LogMeIn International Privacy Policy
<p>Last Updated on April 28, 2020</p>
<p>
<strong>Contents</strong>
</p>
<ul>
<li>Data Categories and Collection Purposes</li>
<li>How We Use Your Data</li>
<li>Analytics, Cookies and Other Web Site Technologies</li>
<li>Recipients</li>
<li>Data Retention</li>
<li>Cross-Border Data Transfers</li>
<li>Security</li>
<li>Changes</li>
<li>Children’s Privacy</li>
<li>Your Rights and Contacting LogMeIn</li>
</ul> Who We Are and Scope of this Privacy Policy
<p>We are the LogMeIn group of companies, when visiting our webpages from: (a) the European Union and/or European Economic Area, the primary controller shall be LogMeIn Ireland Unlimited Company, an Irish company headquartered at The Reflector, 10 Hanover Quay, Dublin 2, D02R573, Republic of Ireland.
and for (b) all other non-United States locations, the primary controller shall be the applicable LogMeIn affiliate identified here (in each case, referred to in this Privacy Policy as “LogMeIn,” “we” or similar pronouns).
Our Software-as-a-Service products ("Services") are used to simplify how people connect with each other and the world around them to drive meaningful interactions, deepen relationships, and create better outcomes for professionals and businesses.</p>
<p>In this Privacy Policy, we explain what personal data we collect from visitors to the LogMeIn websites and/or properties that link to this Privacy Policy (including our digital properties listed here) and how we use such personal data.</p>
<p>It is important to note that this Privacy Policy does not apply to any other data, such as any personal data that may be included in the files, documents, recordings, chat logs, transcripts, and similar data that we maintain on our customers’ behalf, as well as any other information our customers may upload to their LogMeIn account(s) in connection with their use of our Services (which we refer to as “Content” in our Terms of Service) or information gathered from other channels, such as publicly available sources.
For the avoidance of doubt, we process customer Content, including any personal data which may be included therein, solely for the purpose of providing and operating our Services to our customers and only in accordance with their written instructions, which typically take the form of our Terms of Service, a Data Processing Addendum and/or any similar written agreement between LogMeIn and our customer.</p>
<p>Our affiliates in other countries have posted additional privacy notices with different scopes, as required by law or where we believe appropriate for transparency purposes, which may be found here.</p>
Data Categories and Collection Purposes
<p>When you visit our website(s) and/or use our Services, you provide the following categories of personal data to us:</p>
<ul>
<li>
<strong>Customer Account and Registration Data</strong> is data you provide when you create your account with us, request support or technical assistance, or register for events, webinars, whitepapers and surveys, which typically includes first and last name, billing data, and a valid email address.
We need this data to provide the Services to you, to maintain and support your account, as well as to collect payment.
Legal basis for the processing of this data is our legitimate interest to do business with you, your employer or business and perform our contractual obligations under the applicable Services agreement.</li>
<li>
<strong>Service Data (including Session, Location and Usage data):</strong> When you visit our websites and use our Services, we receive data that you or others voluntarily enter, including on schedules and attendee lists, as well as data automatically logged by the website or Service, for example, duration of session, connections made, hardware, equipment and devices used, IP addresses, location, language settings, operating system used, unique device identifiers and other diagnostic data.
We need this information to provide, operate, and improve our Services.
We collect location-based data for the purpose of providing, operating, and supporting the service and for fraud prevention and security monitoring.
you can disable location data transmission on mobile devices at any time by disabling location services from the settings menu on your device.
Legal basis for the processing of this data is our legitimate interest to do business with you, your employer or business, or customers that use our Services to communicate with you and your business and perform our contractual obligations under the applicable Services agreement.</li>
</ul>
<p>We strive to limit the types and categories of personal data that is collected from, and processed on behalf of, our users to include only information which is necessary to achieve the purpose(s) for which it was collected and we do not use personal data for additional purpose(s) which are incompatible with their initial collection.
In other words, we have measures and policies in place designed to ensure that we only collect and process information from our users that we believe is necessary to operate and provide them with a world-class Service.</p>
<p>We also process your personal data to comply with applicable laws, including those of the European Union ("EU") and/or individual European Economic Area ("EEA") Member States and such compliance obligations are the legal basis for such processing.</p>
<p>If you grant consent to our placement of cookies or for us to contact you for marketing purposes, we may also use your personal data for marketing purposes and the legal basis for such processing is your consent.
We may also contact you under a legitimate business purpose (e.g., if you are a current subscriber to one of our Services).</p>
How We Use Your Data
<p>We use the data we collect from visitors to our websites to: (a) provide and operate our Services.
(b) address and respond to service, security, and customer support needs.
(c) detect, prevent, or otherwise address fraud, security, unlawful, or technical issues.
(d) comply with applicable laws and administrative requests, protect our rights, assert and defend against claims.
(e) fulfill contracts.
(f) maintain and improve our Services.
(g) provide analysis or valuable data back to our customers and users.
(h) assess the needs of your business to determine and promote other LogMeIn products which we believe may be helpful to you.
(i) provide product updates, marketing communications, and service data.
(j) conduct research and analysis for business planning and product development.
(k) display content based upon your interests.
and (l) to the extent permitted by law, we may combine, correct and enrich personal data that we receive from you with data about you from other sources, including publicly available databases or from third parties to update, expand and analyze our records, identify new prospects for marketing, and provide products and Services that may be of interest to you.</p>
Analytics, Cookies and Other Web Site Technologies
<p>We continuously improve our websites and Services through the use of first- and third-party cookies and other web analytics tools, which help us understand how our visitors use our websites, desktop tools, and mobile applications, what webpages, features and functions they like and dislike, and where they may have run into problems which need to be addressed.</p>
<p>
<strong>Google Analytics and Adobe Marketing Cloud</strong>
</p>
<p>We use Google Analytics as described in “How Google uses data when you use our partners' sites or apps.” You can prevent your data from being used by Google Analytics on our websites by installing the Google Analytics opt-out browser add-on here.
For enhanced privacy purposes, we also employ IP address masking, a technique used to truncate IP addresses collected by Google Analytics and store them in an abbreviated form to prevent them from being traced back to individual users.
Portions of our website may also use Google Analytics for Display Advertisers including DoubleClick or Dynamic Remarketing which provide interest-based ads based on your visit to this or other websites.
You can use Ads Settings to manage the Google ads you see and opt-out of interest-based ads.
We also use Adobe Marketing Cloud as described here.
You can similarly exercise your rights with respect to use of this data as described in the “Exercising Choice” section below.</p>
<p>Social Media: Many of our websites include social media features, such as Facebook, Google, and Twitter “share” buttons.
If you use these features they may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly – you can exercise your rights with respect to the use of this data as specified in the “Exercising Choice” section below.
These services will also authenticate your identity and provide you the option to share certain personal data with us such as your name and email address to pre-populate our sign-up form or provide feedback.
Your interactions with these features are governed by the Privacy Policy of the third-party company providing them.</p>
<p>
<strong>Exercising Choice</strong>
</p>
<p>We provide more information about the types and categories of cookies utilized, choices, and control over cookies and other web analytics tools via LogMeIn’s Cookie Consent Manager (available via the “Cookie Preferences” hyperlink at the bottom of this page) and/or the ability to exercise your rights as follows:</p>
<ul>
<li>If you wish to not have the information these technologies collect used for the purpose of serving you targeted ads, you may opt-out here (or here if located outside the EU).</li>
<li>The Help Menu on the menu bar of most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, and how to disable cookies altogether.</li>
<li>To manage Flash Cookies, please click here.</li>
</ul>
<p>You can still view our websites if you choose to set your browser to refuse all cookies.
however, you will need to keep certain cookies enabled to establish an account or to install the Services.</p>
Recipients
<p>Within our organization, we apply access controls to limit the recipients of personal data on a "need to know" basis.
Our customer support and technical staff, billing and finance personnel, and representatives of our legal and audit departments have access to your data as necessary for the legitimate purposes of our data processing.</p>
<p>We share your personal data: (a) with our affiliated companies and subsidiaries which are directly or indirectly owned by our parent entity, LogMeIn, Inc..
(b) at your direction, with separate, specific notice to you, or with your consent.
(c) with third-party service providers under appropriate confidentiality and data privacy obligations (only for the purposes identified in Section 3, “How We Use Your Data”).
(d) in connection with a merger, divestiture, acquisition, reorganization, restructuring, financing transaction or sale of assets pertaining to a business line.
and (e) as required by law or administrative order, to assert claims or rights, or to defend against legal claims.</p>
<p>To the extent LogMeIn uses its affiliates or third-party providers in the provision and operation of its Services and processing of any Content, including any personal data therein, it discloses those parties in the applicable Affiliate and/or Sub-processor Disclosure in its Trust &.
Privacy Center (see the “Product Resources” Section).</p>
Data Retention
<p>We keep your personal data in a form which permits identification for no longer than needed for the business purposes for which it was collected or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Personal data processed in the context of a contract with you will be retained by us for the term of the contract and for a reasonable time afterwards as might be required to determine and settle any related claims.
Where our processing of your personal data is based on legitimate interests or compliance with legal obligations, it will be deleted as soon as the applicable underlying purpose has expired.
Personal data processed based on your consent will be deleted if and when you withdraw such consent.
Unless requested sooner or a shorter retention period is defined in the applicable Security and Privacy Operational Controls (“SPOC”), your account will be deleted or anonymized no later than twenty-four (24) months from the date of Service termination, expiration, or non-use.
For specific details on data retention periods for your account, as well as the information LogMeIn maintains on your behalf, consult Section 5 of the applicable Service or suite-specific SPOC documentation located at LogMeIn’s Trust &.
Privacy Center (see the “Product Resources” section).</p>
Cross Border Data Transfers
<p>Your personal data may be transferred to and/or accessible globally by LogMeIn’s affiliated and unaffiliated service providers, including in countries where we operate and countries outside of the EU/EEA in which the level of data protection may not be as high as within the EU/EEA. In all cases, LogMeIn complies with applicable legal requirements and provides an adequate level of data protection regardless of where the data are transferred to or accessed.
LogMeIn also ensures that data processing is conducted in accordance with applicable data protection laws.
With respect to transfers of personal data outside of your applicable jurisdiction, LogMeIn has implemented a number of legally supported transfer mechanisms (e.g., standard contractual clauses) to ensure an adequate level of data protection.
Below are some of the ways in which LogMeIn may transfer personal data lawfully in the relevant jurisdiction:</p>
<p>
<strong>EU-U.S.
and Swiss-U.S.
Privacy Shield</strong>
</p>
<p>The United States are subject to a qualified adequacy decision by the EU Commission finding them to provide an adequate level of protection of personal data with respect to companies that participate in the EU-U.S.
Privacy Shield Framework.
Our parent company in the United States, LogMeIn, Inc.
(and its applicable U.S.-based affiliates), supports us with data processing services, participates in, and has self-certified to the EU-U.S.
and Swiss-U.S.
Privacy Shield with respect to customer data, as further explained in its Privacy Shield Notice.</p>
<p>Where we share personal data with affiliated or unaffiliated services providers that do not participate in the EU-U.S.
and/or Swiss-U.S.
Privacy Shield Program, we protect personal data pertaining to persons in the EEA with data processing and data transfer agreements incorporating the EU Standard Contractual Clauses or implement other appropriate safeguards with the respective recipients of your personal data outside the EU/EEA.</p>
<p>
<strong>APEC Cross Border Privacy Rules System</strong>
</p>
<p>LogMeIn's global privacy program, as described in this Privacy Policy, complies with the Asia Pacific Economic Cooperation ("APEC") Cross-Border Privacy Rules System ("CBPRs").
The APEC CBPR system provides a framework for organizations to ensure protection of personal data transferred among participating APEC economies, members (or citizens) of which may be contracting with LogMeIn through LogMeIn Ireland Unlimited Company or its affiliates.
More information about the APEC Privacy Framework and CBPRs can be found here.
Our certification applies to our business processes across our global operations that process and transfer personal data to/from our affiliates around the world.
To view our certification, please visit the validation page by clicking on the TRUSTe seal.</p>
<p>To learn more about how LogMeIn protects personal data, review and execute appropriate data processing addendums (where relevant), as well as review locations where LogMeIn may process your personal data through its affiliated companies or third-party subprocessors (when LogMeIn acts as a data processor, service provider, and/or the applicable legal equivalent), please visit the Product Resources section of the LogMeIn Trust &.
Privacy Center.</p>
Security
<p>LogMeIn has implemented a comprehensive data privacy and security program which includes appropriate technical and organizational measures designed to safeguard and protect the personal, identifiable, and/or confidential information we collect or you share with us.
LogMeIn’s operations, on a product and/or suite-specific basis, have been assessed by independent third-party auditors against recognized security standards and controls, including SOC2 Type II, BSI C5, SOC3, and ISO 27001.</p>
<p>To learn about LogMeIn’s Service-specific security and privacy measures and certifications, please visit the Trust &.
Privacy Center (see the “Product Resources” section).</p>
Changes
<p>We update this Privacy Policy from time to time to reflect changes to our personal data handling practices or respond to new legal requirements and will post updates here.
However, if we make any material changes that have a substantive and adverse impact on your privacy, we will provide notice on this website and additionally notify you by email (sent to the e-mail address specified in your account) for your approval prior to the change becoming effective.
We encourage you to periodically review this page for the latest information on our privacy practices.</p>
Children’s Privacy
<p>LogMeIn’s webpages are intended for general audiences – we do not seek through our sites to gather personal data from or about persons that are minors (i.e., not the age of majority).
If you inform us or we otherwise become aware that we have unintentionally received personal data from a minor, we will delete this information from our records.</p>
Your Rights and Contacting LogMeIn
<p>Subject to conditions specified by applicable law, persons have the right to: (i) inquire whether and what kind of personal data we hold about you and how it is processed, and to access or request copies of such personal data.
(ii) request the correction or supplementation of personal data about you that is inaccurate, incomplete or out-of-date in light of the purposes underlying the processing.
or to (iii) obtain the erasure of personal data no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, processed for legitimate interests that, in the context of your objection, do not prove to be compelling or necessary for the establishment, exercise or defense of legal claims, or processed in non‑compliance with applicable legal requirements.
In addition, you have, subject to the conditions set out in applicable law and without limitation, the rights to: (iv) request us to restrict the processing of personal data in certain situations where you feel its processing is inappropriate.
(v) object, on grounds relating to your particular situation or where your personal data is used for direct marketing purposes, to the processing of personal data for legitimate interests.
and to (vi) request portability of personal data that you have provided to us, where the processing of such personal data is based on consent or a contract with you and is carried out by automated means.
In case of concerns, you also have the right to lodge a complaint with a supervisory authority having appropriate jurisdiction.
If you have questions or requests relating to our privacy practices and this Privacy Policy or would like to exercise the above mentioned rights of access, rectification, erasure, restriction, objection and data portability, you may contact us at https://support.logmeininc.com/contactus, which allows you to make a request online or through a phone call and/or via e-mail at privacy@logmein.com.
We will respond to your request as required by applicable law, but in any regard within (30) days.</p>
<p>Please note that for personal data about you that we have obtained or received for processing on behalf of a separate, unaffiliated entity – which determined the means and purposes of processing, all such requests should be made to that entity directly.
We will honor and support any instructions they provide us with respect to your personal information.</p>
<p>If you wish to no longer receive marketing communications from us, you can opt-out of marketing by clicking on the unsubscribe link on any marketing email you receive, or at https://lp.logmeininc.com/unsubscribe.</p>
<p>If you have any other questions about this policy please contact the LogMeIn Privacy Team, call us at the applicable support number here, or write to us via postal mail at: Attn: Legal and Privacy Team, LogMeIn, The Reflector, 10 Hanover Quay, Dublin 2, D02R573, Republic of Ireland.
To reach our Global Customer Support department, you may contact us here.</p>
<p>You can additionally contact our Data Protection and/or Privacy Officer(s) by sending an e-mail to privacy@logmein.com or via postal address (at the address above), please mark the envelope, “Data Protection Officer, c/o LogMeIn Legal.”</p>
<p>If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may also contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.</p>