Cloud Access Manager
Privacy Statement
Last Revised: August 2019
This privacy statement applies to the collection, use, processing and disclosure of personal information and other information in connection with our Cloud Access Manager (CAM) service. Our privacy statement for our other services and activities may be found at https://www.teradici.com/privacy-policy.
Teradici Corporation and its affiliates and subsidiaries (‘Teradici’, ‘we’, ‘us’ or ‘our’) provide this privacy statement to inform you of our practices regarding our collection, use, processing and disclosure of information about you in connection with our CAM service, including information that you provide to us or that we collect through the CAM service and other sources.
Teradici CAS (CAS) is a Teradici product that can be installed by a Teradici customer on a public or private cloud to deliver remote access to workstations for our customer’s end users. Our CAM services manage those CAS deployments in the cloud by brokering PCoIP connections to user workstations, and by providing other related services.
Our customers are usually organizations. The personal information we collect relates to: (1) individuals who are administrators authorized by our customer to register for or to use the CAM service (‘administrators’); and (2) individuals who are end users authorized by our customer to use other Teradici products and services that are managed by the CAM service (‘end users’).
Before using the CAM service or other Teradici products and services that are managed by the CAM service, please review this privacy statement carefully. By registering for or using the CAM service or other Teradici products and services that are managed by the CAM service, you consent to our collecting, using, processing and disclosing your information in accordance with this privacy statement, as revised from time to time. If you provide us with the information of another individual (such as by providing that individual’s business contact information), you represent that the individual has consented to our collecting, using, processing and disclosing that individual’s information in accordance with this privacy statement, as revised from time to time.
You may withdraw your consent at any time by contacting us in the manner described below, but (1) if you are an administrator and you withdraw your consent, then you will not be able to continue to act as an administrator; and (2) if you are an end user and you withdraw your consent, then you will not be able to benefit from some of the services that are provided by the CAM service.
What’s in this Privacy Statement?
How We Use the Information We Collect
Accessing and Updating Your Personal Information
Changes to this Privacy Statement
Additional Information for Residents of Europe
The Information We Collect
We may collect information about you in connection with your use of the CAM service or your use of other Teradici products and services that are managed by the CAM service, including the types of information described below. Some of the information we collect may be personal information.
We may collect information directly from you, from an administrator, from your use of the CAM service, or from your use of other Teradici products and services that are managed by the CAM service. We may also collect information about you from our customer or its affiliates, subsidiaries or service providers.
We may collect personal information and other information when an administrator registers for the CAM service or updates the customer’s account information, when an administrator entitles an end user, when you subscribe to receive our communications, when you respond to surveys and questionnaires, when you rate or review our CAM service, when you contact us with questions or comments, when you connect with us through social networks, and when you participate in our online forums, promotions and social media platforms.
The information we collect may include business contact and account information such as your full name, username, email address, telephone number, physical or billing mail addresses, and other information.
To manage your Public Cloud resources and provide certain features of the CAM service, we utilize your specified Public Cloud Service Principal, Service Account and/or Domain Services account with the minimum required privileges. This information is required to allow the CAM service to connect with your Public Cloud Provider(s) to create, manage, and delete virtual machine resources in your deployment.
In order to provide, manage and support the CAM service, the CAM service accesses log files generated by components being managed by the CAM service. These log files may contain personal information and other information, such as virtual machine identifiers, Internet Protocol (IP) addresses, end user identifiers (such as username), general location from IP address, licensing information, and other operational information useful for the provision, management and support of the CAM service. All information collected by log files is visible to a customer administrator. An administrator can also configure the CAM service so that log files relating to a particular end user will be visible to that end user.
The log files include the following:
- Session log files and Windows event log files from remote Windows workstations. These log files can be viewed on the deployed virtual workstations at %programdata%\Teradici\PCoIPAgent\logs.
- Session log files from remote Linux workstations. These log files can be viewed on the deployed virtual workstations at /var/log/pcoip-agent/.
- Cloud Access Connector log files. These log files can be viewed by ssh into the Cloud Access Connector and executing “sudo docker service logs [service]” where [service] is:
- connector_activedirectorysync
- connector_brokerexternal
- connector_brokerinternal
- connector_cm
- connector_cmsg
- connector_Connectorgateway
- connector_healthcheck
- connector_managementinterface
- connector_sumologic
In early deployments of Cloud Access Manager and Connection Server, log files include the following:
- Connection Manager and Security Gateway log files. These log files can be viewed at /var/log/Teradici/ConnectionManager and /var/log/Teradici/SecurityGateway.
- Connection Server and Cloud Access Manager log files. These can be viewed through the CAM Management Interface GUI and directly from the Connection Server logs at \WindowsAzure\Logs, \tomcat\apache-tomcat-**\CAMBroker\logs and \tomcat\apache-tomcat-**\logs\admin.
We do not collect payment card information. If you make an online payment using a payment card, such as a credit card or debit card, you are connected directly to our online payment processing service provider and your payment card information is collected and processed by that service provider.
We do not collect administrator or End User authentication information within our customer’s domain. This authentication information is not available to the CAM service. When administrators log on, the system connection is passed to the selected Identity Provider which can be either Microsoft AAD or Google G Suite, and authentication is performed by the selected Identity Provider. End User authentication is performed within the customer’s deployment and is not performed within the CAM service. The CAM service does however keep track of End User names in order to manage entitlement to workstation resources.
The CAM service uses cookies to collect information about how an administrator interacts with the CAM service website, allows us to remember you and to store your authorization into the CAM service. We do not collect any personally identifiable information about the administrator in these cookies.
We do not intend to collect any sensitive personal information from you, such as race, gender, ethnic origin, political opinions, religious beliefs, philosophical beliefs, trade union membership, genetic data, biometric data, health data, data concerning a natural person's sex life, or sexual orientation. Please do not provide any sensitive personal information to us. We do not need sensitive personal information to provide the CAM service.
How We Use the Information We Collect
We use the information we collect in a variety of ways in providing the CAM service. We may use the information we collect about you for purposes such as to:
- provide, manage and support the CAM service and products managed by the CAM service
- monitor the performance of the CAM service and products managed by the CAM service
- diagnose problems with the CAM service and products managed by the CAM service
- tailor the CAM service and products managed by the CAM service to your usage and preferences
- administer the CAM service
- administer the customer’s account and communicate with you about the account
- respond to your questions and concerns
- communicate with you about the CAM service and products managed by the CAM service
- conduct research and analysis relating to the CAM service and our other products and services
- enforce the terms of the agreements for the CAM service and for our other products and services, or otherwise manage our business
We may use the information we collect to provide targeted advertising of Teradici products and services. We do not use the information we collect to provide advertising of third party products and services.
When We Disclose Information
We may disclose your information to our customer. If you are an End User, we may disclose your information to an administrator.
We rely on third party service providers to perform a variety of services on our behalf, such as service providers that enable certain features on the CAM service platform, service providers that assist us to maintain the security and integrity of the CAM service data, service providers that collect and process our service logs, e-commerce providers, payment card processers, technical support providers, and research and analytics providers.
We may disclose your information to these service providers. However, we require our service providers to maintain the confidentiality of your personal information and to keep your personal information securely. We require that our service providers only use your personal information for the limited purposes for which it is provided. When our service providers no longer need your personal information for those limited purposes, we require that they dispose of the personal information. In some circumstances, we may permit our service providers to retain aggregated, anonymized or statistical information that does not identify you. We do not authorize the service providers to disclose your personal information to unauthorized parties or to use your personal information for their direct marketing purposes. If you would like more information about our service providers, please contact us using the methods listed below under “Contact Us”.
Additionally, we may use and disclose your information when we believe such use or disclosure is permitted, necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce the terms of the agreements for the CAM service and for our other products and services; (e) to protect our operations or those of any of our affiliates or subsidiaries; (f) to protect our rights, privacy, safety or property, and/or those of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain. In addition, we may transfer your personal information and your other information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, brands, affiliates, subsidiaries or other assets.
We may share aggregated, anonymized or statistical information that does not identify you with third parties. We may share this information for a variety of purposes such as, for example, improving our CAM service and our other products and services.
We may offer community features and interactive forums. When you participate in such offerings, your username, postings and other personal information you choose to provide or communicate in these public spaces may be seen by others. You should exercise caution when disclosing such information and realize that the information you post could remain viewable in cached or archived webpages or copied and stored by other users even after you remove it. We cannot control the actions of other users of our CAM service, and we are not responsible for the results of your postings.
Accessing and Updating Your Personal Information
At your request, can confirm what personal information we hold about you and how it is processed.
If you are an administrator and would like to access or update the personal information you have provided to us in connection with the customer registration, you can access the customer’s account on the CAM service and make changes or corrections to that personal information.
You may also contact us using the methods described below under “Contact Us” to request access to or to update your personal information. We will try to comply with your request as soon as reasonably practicable. You may be required to provide government issued identification acceptable to us in order to access or update your personal information.
We use reasonable efforts to seek to keep personal information as accurate, complete and up-to-date as necessary. However, it is your responsibility to update us as to any changes that are needed to your information.
We do not keep your information for longer than is reasonably necessary. We will retain your information as long as the customer’s account is active and for the period necessary to provide the CAM service and to fulfill the purposes outlined in this privacy statement, unless a longer retention period is required by law. We may also retain your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may also retain aggregated, anonymized or statistical information that does not identify you.
Opting Out of Communications
If you no longer want to receive marketing-related emails from us, you may opt-out of receiving marketing-related emails by clicking the “unsubscribe” link at the bottom of any email you receive from us, or, if you created an online account when you registered to receive our emails, you may log-in to your account and make changes to your communication preferences. If you are having difficulty unsubscribing from our marketing communications using the above methods, please contact us directly using the methods listed below under “Contact Us”.
Please allow ample time for us to process your request. However, please note that even if you opt-out from receiving marketing emails, we may still need to send you communications about the CAM service, your account, and other matters.
It may be a condition of a trial license that you consent to receiving marketing related emails from us. If you have a trial license and you opt-out of receiving marketing-related emails, then we may terminate the trial license.
Information Security
We use commercially reasonable organizational, technical and administrative means intended to protect stored and transmitted information from loss, misuse, unauthorized access or disclosure. For example, we encrypt the transmission of information within the CAM service using secure socket layer (SSL) technology. Data at rest that is stored within the CAM service is encrypted and protected by firewalls. Access to your information is limited to only those Teradici employees who need to know that information for the purposes described in this privacy statement. The CAM service is provided on both the Microsoft Azure and Google Cloud platforms. Both cloud platforms use additional means to protect information on their platforms from loss, misuse, unauthorized access or disclosure. Additional information on the Microsoft Azure privacy and security measures is available at https://www.microsoft.com/en-us/TrustCenter/CloudServices/Azure/default.aspx. Additional information on the Google Cloud privacy and security measures is available at https://cloud.google.com/security.
However, no method of information transmission or information storage is 100% secure or error-free, so we unfortunately cannot guarantee absolute security. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any information that you provided to us has been compromised), please contact us immediately using the methods listed below under “Contact Us”.
Children Under the Age of 16
Our CAM service is not intended for children under the age of 16 and we do not knowingly collect personal information from children under the age of 16. Children under the age of 16 should not use our CAM service and should not provide their personal information to us.
Cross-Border Transfers
Because we operate globally, your personal information may be stored and processed in any country where we have facilities or in which we engage service providers. By using our CAM service, you consent to the transfer of information to countries outside your country of residence, including Canada and the United States. Those countries may have different personal information protection rules than in your country. While such information is stored or processed in any country, it is subject to the laws of that country, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of that country, pursuant to the laws of that country.
Changes to this Privacy Statement
We will update this privacy statement from time to time to reflect changes to our practices, technology, legal requirements and other factors. Please check the “Last Revised” legend at the top of this page to see when this privacy statement was last revised. When changes are made to this privacy statement they will become immediately effective when published in a revised privacy statement posted on this page unless otherwise noted. Your use of our CAM service following these changes indicates your consent to the practices described in the revised privacy statement. We encourage you to check back periodically to see if there have been any changes to this privacy statement.
Contact Us
If you have any questions or complaints related to this privacy statement or personal information we have collected about you, please contact our Privacy Officer by email at: privacy@teradici.com or by mail at Teradici Corporation, 4601 Canada Way, Suite 301, Burnaby, BC V5G 4X7, Canada, attention Privacy Officer, or by phone at 604-451-5800.
If you have any questions or complaints or comments about the CAM service, our company, or our other products and services, or if you have other customer service needs, please do not contact our Privacy Officer. Please contact your sales representative or Teradici Global Support Services.
_____________________________________________________________________________________
Additional Information for Residents of Europe
This part of this privacy statement provides additional information for individuals who reside in a jurisdiction governed by the European Union’s General Data Protection Regulation (GDPR).
Personal Data
Under the GDPR, personal data is defined as:
“any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”
The term ‘personal information’ used in this privacy statement is approximately equivalent to the term ‘personal data’ under the GDPR.
Data Controller
Under the GDPR, a ‘data controller’ is a person which, alone or jointly with others, determines the purposes and means of the processing of personal data. In respect of personal data collected in relation to the CAM service, we are the data controller unless we and the customer have agreed that the customer is the data controller and that we are a processor processing personal data on the customer’s behalf.
Legal Basis
Processing the personal data is necessary for us to comply with our legal obligation to provide the CAM service to our customer.
Your Rights as a Data Subject
Under the GDPR, you may be entitled to additional rights, including: (a) the right to withdraw consent to processing at any time, where consent is the basis of processing; (b) the right to request from the data controller access to and rectification or erasure of personal data, under certain conditions; (c) the right to request from the data controller restriction of the processing of personal data or to object to data processing, under certain conditions; (d) the right to request from the data controller, data portability concerning personal data that you provided to the data controller, under certain conditions; and (e) the right to lodge a complaint with data protection authorities.
Additional information about your rights under the GDPR is available at the European Commission’s page on Data Protection.[1]
Transfers of Personal Data
If you reside in a jurisdiction governed by the GDPR, we will not transfer your personal data to another jurisdiction unless permitted to do so under the GDPR. Your personal data may be transferred to our locations in Canada, and the European Commission has determined that Canada has adequate safeguards under the GDPR. Your personal data may be transferred to our service providers located in Canada or the United States. We only use US service providers who are participants in the EU - US Privacy Shield, or who have entered into standard contractual clauses with us, or who otherwise qualify under the GDPR to receive transfers of personal data. If you would like more information about our service providers, please contact us using the methods listed above under “Contact Us”.
[1] A link to http://ec.europa.eu/justice/data-protection/index_en.htm