Schedule demo
 
 

GDPR Compliance

Applications Manager is GDPR-ready, are you?

The GDPR is here

On May 25, 2018, the General Data Protection Regulation (GDPR) went into full effect. If you're thinking this regulation doesn't apply to you because you're located outside the EU, you may be in for a shock; this new regulation applies to any organization processing the personal data of EU citizens, even if it operates beyond the EU's borders.

What's the benefit of GDPR?

The GDPR aims to create a higher standard of data protection for end users, which gives them the right to see how, when, why, where and what amount of their personally identifiable information (PII) is being stored, processed, and disposed of. PII is any information that directly or indirectly reveals the identity of an individual. The GDPR requires businesses to allow end users to:

  1. Keep track of how their personal information is being used, specifying whether it's for sales, marketing, or support.
  2. Demand all their personal data be removed within a stipulated amount of time.

How GDPR-compliant is Applications Manager?

Applications Manager as a controller

1. Within Product

Applications Manager, as with all of ManageEngine's products, respects our users' rights to data privacy. We have revised our privacy policy and business workflow to accommodate various features that ensure user privacy, all to maintain GDPR compliance. We use customers information for legitimate purposes only.

2. Marketing

All data collected is stored in a centralized CRM with a complete user trial on how the data has been consumed. No data is collected without a proof of consent.

Based on your consent and subscriptions, we will notify you about new product versions, updates, and service packs; upcoming events; and changes to our Privacy Policy. Within 60 days of cancellation of subscription all personal data will be removed from the system. You have complete liberty to unsubscribe from any or all of our notifications.

Based on your subscription, whenever a vulnerability or breach is detected in Applications Manager, you'll be notified about its impact along with suggested fixes.

3. Pre-sales and Sales

Demo requests and contact details of potential leads are stored in a central CRM server and support portal. Post the demo, qualified leads are forwarded to the sales team. At all points, any kind of user data is processed and stored in the central CRM and support portal after getting their consent.

4. Support

Details including issues, feature requests and enhancements are stored in our centralized CRM server and support portal, until the user deactivates the account. The email records of tickets raised are maintained until the user deactivates the account. FTP logs uploaded are stored for a period of 10 days. Files or logs are downloaded for analysis and are cleaned up once the issues are resolved

Applications Manager as a processor

Applications Manager provides secure communication via HTTPS that ensures secure storage by encrypting personal information before storing it in our databases or systems. In addition to default security practices, users can mask custom fields as PII.

Applications Manager provides management of user accounts by assigning permissions to a set of users. This way, users with fewer privileges will not be able to access admin options, which means only authorized users can access, alter, or delete personal data in the system.

Users can search their PII in Applications Manager to see where their data is being stored. In Applications Manager, critical information like who logged in to the product and edited configuration settings is audited in logs. End-users can keep track of changes made from these logs.

Applications Manager being an on-premise product provides end-users the liberty to erase their personal data. End-users can backup or export necessary data from their database before uninstalling the product.

Breach notification

As an on-premise solution, every critical detail in Applications Manager is stored in your enterprise's database. In accordance with the GDPR, whenever Applications Manager (a data processor) is impacted by a breach, you will be notified about it along with relevant fixes. Similarly:

  1. Any PII that you provide during evaluation, installation, or purchase will be used only in accordance with the Zoho Privacy Policy.
  2. Based on your subscription, whenever a vulnerability or breach is detected in Applications Manager, you'll be notified about its impact along with suggested fixes.

Whenever you contact support or enable automatic uploading of logs for diagnostic purposes, only relevant data is collected, and no personal information is obtained without prior consent.

You're in great company