log monitoring. In addition, JumpCloud\u2019s ongoing security processes include penetration testing, vulnerability scanning, patching, and other activities. Further details on JumpCloud\u2019s <a href=\"https:\/\/jumpcloud.com\/security\">robust security activities are available in our online documents<\/a> as well as via our SOC 2 Type II attestation. The results of JumpCloud\u2019s SOC 2, Type II examination are available to customers upon request by emailing <a href=\"mailto:accounts@jumpcloud.com\">accounts@jumpcloud.com<\/a>.<\/p>\n\n\n\n<p>As a Controller, JumpCloud collects Personal Data in compliance with all applicable data protection laws and regulations. Please see our <a href=\"https:\/\/jumpcloud.com\/privacy\">privacy policy<\/a> for more information regarding the data JumpCloud collects as a Controller.<\/p>\n\n\n\n<p>As a Processor, JumpCloud processes Personal Data on the Controller\u2019s behalf. Generally speaking, the Controller is the customer using the JumpCloud services. If a Data Subject (the customer\u2019s employees and contractors) exercises their \u2018right to know\u2019 or \u2019right to be forgotten\u2019, JumpCloud cannot itself provide or delete the relevant Personal Data as only the Controller has the right to do so. In such a case, JumpCloud will notify the Controller of the request and support the Controller as necessary, always subject to applicable law and the DPA.<\/p>\n\n\n\n<p>As a Processor, JumpCloud also uses other sub-processors to deliver the JumpCloud services. For example, JumpCloud uses AWS, Salesforce, and others to run its business and provide its services. Pursuant to applicable law and the DPA, JumpCloud enters appropriate data processing agreements with all sub-processors. At no time does JumpCloud allow a sub-processor to use or leverage a customer\u2019s Personal Data as a Controller. JumpCloud never sells or licenses Personal Data, nor do we permit third parties to market to a customer\u2019s Data Subjects. When a data subject exercises their right to deletion of Personal Data, the deletion extends to our sub-processors as well.<\/p>\n\n\n\n<p>Controllers and processors are also required under the GDPR to report data breaches to affected Data Subjects within 72 hours and without undue delay. As noted above, JumpCloud takes a number of precautions to prevent a data breach. Regardless, if a data breach occurred, as a Controller, JumpCloud would notify all data subjects affected within 72 hours of becoming aware of the breach, and, as a Processor, JumpCloud would notify the Controller to support the Controller in its reporting duties.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-data-deletion\">Data Deletion<\/h3>\n\n\n\n<p>As a Processor, JumpCloud will retain your data for as long as your account is active, whether under our paid or free plans.<\/p>\n\n\n\n<p>If you are the administrator of your company\u2019s JumpCloud account or tenant, you can delete, or request the deletion of, your tenant (and all data). Please note that upon deletion of your data, the JumpCloud platform will not function for you. You may send any requests for information or deletion to <a href=\"mailto:dpo@jumpcloud.com\" target=\"_blank\" rel=\"noreferrer noopener\">dpo@jumpcloud.com<\/a>.<\/p>\n\n\n\n<p>If the administrator of a customer\u2019s JumpCloud tenant permits, an end user may input and delete information in the end user profile. Please note that the customer\u2019s administrator, and not an end user, has the right to delete, or request JumpCloud delete, all other end user data from the tenant.<\/p>\n\n\n\n<p>Individuals that have provided personal information through email, marketing, and sales tools, may unsubscribe to marketing communications as described in the communication and in our <strong><a href=\"https:\/\/jumpcloud.com\/privacy\">privacy policy<\/a><\/strong> and may also request the deletion of personal data that JumpCloud has collected by emailing <a href=\"mailto:dpo@jumpcloud.com\">dpo@jumpcloud.com<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-contact-jumpcloud\">Contact JumpCloud<\/h3>\n\n\n\n<p>If you have further questions about GDPR and how JumpCloud can either help you become GDPR-compliant or how JumpCloud, itself, is compliant, please don\u2019t hesitate to contact us at <a href=\"mailto:sales@jumpcloud.com\">sales@jumpcloud.com<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-jumpcloud-s-sub-processors\">JumpCloud\u2019s Sub-processors<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-sub-processors-authorized-to-process-customer-data-for-jumpcloud-services\">Sub-processors Authorized to Process Customer Data for JumpCloud Services<\/h4>\n\n\n\n<p>As described in the JumpCloud <a href=\"https:\/\/jumpcloud.com\/legal\">Terms of Service<\/a>, JumpCloud\u2019s third-party sub-processors include:<\/p>\n\n\n\n<figure class=\"wp-block-table table is-striped\"><table><tbody><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Sub-Processor<\/strong><\/td><td class=\"has-text-align-left\" data-align=\"left\"><strong>Principal Office Location \/ Processing Country (\u201cPC\u201d)<\/strong><\/td><td class=\"has-text-align-left\" data-align=\"left\"><strong>Subject Matter of the Processing<\/strong><\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">AWS (Amazon Web Services, Inc.)<\/td><td class=\"has-text-align-left\" data-align=\"left\">PC: USA, Germany and Japan<\/td><td class=\"has-text-align-left\" data-align=\"left\">\u00b7 Cloud hosting and infrastructure provider<br>\u00b7 Firewall web application services<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">Salesforce.com, Inc.<\/td><td class=\"has-text-align-left\" data-align=\"left\">PC: USA<\/td><td class=\"has-text-align-left\" data-align=\"left\">\u00b7 Customer relationship management activities and support<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">Fivetran, Inc.<\/td><td class=\"has-text-align-left\" data-align=\"left\">PC: USA<\/td><td class=\"has-text-align-left\" data-align=\"left\">\u00b7 Data integrations, normalization, and management services<br>\u00b7 Fivetran processes personal data in order to facilitate migration of data from data sources into a data warehouse.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">Snowflake Inc.<\/td><td class=\"has-text-align-left\" data-align=\"left\">PC: USA<\/td><td class=\"has-text-align-left\" data-align=\"left\">\u00b7 Data warehousing, hosting and storage services<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">Segment.io, Inc.<\/td><td class=\"has-text-align-left\" data-align=\"left\">PC: USA<\/td><td class=\"has-text-align-left\" data-align=\"left\">\u00b7 Customer data platform services (analytics, data-driven decision making)<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">SendGrid, Inc.<\/td><td class=\"has-text-align-left\" data-align=\"left\">PC: USA<\/td><td class=\"has-text-align-left\" data-align=\"left\">\u00b7 Email platform<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">DataDog, Inc.<\/td><td class=\"has-text-align-left\" data-align=\"left\">PC: USA, Germany and Japan<\/td><td class=\"has-text-align-left\" data-align=\"left\">\u00b7 \u00a0 Business analytics<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>Subscribe to<a href=\"https:\/\/jumpcloud.com\/gdpr\/feed\"> this RSS feed<\/a> to be alerted when our GDPR policies and sub-processors change.<\/p>\n\n\n\n<p>UPDATED: December 23, 2024<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Data security and trust are integral to JumpCloud\u2019s Directory-as-a-Service\u00ae platform. This webpage is a broad overview of JumpCloud\u2019s compliance with the EU […]<\/p>\n","protected":false},"author":52,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"tags":[2623],"platform":[],"funnel_stage":[],"coauthors":[2531],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How JumpCloud Complies With The EU's GDPR<\/title>\n<meta name=\"description\" content=\"Seeking GDPR compliance? This web page is a broad overview of JumpCloud\u2019s support of the EU General Data Protection Regulation (GDPR).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/gdpr\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"JumpCloud GDPR Compliance\" \/>\n<meta property=\"og:description\" content=\"Seeking GDPR compliance? This web page is a broad overview of JumpCloud\u2019s support of the EU General Data Protection Regulation (GDPR).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/gdpr\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-23T15:50:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/jumpcloud-logo-2023.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"Jon Griffin\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/gdpr\",\"url\":\"https:\/\/jumpcloud.com\/gdpr\",\"name\":\"How JumpCloud Complies With The EU's GDPR\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"datePublished\":\"2018-02-01T22:36:20+00:00\",\"dateModified\":\"2024-12-23T15:50:39+00:00\",\"description\":\"Seeking GDPR compliance? This web page is a broad overview of JumpCloud\u2019s support of the EU General Data Protection Regulation (GDPR).\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/gdpr#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/gdpr\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/gdpr#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"JumpCloud GDPR Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How JumpCloud Complies With The EU's GDPR","description":"Seeking GDPR compliance? This web page is a broad overview of JumpCloud\u2019s support of the EU General Data Protection Regulation (GDPR).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/gdpr","og_locale":"en_US","og_type":"article","og_title":"JumpCloud GDPR Compliance","og_description":"Seeking GDPR compliance? This web page is a broad overview of JumpCloud\u2019s support of the EU General Data Protection Regulation (GDPR).","og_url":"https:\/\/jumpcloud.com\/gdpr","og_site_name":"JumpCloud","article_modified_time":"2024-12-23T15:50:39+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/jumpcloud-logo-2023.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"6 minutes","Written by":"Jon Griffin"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/gdpr","url":"https:\/\/jumpcloud.com\/gdpr","name":"How JumpCloud Complies With The EU's GDPR","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"datePublished":"2018-02-01T22:36:20+00:00","dateModified":"2024-12-23T15:50:39+00:00","description":"Seeking GDPR compliance? This web page is a broad overview of JumpCloud\u2019s support of the EU General Data Protection Regulation (GDPR).","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/gdpr#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/gdpr"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/gdpr#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"JumpCloud GDPR Compliance"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/pages\/12678"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/52"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=12678"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/pages\/12678\/revisions"}],"predecessor-version":[{"id":119322,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/pages\/12678\/revisions\/119322"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=12678"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=12678"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=12678"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=12678"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=12678"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}