To meet the evolving privacy standards of the General Data Protection Requirement (GDPR) and other privacy requirements around the world including (but not limited to) the UK Data Protection Act 2018 and requirements of various states within the United States of America such as the California Privacy Rights Act of 2020 (CPRA) , we modified our Privacy Policy and our Software Transaction Agreement, and we created a Data Processing Addendum (DPA). In general, the modifications
- explain the Personal Data we may collect
- enumerate the purposes for which Personal Data will be obtained
- indicate when and why Personal Data may be shared with third parties
- confirm that transfers of Personal Data, whether they are to our headquarters in the U.S.A. or to our third-party affiliates, are being done in compliance with the expectations as described in the EU Standard Contractual Clauses
For your convenience, listed below are links to materials often requested in relation to GDPR.
- Data Processing Addendum
- Information Security Policy
- Privacy Policy
- Software Transaction Agreement
- Technical and Organizational Measures
- EU Standard Contractual Clauses
Sub-Processors
Some of our products provide functionality through partnerships with other third parties. In the situations where those efforts involve sharing Personal Data with a third party in the process of providing the functionality to you, we have listed the third parties in a list of sub-processors for that product. Many of our products do not have any sub-processors. To eliminate any confusion, a list of sub-processors has been created for each product. For those without any third-party sub-processors, the list is blank.
We have published lists of sub-processors associated with each of our products in our support portal (support.quest.com). Anyone registered for support can view the lists from https://support.oneidentity.com/subprocessor.
Notifications
GDPR and other privacy regulations require notifications in the case of a data breach and also if any change is made to a product’s use of sub-processors. By default, all users registered for support maintenance of our products are opted-in to our data breach notification system. Similarly, all users registered for support for a product will receive notifications if a new sub-processor is being introduced to that product. To receive notices, please register for support at https://support.oneidentity.com