Effective: February 21, 2021
Prior Version: June 30, 2020
The data controller for the information you provide or that we collect from you when you use the Solution is:
JAGGAER, LLC and its subsidiaries
3020 Carrington Mill Blvd., Suite 100
Morrisville, NC 27560
Information We Collect
We collect information, including Personal Information, to provide better services to all our users. We use the term “Personal Information” to refer to any information that identifies or can be used to identify you. Common examples of Personal Information include: full name, email address, digital identity, such as a login name or handle, information about your device, and certain metadata.
“Sensitive Personal Information” refers to a smaller subset of Personal Information which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information,or medical insurance data.
When you use our Solutions, we collect Personal Information in the following ways:
- Information You Give to Us
a) Web Portal
In some instances, you may elect to provide us with location and address information. You may also provide us with Personal Information about yourself when you report a problem or have a question about our services.
The web portal may offer interactive and social features that permit you to submit content and communicate with us. You may provide Personal Information to us when you post information in these interactive and social features. Please note that your postings in these areas of these sites may be publicly accessible or accessible to other users.
b) Mobile Application
Certain information is required when creating an account to use our Solutions on the mobile application, such as your name, email address, user name and password. You can choose not to provide certain information, but then you may not be able to register for JAGGAER or take advantage of some features of the Solutions. When your device syncs with JAGGAER’s application, certain data recorded on your device is transferred from your device to our servers.
2. Information We Obtain from Your Use of Our Solutions
We collect certain information automatically, such as your operating system version, browser type, and internet service provider. We also collect information about your interaction with the Solutions, such as creating or logging into your account, or opening or interacting with the Solutions on your mobile device. When you use our web portal, we automatically collect and store this information in service logs. This includes: details of how you used our web portal; internet protocol address; cookies that uniquely identify your browser, the referring web page and pages visited. We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Information, but we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties.
a) Location Data
If you grant us access to your location, JAGGAER may collect information about your location when you use our Solutions. Your location can be determined by: IP address, and information about things near your device, such as Wi-Fi access points and cell towers. When you use our Solutions via a wireless device, we may solicit your permission to collect your location data. Some features within our application may only function upon confirmation of your location, and therefore such features will not be available if you choose not to provide your location data to us. The specificity of the location data collected may depend on a number of factors, including the device you are using (e.g. laptop, smartphone or tablet) and how you are connected to the Internet (e.g., via cable broadband connection, WiFi). If you enable location services for our mobile application, we may collect location data periodically as you use or leave open our mobile application. We may associate such location data with Personal Information you provide to us. Depending on the platform you use to access our mobile application (e.g., Apple’s iOS, Google’s Android), you may be able to control whether location data is collected from within “Settings” or other controls on your wireless device or the Applications mobile application.
b) Device ID
When using our Solutions, we or our service provider may collect your unique device ID. We may use such information for internal purposes and to provide you a better experience, such as to troubleshoot application problems you may experience. We may associate device ID with Personal Information you provide to us. You may learn more about opt out of any anonymous device ID collection via the privacy settings available within your mobile device.
3. Cookies and Similar Technologies
We and our partners use various technologies to collect and store information when you visit one of our Solutions, and this may include using cookies or similar technologies to identify your browser or device.
The technologies we use for this automatic data collection may include:
Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Clickstream Data. Clickstream data is information collected by our computers when you request web pages from the web portal. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Sites.
Use and disclosure of personal Information
JAGGAER treats Personal Information as confidential and JAGGAER accesses Personal Information provided by you through the Solution in order to provide the Solution to you, fulfil your requests related to the Solution and enhance your use of the Solution.
JAGGAER does not sell any Personal Information to third parties. JAGGAER will only share Personal Information with the following third parties and/or in the following circumstances:
a) when we are authorized to do so by you in writing;
c) when suppliers register to receive services from JAGGAER, JAGGAER processes the supplier information by signing them up to be included within JAGGAER’s supplier network (“JAGGAER Supplier Network”) and by signing up for the JAGGAER Supplier Network, information will be shared with other suppliers in the network as well as third-party service providers and vendors. JAGGAER has agreements in place with all third-parties to protect the privacy and confidentiality of the Personal Information that is shared through the JAGGAER Supplier Network which complies with all applicable privacy and data protection laws;
d) when it is reasonably necessary to comply with a legal process, such as a court order, subpoena or search warrant, government investigation or other legal requirements, including to meet national security or law enforcement requirements,
e) in the course of any direct or indirect reorganization process, including, but not limited to, mergers, acquisitions and sales of all or substantially all of our assets, or
f) when necessary for the prevention or detection of crime (subject in each case to applicable law) or to establish or defend a legal claim.
JAGGAER uses and shares information that by itself, does not identify an individual, customer or supplier (such as device information or general behavioral data), primarily to enhance your use of the Solution and for benchmarking purposes.
Our Legal Bases for Collecting Personal Information
Whenever we collect Personal Information from you, we may do so on the following legal bases:
- Your consent to such collection and use;
- Out of necessity for the performance of an agreement between us and you, such as your agreement to use our services or your request for services;
- Our legitimate business interest, including but not limited to the following circumstances where collecting or using Personal Information is necessary for:
- Intra-organization transfers for administrative purposes;
- Product development and enhancement, where the processing enables JAGGAER to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our users, and to better understand how people interact with our web portals;
- Communications and marketing, including processing data for direct marketing purposes, and subject to your opt-in for these purposes, and to determine the effectiveness of our promotional campaigns and advertising;
- Fraud detection and prevention;
- Enhancement of our cybersecurity, including improving the security of our network and information systems; and
- General business operations and diligence.
Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.
YOUR RIGHTS & CHOICES
You may have certain rights relating to your Personal Information, subject to local data protection law. Whenever you use our Solutions, we aim to provide you with choices about how we use your Personal Information. We also aim to provide you with access to your Personal Information. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of Personal Information we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that Personal Information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.
- Privacy Rights Specific to European Union Residents
The European Union’s General Data Protection Regulation (“GDPR”), and corresponding legislation in the United Kingdom and Switzerland, provide European, Switzerland and United Kingdom residents with certain rights in connection with Personal Information you have shared with us. If you are resident in the European Economic Area, you may have the following rights:
- The right of access. You have the right to request a copy of your Personal Data which we hold about you.
- The right of correction. You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
- The right to withdraw consent. You have the right to withdraw a previously given consent for processing your Personal Data for a specific purpose.
- The right to be forgotten. You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data. Note, however, that deletion of your Personal Data will likely impact your ability to use our Solutions.
- The right to object (opt-out). You have the right to opt-out of certain uses of your Personal Data, at any time.
- The right to data portability. You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers or information technology environment to another service provider’s servers or information technology environment.
- The right to refuse to be subjected to automated decision making, including profiling. You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
- The right to lodge a complaint with a supervisory authority. You have the right to lodge complaints about our data processing activities by filing a complaint with us or with the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
You may exercise any of the rights described in this section by sending an email to via email to email@example.com. All customers may update or correct information about yourself by making changes to your profile or submitting a request via email to firstname.lastname@example.org. Please note that we may ask you to verify your identity and request before taking further action on your request. We may respond to your request by letter, email, telephone or any other suitable method. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.
In some cases, our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the Services you have requested. Where this is the case, we will inform you of specific details in response to your request.
We endeavor to respond to a verifiable consumer request within 30 days of its receipt consistent with applicable law.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Resident of California?
If you are a California resident, state law may provide you with additional rights regarding our use of your personal information. The information below is intended to comply with the California Consumer Privacy Act and other California state privacy laws (all such laws are collectively referred to herein as the “CCPA”). Any terms defined in the CCPA have the same meaning when used here.
- Information We Collect
We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
- Identifiers, such as your name, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers.
- Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), such as your name and telephone number.
- Internet or similar network activity, such as your browsing history, search history, information on your interaction with a website, application, or advertisement.
- Inferences drawn from personal information, such as a profile reflecting your preferences, trends, predispositions, behavior, and attitudes.
- Professional or employment-related information, such as current employer, work email address and position.
- Commercial information, such as records products, or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you when you volunteer this information.
- Directly and indirectly from interaction with the Solution.
2. Your Rights and Choices
The CCPA provides California consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
a) Right to Know. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, such as the specific pieces of personal information we have collected, as well as information about our sale or disclosure for business purposes of your personal information to third parties. Once we receive and confirm your verifiable consumer request, we will disclose to you the information you have requested.
b) Right to Delete. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
d) Right to Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights.
Please submit a request using the contact information provided below. We may need you to provide additional information to verify your request, such as providing certain data elements so that we can confirm they match the personal information already maintained by us. We will not use this additional information for anything other than handling your request. You may designate an authorized agent to make a request in certain circumstances on your behalf.
3. Shine the Light
OUR OPT-IN/OPT-OUT Policy
Complaint Handling; Dispute Resolution; Contact US
Attention: Legal Department
3020 Carrington Mill Blvd. Suite 100
Morrisville, NC 27560
CCPA Toll Free Number: 1-866-467-8688, enter Service Code 987#
We keep your Personal Information only as long as we need it for legitimate business purposes and as permitted by applicable law and any timeframes set forth in the applicable customer or supplier agreement. We retain your Personal Information even after your business relationship with us ends if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our Terms of Service, or fulfill your request to “unsubscribe” from further messages from us.
The security of your data, including personal information, is very important to JAGGAER. JAGGAER maintains a comprehensive, written information security program that contains administrative, technical and physical safeguards designed to protect your data against unauthorized access, theft and loss, including physical and logical access controls, firewalls, intrusion detection systems, network and database monitoring, anti-virus systems and backup systems. JAGGAER limits access to your data to those persons who have a specific business purpose for processing your data. JAGGAER’s employees who are granted physical access to personal information are required to protect the confidentiality, integrity, and availability of that information and are provided training and instruction on how to do so. With respect to customer use of the Solution, JAGGAER designs its Solution to enforce user access controls and our customers are authorized and responsible for configuring these settings appropriately.
Please understand, however, that no data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information that you transfer to us is done at your own risk.