GoldMine is wholly owned by Ivanti and is subject to Ivanti’s Privacy & Legal Policy
Last Modified: May 21, 2020
Ivanti sells software, not data. We collect data in order to respond to your inquiries, improve our products and services, support your use of our products, help you use our products more efficiently, market our products and services, and generally perform our contractual obligations. We do not sell, rent, share, or otherwise disclose your personal data to anyone except as necessary to support your use of our products and to market and sell our products and services.
Scope of Policy
This policy applies to all the personal data that you provide and Ivanti collects through its products, apps, services, websites, events, and other communications such as our marketing efforts. References to Ivanti products in this statement include Ivanti software, apps, services, events, and websites.
Personal Data We Collect
We automatically collect statistical information that may include personal data when you use our products. We also collect personal data when you ask for or consent to receive products or marketing materials from us. We may associate that information with personal data we collect in other ways or receive from third parties. The data we collect depends on the context of your interactions with us and the choices you make, including your privacy settings, email subscription settings, and the products and features you use. We process personal data in a manner that is compatible with the initial purpose of the data collection.
When you use our products, you provide us with data that may include the following:
Name and contact data. Your first and last name, email address, postal address, phone number, and other similar contact data.
Credentials. Passwords, password hints, and similar security information used for authentication and account access.
Demographic data. Data about you such as your age, gender, country, and preferred language.
Payment data. Data to process payments, such as your payment instrument number (e.g., a credit card number), and the security code associated with your payment instrument.
Subscription and licensing data. Information about your subscriptions, licenses, and other entitlements to our products.
Interactions. Data about your use of our products. In some cases, this is data you provide in order to use the products. In other cases, such as error reports, this is data we generate. Other examples of interactions data include:
- Device and usage data. Data about your device and the product and features you use, including information about your hardware and software, how our products perform, as well as your settings. For example, device, connectivity, and configuration data; error reports and performance data; troubleshooting and Help Data.
- Location data. Data about your device’s location, which can be either precise or imprecise. For example, we collect location data using Global Navigation Satellite System (GNSS) (e.g., GPS) and data about nearby cell towers and wi-fi hotspots. Location can also be inferred from a device’s IP address or data in your account profile that indicates where it is located with less precision, such as at a city or postal code level.
- Other input. Other inputs provided when you use our products.
Content. Content of your files and communications you input, upload, receive, create, and control. Please be aware that any information you provide in public areas, including our websites, may be read, collected, and used by others who access them.
Feedback and ratings. Information you provide to us and the content of messages you send to us, such as feedback, survey data, and product reviews you write.
Database information. If you receive technical support for an Ivanti product, you may also provide us with database information that contains personal data of third parties such as your employees or clients. We have no control over what you provide to us, nor what steps you have taken to ensure that the data is reliable for its intended use, non-infringing, accurate, complete, and current. If you provide any personal information about any third parties to us, you must have an appropriate legal basis for processing as required by applicable law. You must also provide instructions on how to use that information.
Data We Process on Behalf of our Customers. The use of information collected through our Services shall be limited to the purpose of providing the service for which the customer has engaged Ivanti. Ivanti collects information under the direction of its Customers, and has no direct relationship with the individuals whose personal data it processes. If you are a user of one of our Customers and would no longer like to be contacted by one of our Customers that use our service, please contact the Customer that you interact with directly. We may transfer personal data to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Customers.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to Ivanti’s Customer (the data controller).
Mobile Apps. When using an app on a mobile device, we may automatically collect information about the device running the app, such as the type of device, the version of the operating system, the device identifier (“UDID”) and mobile network information. We may also record information such as how often the app is used, the events that occur within the app, aggregated usage, performance data, any exceptions that occur within the app, and the source from which the app was downloaded.
Metadata and other information. We may collect metadata and other information to analyze and benchmark your use of our products. We may use that information to generate reports, analyze product usage, administer and improve the products, both for your individual use and our user base as a whole. We may also use the information to improve or create new products and to make recommendations to you and our customers about how to better use our products and services.
Third party data. We also obtain data from third parties. We protect data obtained from third parties according to the practices described in this policy, plus any additional restrictions imposed by the source of the data. Third party data that we obtain may include, but are not limited to, the following:
- Data brokers from which we purchase demographic data to supplement the data we collect.
- Service providers that help us determine your device’s location.
- Partners with which we offer co-branded services or engage in joint marketing activities.
- Publicly-available sources, such as open government databases.
Data collected when you visit our websites. Our websites also gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, browser language, device identifier, Internet service provider (ISP), referring/exit pages, duration of visit, pages viewed, operating system, date/time stamp, clickstream data, crashes, system activity, hardware settings, the date and time of requests and other usage data.
Data that we collect and process when being contacted otherwise. If you contact us over the telephone or via facsimile, we may also log information such as your phone number, forwarding calls, SMS routing information, and types of calls.
You have choices when it comes to the technology you use and the data you share. When we ask you to provide personal data, you can decline. Many of our products require some personal data to provide you with a service. If you choose not to provide the data necessary to provide you with a product or feature, you cannot use that product or feature and we may have to suspend or cancel it. Likewise, where we need personal data to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract or perform under the contract. We will notify you if this is the case at the time. Where providing the data is optional, and you choose not to share personal data, features like personalization that use such data will not work for you.
Cookies and Similar Technologies
Cookies are small data files that your browser places on your computer or mobile device. A cookie itself does not contain or collect information, but it can send information back to our website to help deliver a more user-friendly experience.
Most browsers automatically accept cookies. You can prevent cookies from being stored on your computer or device by configuring your browser to not accept cookies or to notify you when a cookie is being placed on your hard drive. Some browsers provide a mode where cookies are always deleted after a visit. This is called InPrivate, Incognito, or Private Browsing, depending on your browser.
You can learn more about how to manage and remove cookies in your browser or device’s online help. You can also visit http://www.aboutcookies.org for more information on how to manage and remove cookies across a number of different internet browsers.
If you choose not to accept cookies at all, you can still use our products. However, not all features of our products will function as intended if you reject cookies.
Our websites also gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, browser language, device identifier, Internet service provider (ISP), referring/exit pages, length of visit, pages viewed, operating system, date/time stamp, clickstream data, crashes, system activity, hardware settings, the date and time of requests and other usage data. If you contact us over the telephone or via facsimile, we may also log information such as your phone number, forwarding calls, SMS routing information, and types of calls.
Your Internet browser and mobile device may allow you to adjust your browser settings so that “do not track” requests are sent to the websites you visit. We respect your wishes and will not track user activity once “do not track” signals have been activated. However, our third party service providers may not respond to “do not track” signals.
You can manage your settings at any time by visiting the “Cookie Settings” link in the footer of our website.
We use Google Analytics, an analyzing service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California, USA (”Google“). Google Analytics uses “cookies”, i.e. text files that are stored on users’ computers and that enable to analyze how users use the site. The information generated by the cookie on your use of the website will generally be transmitted to and stored by Google on servers in the USA.
The IP-anonymization is activated on this website, i.e. your IP address will be shortened within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and shortened there.
Google will use this information on behalf of us for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage. Pseudonymous user profiles of the users can be created from the processed data. The IP-address that your browser conveys within the scope of Google Analytics, will not be associated with any other data held by Google.
You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Add-on for your current web browser:
Further information on the use of data for advertising purposes by Google, setting and objection options can be found on the Google websites, for example under:
- https://www.google.com/intl/en/policies/privacy/partners/ (“How “Google uses information from sites or apps that use our services”)
- https://www.google.com/policies/technologies/ads (“Use of data for advertising purposes“)
- https://www.google.com/settings/u/0/ads/authenticated?hl=en (“Determine what advertising Google shows you“)
On our websites you can watch videos uploaded to Vimeo (Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA) and integrated on our website via an iFrame. The iFrames are set to connect first when you click the “Play” button.
If you are logged in to your Vimeo account at the same time as pressing “Play”, Vimeo can associate your surfing behaviour with your user profile. You can prevent this data processing by logging out of your account before visiting our websites.
As this is a third party service, we have no control over the processing of this data by Vimeo. The purpose and scope of the data collection and the further processing and use of the data by Vimeo as well as your rights and settings to protect your privacy can be found at https://vimeo.com/privacy
For What Purposes We Process the Personal Information We Collect
If not otherwise described in this policy, we may process personal information collected from or about you for any of the following purposes:
- To respond to and record your requests, whether it be a product purchase, a downloaded whitepaper, or product demonstrations and evaluations.
- To provide the products, communicate with you about our products and fulfill any contractual obligations we may have with you including providing post-purchase technical support, implementation services, and updates for the products.
- Processing of payments.
- To provide online forums such as user groups and bulletin boards.
- To deliver live or online events such as training seminars or conferences, including third party events we sponsor.
- To manage and verify your account and the identity of users of the products.
- The server log files, to allow you unhindered and trouble-free access to our websites and to improve the security of our systems.
- To provide videos on the website.
- To respond to other support requests, to requests for product-related information, and to respond to feedback, survey data, and product reviews, including for product improvement purposes.
- To provide product testing or product demos.
- To market our products and events including sending you surveys about our products and your use of our products.
- To analyze your use of our products in order to operate, maintain, improve and create new products.
- For any other legal, business, or marketing purposes that are not inconsistent with the terms of this policy.
- To protect against, investigate and prevent fraudulent, unauthorized or unlawful acts against us, you and third parties.
Further, we process your data in order to inform you about our products and services by means of our newsletter or other information. Sending you such information is based on your consent.
In addition, we process your data to comply with statutory reporting requirements, court summonses, court decisions or other court orders.
When We Share Your Information
We share your personal data as necessary to complete any transaction or provide any product you have requested or authorized or otherwise fulfil your request, to inter alia Ivanti controlled affiliates and subsidiaries. We may share your information with our business partners, resellers, and subcontractors who use the information to fulfill product orders, process payments, develop and improve products, contact you about product orders or in connection with the performance, operation, and support of the products, perform marketing or consulting services, respond to your requests, or as otherwise appropriate for us to provide you with the products.
We may furthermore disclose your information to:
- Service providers who host or facilitate the delivery of online training, seminars, and webinars.
- Other technology providers and third parties that assist in the delivery of the products, marketing materials, technical support services, other products, or other information.
- Third parties who conduct data analytics.
- An acquiring company in the event of a merger, acquisition, or other sale of all or a portion of our assets.
Other than to the extent ordered by a bankruptcy court, any other legal authority, or as otherwise agreed to by you, the use and disclosure of all personal data transferred to a third party will be subject to this policy.
We may disclose your personal data in the following cases:
- When required by law, regulation, legal process, or other legal requirement
- When we believe that disclosure is necessary or appropriate to respond to an emergency
- To protect our rights, your safety or the safety of others
- To investigate fraud
- To comply with a judicial proceeding, subpoena, court order, law enforcement or government request, or national security requirements
- When you consent to such disclosure
When we share your information outside the EU:
Your personal data may be transferred to other countries including countries outside the EU and the EEA (the latter also referred to as “third countries”). These countries may apply privacy standards that are different from those of your place of residence. Please note that data processed in another country may be subject to different laws and may be accessible to the authorities, courts, law enforcement agencies and supervisory authorities of those countries.
A transfer to third countries will only take place if an adequate level of protection or appropriate safeguards for a secure level of protection are in place, e.g. in the form of standard contractual clauses or through certification under the EU-US Privacy Shield.
Legal Basis For Data Processing
We rely on a variety of legal reasons and permissions to process data. These legal reasons and permissions include when you have given your consent, as part of the performance of a contract, to comply with legal obligations, and for other legitimate interests.
Additional legimitate interest consists of:
- Optimising and increasing the visibility of our website.
- Increasing the attractiveness and usability of our services
- Enabling and promoting the use and sale of our products
- Conducting direct marketing activities and to inform you about our products and services. In doing so, we will also send you information that is appropriate to your interests, which we determine from the data available to us, e.g. from products you have used, events or other campaigns for which you have registered, as well as product interests indicated at registration.
Transmission of personal data takes place either on the basis of relevant agreements (e.g. for order processing), for the fulfilment of a contract or because of legitimate interests.
No Use by Children
Ivanti products are not intended for children. We do not knowingly collect information from children. Do not use our products or provide us any information unless you are capable of consent in your territory our country.
Managing Your Information
If you have previously signed up to receive emailed information about our products or special offers, and no longer wish to receive these communications, you may opt-out through the Subscription Center link included in each email.
If you register for an account on the Ivanti Community site, you will be listed in our publicly accessible member directory. If you do not wish to be listed in the directory, please do not register for an account. If you wish to close an existing account, please contact us to have your account closed.
If a third party has provided your personal data as part of a database, you should direct your requests to that third party.
Data Subject Rights
Upon request Ivanti will provide you with information about whether we hold any of your personal data. You can access, correct, update, or request deletion of your accounts or personal data by managing your account settings or by emailing us at: [email protected] At any time, you have the right
- of access
- to rectification
- to erasure
- to restriction of processing
- to data portability
- to object
- to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal
- to lodge a complaint with a supervisory authority
No Obligation to Provide Personal Data
In general: the provision of your personal data is voluntary. You are neither legally nor contractually obliged to do so. We do not contractually oblige you to provide us with personal data. Please note, however, that if you refuse to provide personal data, you may not be able to use all of our services.
Ivanti implements reasonable and appropriate technical and organizational measures to protect personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the personal information. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about our security, you can contact us at [email protected].
EU-U.S. and Swiss-U.S. Privacy Shield Frameworks
The Federal Trade Commission (“FTC”) has jurisdiction over our compliance with the Privacy Shield Principles. We are also subject to the investigatory and enforcement powers of FTC. We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security and/or law enforcement requirements.
In compliance with the Privacy Shield Principles, we commit to resolve complaints about your privacy and our collection or use of your personal information. European Union and/or Swiss individuals with inquiries or complaints regarding this Policy should first contact us at [email protected] or by postal mail at:
10377 South Jordan Gateway
South Jordan, UT 84095
We are further committed to refer unresolved Privacy Shield complaints to an alternative dispute resolution provider located in the United States. If you have an unresolved privacy or data use concern that you feel we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, you may invoke Privacy Shield Binding Arbitration when other dispute resolution procedures have been exhausted.
We comply with the Privacy Shield Principles for all onward transfers of personal data from the European Union and Switzerland to any third parties acting as an agent on its behalf. We are responsible under the Privacy Shield Principles for the actions of our agents who process personal information covered by this Policy in a manner inconsistent with the Privacy Shield Principles, except where we are not involved in the event giving rise to the damage.
Ivanti commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.
If you are a California resident, the California Consumer Protection Act (“CCPA”) requires specific disclosures to California residents. If you wish to request more information or inquire on exercising your rights under CCPA, please send an email to [email protected]. You may also submit a written request to us at:
10377 South Jordan Gateway
South Jordan, UT 84095
We reserve the right to modify this policy at any time. When we make only minor modifications, we may do so without notifying you. If we make changes to this policy that we believe materially impact the privacy of your personal data, we will notify you either by means of a notice on this website prior to the change becoming effective or by sending an email to the address specified in your account.
We encourage you to periodically review this page for the latest information on our privacy practices. The “Last Modified” date at the top of this policy will allow you to quickly know when the last changes were made.
Controller in the Meaning of the GDPR
10377 South Jordan Gateway
South Jordan, Utah 84095, USA
Email: [email protected]
Data Protection Officer
The data protection officer of the controller and other entities of Ivanti group can be contacted by email to [email protected] and by a postal mail to:
Group Data Protection Officer
10377 South Jordan Gateway
South Jordan, Utah 84095, USA
Contacting is possible in the respective local language.
GoldMine is a traditional desktop application. All information collected from the Google platform via IMAP/POP/SMTP is stored on the local customer-installed environment. There are 2 types of storage: one is Microsoft SQL Server and the other one is file storage. The physical location and securing connection between GoldMine and storage is owned by the GoldMine customer. GoldMine only provides different ways to configure it.
GoldMine accesses user data stored in the Google platform using secure hypertext (https) protocol by user-authorized access token for IMAP/POP and SMTP mail protocols.
GoldMine securely connects and authenticates to the Google platform using SSL/TLS for basic or OAuth2 authentication.
Google user data collected by GoldMine is used and shared between the application users configured, based on the customer’s requirements.