MobileIron Privacy Shield Policy Statement
MobileIron, Inc. (“MobileIron”) is a leader in enterprise mobility management. MobileIron products and services enable companies around the world to securely manage employee mobile devices, and deliver apps, documents and other content to those devices.
“Personal Data” means any information that (i) is transferred from the EU or Switzerland to MobileIron in the U.S., and (ii) relates to an identified or identifiable natural person. If the information has been irreversibly stripped of all identifiers such that an individual cannot be identified or re-identified, it is not Personal Data.
U.S. Federal Trade Commission Jurisdiction
MobileIron’s commitments under the Principles are subject to the jurisdiction and the investigatory and enforcement authority of the United States Federal Trade Commission.
MobileIron may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
How MobileIron Obtains Personal Data and Purposes of Data Processing
As a provider of enterprise mobility management products and services to employers, MobileIron obtains Personal Data about its business customers’ employees and their mobile devices in order to facilitate the registration of mobile devices and the deployment, operation and maintenance of the MobileIron products and services. This data includes mobile device identifiers, such as the IP address, mobile phone number, make and model, carrier, country, operating system version, and other technical details. To the extent that such data is capable of being used to identify an individual (alone or in combination with other data) such data is considered Personal Data for the purposes of this Privacy Shield Statement. MobileIron processes this Personal Data only on behalf of its business customers, in the company’s capacity as a service provider to those customers. Additional information about Personal Data processed in connection with MobileIron’s role as a service provider to its customers can be found in our Product Privacy Statement at https://www.mobileiron.com/en/legal/product-privacy.
MobileIron also collects Personal Data for its own purposes via MobileIron websites, mobile applications and social media assets, and by email in connection with the company’s business development efforts, marketing programs, surveys, offers, events and other promotions. Additional information about Personal Data processed by MobileIron for its own purposes can be found in our Website Privacy Statement at https://www.mobileiron.com/en/privacy-policy.
In all cases, as described below, MobileIron's practices regarding the collection, storage, use, transfer, and other processing of Personal Data comply with the Privacy Shield principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability.
MobileIron provides information by means of this Privacy Shield Statement, the MobileIron Website Privacy Statement and the Product Privacy Statement regarding its Personal Data privacy practices. MobileIron also has informed its business customers that they are responsible for providing appropriate notice to their employees who have MobileIron software installed on their mobile devices.
Where MobileIron receives Personal Data about its business customers’ employees, MobileIron has informed those customers that they are responsible for providing their employees with any required privacy choices regarding MobileIron’s use, disclosure and other processing of Personal Data on behalf of the business customer. Employees of business customers can learn more about these choices in the “What are my privacy choices?” section of the Product Privacy Statement.
In the event Personal Data covered by this Policy is to be disclosed to a non-agent third party or used for a purpose materially different from the purpose(s) for which the Personal Data was originally collected or subsequently authorized, Data Subjects will be given an opportunity to choose (opt-out) whether to have their Personal Data so disclosed or used. We will ask Data Subjects to opt-in to any uses or disclosures of their Personal Data that are materially different from the purpose(s) for with the purpose(s) for which the Personal Data was originally collected or which were subsequently authorized.
Where MobileIron collects Personal Data for its own purposes, we offer individuals the opportunity to choose (via opt-out) whether to authorize us to disclose their Personal Data to a non-agent third parties or to use the Personal Data for a purpose that is materially different from the purpose(s) for which the Personal Data was originally collected or subsequently authorized.
Accountability for Onward Transfer of Personal Data
MobileIron may share Personal Data with third party services providers that perform services on the company’s behalf. MobileIron does not authorize these service providers to use or disclose the Personal Data except as necessary to perform services on behalf of MobileIron or MobileIron’s business customers, or to comply with legal requirements. We require these service providers by contract to process Personal Data for limited and specific purposes consistent with any consent provided by the individual and to restrict their access, use and disclosure of Personal Data as required by this Privacy Shield Statement and the Principles and to appropriately safeguard the privacy and security of the Personal Data they process. If MobileIron has knowledge that a third party to which it has disclosed Personal Data covered by this Privacy Shield Statement is processing (or is no longer capable of processing) such Personal Data in a way that is contrary to this Privacy Shield Statement and/or the Principles, MobileIron will take reasonable steps to prevent or stop such processing.
MobileIron remains responsible and liable under this Privacy Shield Statement and the Principles if any third party provider that it engages to process Personal Data on its behalf does so in in a way that is contrary to this Privacy Shield Statement and/or the Principles.
MobileIron takes reasonable and appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. For more details, please see our Website Privacy Statement and the Product Privacy Statement.
Data Integrity and Purpose Limitation
MobileIron limits the Personal Data that it collects to information that is relevant for the purposes for which it is being processed and does not process Personal Data in a way that is materially different from the purposes for which it has been collected or subsequently authorized by the individual. In addition, MobileIron takes reasonable steps to ensure that the Personal Data the company processes are reliable for its intended use, and accurate, complete and current. MobileIron depends on its business customers and their employees to provide accurate Personal Data and to update and correct the information as necessary to facilitate the registration of mobile devices and the deployment, operation and maintenance of MobileIron products and services.
Where appropriate, MobileIron provides individuals with reasonable access to the Personal Data the company maintains about them that was obtained from visitors from our websites, mobile applications and social media assets. MobileIron also provides a reasonable opportunity for individuals to correct, amend or delete that information where the individual can demonstrate that it is inaccurate. The company may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances, or where the rights of persons other than the individual would be violated or as otherwise permitted by the Principles. Please see the “Access and Correction” section in the Website Privacy Statement. Business customer employees should refer requests for access to or correction of their Personal Data to their employer. Please see the “How can I access and correct my personal information?” section in the Product Privacy Statement.
Recourse, Enforcement and Liability
MobileIron has established procedures for periodically reviewing and verifying the accuracy of this Privacy Shield Statement and verifying the company’s implementation of and compliance with the Principles and the remedying of any issues identified. MobileIron conducts an annual self-assessment of its Personal Data practices to verify that the attestations and assertions the company makes about its privacy practices are true and that the company’s privacy practices have been implemented as represented and, in particular, with regard to cases of non-compliance. All employees of MobileIron that have access to Personal Data covered by this policy in the U.S. are responsible for conducting themselves in accordance with the policies described in this Privacy Shield Statement. Failure of a MobileIron employee to comply with such policies may result in disciplinary action up to and including termination.
Individuals may make an inquiry or file a complaint concerning MobileIron’s processing of their Personal Data by emailing email@example.com or by regular or express mail to the address set forth in “How to Contact Us” below. We will respond to any such inquiries or complaints within forty-five (45) days. If MobileIron fails to respond to a complaint cannot be resolved through MobileIron’s internal process, MobileIron has registered with JAMS to provide independent dispute resolution process at no cost to the complaining party. To contact JAMS and to learn more about the dispute resolution process, including how to submit a complaint, see: https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. A complaining party may, in the absence of a resolution through JAMS, seek to engage in binding arbitration through a Privacy Shield Panel. For more information on the Privacy Shield Panel arbitration option, see Clause C of Annex I of Annex 2 (Arbitral Model) to the European Commission Implementing Decision at http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision_en.pdf. MobileIron will cooperate with the United States Department of Commerce and the relevant Data Protection Authority and/or the Swiss Federal Data Protection and Information commissioner in the investigation of complaints that cannot be resolved between MobileIron and the complaining party.
How to Contact Us
If you have any questions, comments or concerns about this Privacy Shield Statement, or if you would like us to update information we have about you or your choices or preferences, please contact us by email at firstname.lastname@example.org. You also may write to us at:
Attn: Privacy Office
415 East Middlefield Road
Mountain View, CA 94043
Effective Date: September 30, 2016