Privacy at JAGGAER
JAGGAER and Privacy:
Our approach to privacy centers on giving you control of and access to your personal data while being transparent about the specific policies, operational practices and technologies that govern our collection, use and security of your personal data.
World class privacy and compliance expertise:
JAGGAER employs a privacy team comprised of experienced professionals in both the U.S. and Europe. Additionally, JAGGAER partners with privacy and compliance experts across the globe, including our legal privacy partner, K&L Gates LLP, whose lawyers the EU consulted when developing the EU General Data Protection Regulation (GDPR) and our legal compliance partner, Baker & McKenzie LLP, regularly ranked as the world’s strongest law firm brand in the Acritas Global Elite Law Firm Brand Index. Our privacy and compliance team is tasked with maintaining JAGGAER’s privacy and compliance programs, implementing our privacy policies and regularly engaging with customers to ensure we are meeting our customers’ privacy and compliance needs.
Identifying personal data at JAGGAER:
On a global basis, JAGGAER regularly inventories the personal data that each business unit collects and processes, including any personal data our customers input into our software applications, all employee personal data we collect and access to manage our global workforce and any personal data we collect via marketing channels. By identifying and understanding what personal data we collect and store, how we use that personal data, where it is stored and transferred to, who has access to it and why, we are able to appropriately manage and protect all personal data that we process and ensure our compliance with global privacy laws and regulations.
What personal data we collect or process and why:
Who can access your personal data and on what terms:
In accordance with our information security policies and procedures, access to your personal data is generally limited to JAGGAER employees whose access is necessary to fulfill their job duties and responsibilities. All personnel are contractually obligated to keep all customer data, including all personal data, confidential and undergo regular training on proper data handling practices. In some circumstances, we may also engage service providers to help us provide services to our customers. All service providers are extensively vetted and, if they may access any personal data of our customers while performing the services, they are required to undergo a security assessment and sign our Vendor Data Processing Addendum. This helps ensure our service providers are protecting and managing any personal data they access in compliance with (i) JAGGAER’s privacy standards, (ii) requirements set forth in our customer agreements and (iii) all applicable data privacy laws. A list of all service providers authorized to access customer personal data of JAGGAER’s customers is available in our Trust Center.
How we protect your personal data:
JAGGAER is committed to having comprehensive security procedures and safeguards across our platforms and business units that are designed to protect your personal data against (i) accidental or unlawful destruction, loss or alteration, and (ii) unauthorized disclosure or access.
A description of our security procedures and safeguards may be found in our Trust Center, along with the numerous certifications and standards earned by JAGGAER across our global operations, that demonstrate JAGGAER’s commitment to the protection and security of personal data, including by the International Organization for Standardization (“ISO”) for security standards and the American Institute of Public Accountants (AICPA) Service Organization Controls (SOC) 1 and SOC 2.
General Data Protection Regulation (“GDPR”):
JAGGAER maintains a comprehensive program to ensure our compliance with the European Union’s General Data Protection Regulation (“GDPR”) and to aid our customer’s compliance with GDPR. Please visit our GDPR page for more information about JAGGAER’s GDPR compliance program and how we help our customers comply with GDPR. You can also access our Customer Data Processing Addendum which sets forth our commitment to our customers regarding the processing of any personal data provided by our customers in compliance with GDPR.
International Data Transfers:
JAGGAER is certified under the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework established by the U.S. Department of Commerce in coordination with the European Union to regulate the collection, use and retention of personal information transferred to the U.S. from the European Union and Switzerland, respectively. All other international transfers conducted by JAGGAER are governed by EU-approved data transfer agreements among JAGGAER’s business entities, in compliance with applicable privacy laws.
You may contact our data privacy team (located in both the EU and the U.S.) via the Data Privacy Inquiry Portal for any questions, comments, concerns or requests regarding your personal data. Additionally, you may contact JAGGAER’s Data Protection Officer directly at DPO@jaggaer.com.