Service Privacy Policy

Effective:  February 21, 2021
Prior Version:  June 30, 2020

 

This Service Privacy Policy describes the information privacy practices that JAGGAER, LLC and its subsidiaries (“JAGGAER,” “we,” “us” or “our”) employ when JAGGAER’s customers and suppliers use our software applications and services (together, the “Solution”).

The data controller for the information you provide or that we collect from you when you use the Solution is:

JAGGAER, LLC and its subsidiaries
3020 Carrington Mill Blvd., Suite 100
Morrisville, NC 27560

 

This Service Privacy Policy does not cover any information collected by JAGGAER for marketing purposes or when you are not using the Solution, which is governed by our Marketing Privacy Policy available at https://www.jaggaer.com/privacy-policy/.

 

Information We Collect

We collect information, including Personal Information, to provide better services to all our users. We use the term “Personal Information” to refer to any information that identifies or can be used to identify you. Common examples of Personal Information include: full name, email address, digital identity, such as a login name or handle, information about your device, and certain metadata.

“Sensitive Personal Information” refers to a smaller subset of Personal Information which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information,or medical insurance data.

 

When you use our Solutions, we collect Personal Information in the following ways:

  1. Information You Give to Us

a) Web Portal
When creating and signing into your account, you must provide Personal Information about yourself, including your name and email address by completing forms for the credentials In the normal course of using the Solution, users of customers and suppliers may enter Personal Information into the Solution, such as business contact information or, with respect to customers using the Solution, an individual’s role in the customer’s organization. By submitting Personal Information to the Solution, you consent to JAGGAER’s storage, use and other processing of this information in accordance with this Service Privacy Policy.

 

In some instances, you may elect to provide us with location and address information. You may also provide us with Personal Information about yourself when you report a problem or have a question about our services.

 

The web portal may offer interactive and social features that permit you to submit content and communicate with us. You may provide Personal Information to us when you post information in these interactive and social features. Please note that your postings in these areas of these sites may be publicly accessible or accessible to other users.

b) Mobile Application

Certain information is required when creating an account to use our Solutions on the mobile application, such as your name, email address, user name and password.  You can choose not to provide certain information, but then you may not be able to register for JAGGAER or take advantage of some features of the Solutions. When your device syncs with JAGGAER’s application, certain data recorded on your device is transferred from your device to our servers.

2. Information We Obtain from Your Use of Our Solutions

We collect certain information automatically, such as your operating system version, browser type, and internet service provider. We also collect information about your interaction with the Solutions, such as creating or logging into your account, or opening or interacting with the Solutions on your mobile device. When you use our web portal, we automatically collect and store this information in service logs. This includes: details of how you used our web portal; internet protocol address; cookies that uniquely identify your browser, the referring web page and pages visited.  We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Information, but we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties.

a) Location Data

If you grant us access to your location, JAGGAER may collect information about your location when you use our Solutions. Your location can be determined by: IP address, and information about things near your device, such as Wi-Fi access points and cell towers.  When you use our Solutions via a wireless device, we may solicit your permission to collect your location data. Some features within our application may only function upon confirmation of your location, and therefore such features will not be available if you choose not to provide your location data to us. The specificity of the location data collected may depend on a number of factors, including the device you are using (e.g. laptop, smartphone or tablet) and how you are connected to the Internet (e.g., via cable broadband connection, WiFi). If you enable location services for our mobile application, we may collect location data periodically as you use or leave open our mobile application. We may associate such location data with Personal Information you provide to us. Depending on the platform you use to access our mobile application (e.g., Apple’s iOS, Google’s Android), you may be able to control whether location data is collected from within “Settings” or other controls on your wireless device or the Applications mobile application.

b) Device ID

When using our Solutions, we or our service provider may collect your unique device ID. We may use such information for internal purposes and to provide you a better experience, such as to troubleshoot application problems you may experience. We may associate device ID with Personal Information you provide to us. You may learn more about opt out of any anonymous device ID collection via the privacy settings available within your mobile device.

3. Cookies and Similar Technologies

We and our partners use various technologies to collect and store information when you visit one of our Solutions, and this may include using cookies or similar technologies to identify your browser or device.

The technologies we use for this automatic data collection may include:

Cookies. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our services.  For more information about our use of cookies, including details on how to opt-out of certain cookies, please see our Cookie Policy.

Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Clickstream Data. Clickstream data is information collected by our computers when you request web pages from the web portal. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Sites.

Use and disclosure of personal Information

JAGGAER treats Personal Information as confidential and JAGGAER accesses Personal Information provided by you through the Solution in order to provide the Solution to you, fulfil your requests related to the Solution and enhance your use of the Solution.

JAGGAER does not sell any Personal Information to third parties. JAGGAER will only share Personal Information with the following third parties and/or in the following circumstances:

a) when we are authorized to do so by you in writing;

b) to the third-party service providers that are authorized by JAGGAER to perform services for you on JAGGAER’s behalf and for the purposes described in this Service Privacy Policy, and only when agreements are in place that require each third party to protect the privacy and confidentiality of the personal information that is shared and comply with all applicable privacy and data protection laws;

c) when suppliers register to receive services from JAGGAER, JAGGAER processes the supplier information by signing them up to be included within JAGGAER’s supplier network (“JAGGAER Supplier Network”) and by signing up for the JAGGAER Supplier Network, information will be shared with other suppliers in the network as well as third-party service providers and vendors. JAGGAER has agreements in place with all third-parties to protect the privacy and confidentiality of the Personal Information that is shared through the JAGGAER Supplier Network which complies with all applicable privacy and data protection laws;

d) when it is reasonably necessary to comply with a legal process, such as a court order, subpoena or search warrant, government investigation or other legal requirements, including to meet national security or law enforcement requirements,

e) in the course of any direct or indirect reorganization process, including, but not limited to, mergers, acquisitions and sales of all or substantially all of our assets, or

f) when necessary for the prevention or detection of crime (subject in each case to applicable law) or to establish or defend a legal claim.

JAGGAER uses and shares information that by itself, does not identify an individual, customer or supplier (such as device information or general behavioral data), primarily to enhance your use of the Solution and for benchmarking purposes.

Our Legal Bases for Collecting Personal Information

 

Whenever we collect Personal Information from you, we may do so on the following legal bases:

  1. Your consent to such collection and use;
  2. Out of necessity for the performance of an agreement between us and you, such as your agreement to use our services or your request for services;
  3. Our legitimate business interest, including but not limited to the following circumstances where collecting or using Personal Information is necessary for:
  • Intra-organization transfers for administrative purposes;
  • Product development and enhancement, where the processing enables JAGGAER to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our users, and to better understand how people interact with our web portals;
  • Communications and marketing, including processing data for direct marketing purposes, and subject to your opt-in for these purposes, and to determine the effectiveness of our promotional campaigns and advertising;
  • Fraud detection and prevention;
  • Enhancement of our cybersecurity, including improving the security of our network and information systems; and
  • General business operations and diligence.

Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.

 

YOUR RIGHTS & CHOICES

You may have certain rights relating to your Personal Information, subject to local data protection law. Whenever you use our Solutions, we aim to provide you with choices about how we use your Personal Information. We also aim to provide you with access to your Personal Information. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of Personal Information we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that Personal Information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.

  • Privacy Rights Specific to European Union Residents

The European Union’s General Data Protection Regulation (“GDPR”), and corresponding legislation in the United Kingdom and Switzerland, provide European, Switzerland and United Kingdom residents with certain rights in connection with Personal Information you have shared with us. If you are resident in the European Economic Area, you may have the following rights:

  • The right to be informed. You are entitled to be informed of the use of your Personal Data (as defined under GDPR).  This Privacy Policy provides such information to you.
  • The right of access. You have the right to request a copy of your Personal Data which we hold about you.
  • The right of correction. You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
  • The right to withdraw consent. You have the right to withdraw a previously given consent for processing your Personal Data for a specific purpose.
  • The right to be forgotten. You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data.  Note, however, that deletion of your Personal Data will likely impact your ability to use our Solutions.
  • The right to object (opt-out). You have the right to opt-out of certain uses of your Personal Data,  at any time.
  • The right to data portability. You have the right to a “portable” copy of your Personal Data that you have submitted to us.  Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers or information technology environment to another service provider’s servers or information technology environment.
  • The right to refuse to be subjected to automated decision making, including profiling. You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
  • The right to lodge a complaint with a supervisory authority. You have the right to lodge complaints about our data processing activities by filing a complaint with us or with the relevant Supervisory Authority. A list of Supervisory Authorities is available here:  http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

You may exercise any of the rights described in this section by sending an email to via email to privacy@jaggaer.com.  All customers may update or correct information about yourself by making changes to your profile or submitting a request via email to privacy@jaggaer.com.  Please note that we may ask you to verify your identity and request before taking further action on your request. We may respond to your request by letter, email, telephone or any other suitable method. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.

In some cases, our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the Services you have requested. Where this is the case, we will inform you of specific details in response to your request.

We endeavor to respond to a verifiable consumer request within 30 days of its receipt consistent with applicable law.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Resident of California?

If you are a California resident, state law may provide you with additional rights regarding our use of your personal information. The information below is intended to comply with the California Consumer Privacy Act and other California state privacy laws (all such laws are collectively referred to herein as the “CCPA”). Any terms defined in the CCPA have the same meaning when used here.

 

  1. Information We Collect

We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

  • Identifiers, such as your name, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers.
  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), such as your name and telephone number.
  • Internet or similar network activity, such as your browsing history, search history, information on your interaction with a website, application, or advertisement.
  • Inferences drawn from personal information, such as a profile reflecting your preferences, trends, predispositions, behavior, and attitudes.
  • Professional or employment-related information, such as current employer, work email address and position.
  • Commercial information, such as records products, or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. We obtain the categories of personal information listed above from the following categories of sources:

 

  • Directly from you when you volunteer this information.
  • Directly and indirectly from interaction with the Solution.

2. Your Rights and Choices

The CCPA provides California consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

a) Right to Know. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, such as the specific pieces of personal information we have collected, as well as information about our sale or disclosure for business purposes of your personal information to third parties. Once we receive and confirm your verifiable consumer request, we will disclose to you the information you have requested.

b) Right to Delete. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

c) Right to Opt-Out of the Sale of Personal Information. We do not sell your personal information referenced in this Service Privacy Policy to third parties. If we did, you would have the right to opt-out of the sale of your personal information to third parties. Under the CCPA, “sell” includes the transfer or communication of personal information to another business if the transfer conveys value to the recipient business, even if there is no exchange of money. Again, we do not sell your personal information referenced in this Service Privacy Policy to third parties. We do not sell the personal information of consumers under the age of 16 without affirmative authorization.

d) Right to Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights.

Please submit a request using the contact information provided below. We may need you to provide additional information to verify your request, such as providing certain data elements so that we can confirm they match the personal information already maintained by us. We will not use this additional information for anything other than handling your request. You may designate an authorized agent to make a request in certain circumstances on your behalf.

3. Shine the Light

You can request a notice disclosing the categories of personal information about you that we have shared with third parties for their direct marketing purposes during the preceding calendar year. To request this notice, please submit your request at https://www.jaggaer.com/trustcenter/privacy/inquiry/. Please allow 30 days for a response.  At this time, JAGGAER does not share personal information referenced in this Service Privacy Policy with third parties for their direct marketing purposes.

 

OUR OPT-IN/OPT-OUT Policy

By providing an email address for the JAGGAER Solutions, you agree that we may contact you in the event of a change in this Privacy Policy, to provide you with any Solution related notices, or to provide you with information about our events, invitations, or related educational information.

For purposes of this Privacy Policy, “opt-in” is generally defined as any affirmative action by a user to submit or receive information, as the case may be.

At any time, you can contact us through privacy@jaggaer.com or the address or telephone number provided below to unsubscribe from the service and opt-out of our right per your consent under the terms of this Privacy Policy to share your Personal Data.

Notwithstanding anything else in this Privacy Policy, please note that we always reserve the right to contact you in the event of a change in this Privacy Policy, or to provide you with any service related notices.

 

Complaint Handling; Dispute Resolution; Contact US

JAGGAER commits to resolve complaints about your privacy and our collection or use of your personal information. Individuals with inquiries or complaints regarding this Service Privacy Policy should contact JAGGAER at privacy@jaggaer.com.

At any time, you may contact JAGGAER with questions or concerns about this Service Privacy Policy, or to exercise any of your rights at privacy@jaggaer.com.  You also may communicate with us at:

 

JAGGAER, LLC
Attention: Legal Department
3020 Carrington Mill Blvd. Suite 100
Morrisville, NC 27560

CCPA Toll Free Number: 1-866-467-8688, enter Service Code 987#

If you are located in the European Union and have questions about this Service Privacy Policy, you also may contact the Supervisory Authority of your country of residence (see http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080).

Data Retention

We keep your Personal Information only as long as we need it for legitimate business purposes and as permitted by applicable law and any timeframes set forth in the applicable customer or supplier agreement. We retain your Personal Information even after your business relationship with us ends if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our Terms of Service, or fulfill your request to “unsubscribe” from further messages from us.

Security

The security of your data, including personal information, is very important to JAGGAER. JAGGAER maintains a comprehensive, written information security program that contains administrative, technical and physical safeguards designed to protect your data against unauthorized access, theft and loss, including physical and logical access controls, firewalls, intrusion detection systems, network and database monitoring, anti-virus systems and backup systems. JAGGAER limits access to your data to those persons who have a specific business purpose for processing your data. JAGGAER’s employees who are granted physical access to personal information are required to protect the confidentiality, integrity, and availability of that information and are provided training and instruction on how to do so. With respect to customer use of the Solution, JAGGAER designs its Solution to enforce user access controls and our customers are authorized and responsible for configuring these settings appropriately.

Please understand, however, that no data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information that you transfer to us is done at your own risk.

INTERNATIONAL TRANSFERS

If you are located in the European Union, U.K. or Switzerland, this section of the Service Privacy Policy provides notice that your personal information may be processed in the United States in accordance with the data protections laws.

We may, directly or indirectly through third-party entities around the world, process, store, and transfer the information you provide, including your Personal Information, as described in this Service Privacy Policy. Specifically, the information and Personal Information that we collect may be transferred to, and stored at, a location outside of your jurisdiction. It may also be processed by staff operating outside of your jurisdiction who work for us or for one of the organizations outlined in this Service Privacy Policy in connection with the activities outlined in this Service Privacy Policy. By submitting your information and Personal Information using the web portals, you agree to this transfer, storing or processing. We will take all steps necessary to ensure that your Personal Information is treated securely and in accordance with this Service Privacy Policy. We have put in place commercially reasonable technical and organizational procedures to safeguard the information and Personal Information we collect on the web portals.

 

Changes to our Service Privacy Policy

This Service Privacy Policy is effective and current as of the date set forth at the top of this page. JAGGAER reserves the right to modify any part of this Service Privacy Policy from time to time to reflect changes to technology, legal obligations and information handling practices. JAGGAER will alert you to any change to this this Service Privacy Policy by indicating the date it was last updated at the top of this page. We will notify you in writing before any material change takes effect so that you have time to review the terms of the revised Service Privacy Policy before the changes are in effect.