ManageEngine recognized in the 2024 Gartner® Magic Quadrant™ for Digital Experience Monitoring. Get the full report

OpManager GDPR-compliance 

This page explains how our product is GDPR compliant and how Personally Identifiable Information (PII) is handled across marketing, presales, sales, and support.

1. Product

We respect our users' rights to data privacy and collection. To ensure GDPR compliance, we have revised our privacy policy and our workflow to accommodate various features that ensure user privacy. 

Our commitment to your privacy

Any time OpManager collects data, the source information is maintained. Users can search for their PII in OpManager , so they can see where their data is being stored. We also provide an option to update, anonymize, and modify PII information in a common portal. 

Securing your data

OpManager provides a secure communication via HTTPS protocol and ensures a secure storage by encrypting PII before storing it in our databases or file systems. Highly sensitive data like API keys are encrypted and hidden. 

Role-based access control

With OpManager's User Management module, you can easily manage user accounts by assigning permissions to a set of users based on their roles and responsibilities. This way, users with fewer privileges will not be able to access admin options, which means only authorized users can access, alter, or delete personal data in the system.

Data erasure

If you choose to discontinue the use of OpManager, you can uninstall it or contact our support team.  You can export or backup necessary data from your database before uninstalling it.

Data audit

In OpManager, all actions are logged. Critical information like who logged into the product and edited the configurations/settings is audited.You can keep track of the changes made from the Audit Report. All Firewall Analyzer user actions such as add, delete and update are logged in the Audit Report.

Breach notification

As an on-premise solution, every critical detail in OpManager is stored in your enterprise's database. In accordance with the GDPR, whenever OpManager (a data processor) is impacted by a breach, you will be notified about it along with relevant fixes. Similarly:

  1. Any PII that you provide during evaluation, installation, or purchase will be used only in accordance with the Zoho Privacy Policy. 
  2. Based on your subscription, whenever a vulnerability or breach is detected in OpManager, you'll be notified about its impact along with suggested fixes.

Whenever you share your logs, only relevant data is collected, and no personal information is obtained without prior consent. 

2. Marketing

Data Collection

No data is collected without explicit consent and you have the complete liberty to unsubscribe to any or all of our notifications at any point of time.

Data Storage

All the data that is collected is stored in a centralized CRM and a creator form with a complete user trail on how the data has been consumed.The data in the creator form will be maintained for 2 months, post which it will be deleted. At any point if you choose to unsubscribe, we will stop sending you our promotional mailers but your data will be available in our CRM till two years. In case if you want to remove all your personal data, you can contact us and we will delete it from our CRM..

Lead Nurturing

We will notify you about new product versions, updates, and service packs, upcoming events, sales offers, and changes to our Privacy Policy after getting the consent for that specific product. At any point if you choose to unsubscribe, you will not receive any promotional material from our end. 

3. Support

Details including issues, feature requests and enhancements are stored in Zoho Desk and for future reference the same is stored for a period of 5 years. The email records of tickets raised are maintained in a central server for a period of 12 months. FTP logs uploaded are stored for a period of 3 days. No file or log is saved in the local disk and all files are cleaned up beyond the mentioned timelines.

4. Presales and Sales

Demo requests and contact details of potential leads are stored in a central CRM server. Post the demo, qualified leads are forwarded to the sales team using the CRM. At all points, any kind of user data is processed and stored in the central CRM with explicit proof of consent.

 
 Pricing  Get Quote