TeamViewer Data Privacy Commitment

On 25 May 2018, the EU General Data Protection Regulation (GDPR) came into force, reflecting the importance of data protection in our increasingly digital world. TeamViewer is a global organisation and for us it is important that the personal information of our customers and our own people is handled in accordance with GDPR.

The new regulation replaces the existing patchwork of directives and national legislation and brings a degree of long-anticipated consistency to the data protection landscape in Europe. This is setting the benchmark for other regions and many countries are following suit with equivalent arrangements. GDPR embodies the well-recognized privacy principles of transparency, fairness, and accountability. GDPR also seeks to introduce a risk-based approach that enables innovation and participation in the global digital economy while respecting individual rights.

In our view, the digital economy can only flourish when you connect people, process, information and devices in an ethical, meaningful and secure way. That includes creating an environment in which everyone can easily do business and know their data is safeguarded. We are committed to helping our customers and partners by protecting and respecting personal data, no matter where it is from or where it flows.

What has Teamviewer done to be GDPR-ready?

______

As part of our continuous focus on information security and data privacy our GDPR Readiness activities were delivered through a managed programme of activities in the following areas:

Privacy by Design

Integrating data protection, privacy, and security requirements into product design and development methodologies. Embedding privacy requirements in the development cycle from ideation to launch, to validation. In short, we use privacy engineering techniques to evaluate and build better offerings to turn privacy by design policies into actions and tangible improvements.

Third party management

Ensuring that TeamViewer’s valued partners and suppliers are best able to meet their obligations with respect to data privacy and establishing transparent arrangements through appropriate information sharing agreements. When we work with new suppliers or with long-established strategic partners we look to apply industry-leading standards that safeguard personal information.

Policies and procedures

Reviewing standards and processes to define the personal information lifecycle and help ensure data transparency, accuracy, accessibility, completeness, security, and consistency. Our Privacy Policy reflecting GDPR requirements sets the context for how we obtain, store and use information relating to our customers and our own people.

Information Security

Reviewing and improving our enterprise-wide information security framework, ensuring that incident response process remains effective and that confidentiality, integrity, and availability of personal information is assured through appropriate technical and organizational measures

Information Governance

Mapping our data and identifying what we have, what we are doing with it, where it is, where it flows, and who has access to it. We classify data based on risk and sensitivity in context. The risk classification is based on data and person perspectives. This allows us to focus on the outcome and purpose of processing, leadíng to a more holistic risk profile and helping us inform our customers.

Further information

____

As part of our GDPR Readiness activities and as required by the regulations we have updated our analysis of processing activities as part of our continuous review of how personal information is handled across our business operations, products, and services. Our customers have been updated with key information including:

  • Privacy Policy for our products and services
  • Refinements to our End User Licence Agreement and consent mechanisms
  • Mechanisms by which subject access requests can be made in a secure manner
  • Details of TeamViewer products explaining how we meet our obligations with respect to GDPR and also wider information security requirements
  • A set of FAQ to answer the most common questions about TeamViewer and GDPR.

Our data protection governance arrangements and privacy mindset ensure that our operations are subject to continuous review to maintain alignment with GDPR. As we introduce new products and services, the information provided here will, therefore, be updated periodically.

If you require further information relating to TeamViewer and GDPR, please contact us at this email address: privacy@teamviewer.com

FAQs

________

Need a quick answer to one of your TeamViewer questions? Here you go.

Our GDPR Readiness project has ensured that we meet our obligations relating to data protection as the new regulations came into force

• TeamViewer’s preparations ahead of GDPR coming into force were undertaken as a joint project with TeamViewer subject experts supported by external business, technical and legal advisors with practical experience in data protection and wider security aspects
• From the viewpoint of our customers, we are proud of the security measures that we already have in place and we did not need to make any significant changes as a result of our GDPR readiness preparations
• TeamViewer class-leading products and services will operate as usual and we will ensure that our customers benefit from our attention to security and data protection
• There is no accredited third-party certification for GDPR at present. This may change in the future for example, the European Commission may take forward a “Data Protection Seal”. TeamViewer will keep watch on developments in this area.

TeamViewer is based in the EU and our products make use of industry-standard hosting providers operating in Western Europe

• As part of our GDPR Readiness activities and as required by the regulations we have updated our records of processing activities as part of our continuous review of how personal information is handled across our business operations, products and services
• Our data protection governance arrangements and privacy mindset ensure that our operations are subject to continuous review to maintain alignment with GDPR as we introduce new products and services
• Our Third-party service providers operate under the same regulatory regimes and we select and manage industry standard suppliers to ensure that we can deliver the best products and services

• We provide secure online self-service access to account information for our customers via the Management Console and user profile functionality in our products
• If you need further information additional to that available through our online channels our customers can contact TeamViewer Customer Satisfaction who will be pleased to assist with general enquiries on TeamViewer functionality
• If you have a specific request for personal information please submit this request using datarequest@teamviewer.com
• We will need to authenticate your identity to ensure we handle any request securely
• Existing legislation and GDPR require organizations to respond to data subject access requests, TeamViewer is able to assist our customers to handle requests from their data subject.

We have completed a review of how our products handle personal information. User experience has not changed in TeamViewer products as a result of GDPR requirements.

• TeamViewer EULA and Privacy Notices have been updated to align with the requirements of GDPR
• Users have been informed via email and through GDPR articles on the TeamViewer community & KnowledgeBase and will be kept up to date as part of our regular communication via email and Newsletter
• Where users have consented to receiving material such as the TeamViewer Newsletter, we already provide the ability to change or withdraw consent, for example adapting the frequency of newsletter or unsubscribing
• As part of the ongoing evolution of the TeamViewer products, we will continue to review the business purpose for using personal information. As such there may be future changes to Privacy Notices and potentially consent aspects, which will be notified to our customers.

A Data Processing agreement has been provided as an addition to our EULA and for many customers, this will be sufficient.

• Should a commercial customer additionally require a dedicated Data Processing Agreement/Addendum, TeamViewer can provide a suitable signed template.

The Information Lifecycle

_______

This is how we protect your data

1. Obtain
Person Information

  • We only use personal data when necessary & lawful
  • We notify the person when collecting their data in person or via 3rd Party
  • We request consent if required

2. Hold
Person Information

  • We only store personal data that must be used ongoing throughout the process
  • We secure the data with encryption, access control, anonymization or obfuscation
  • We keep the information up to date

3. Use
Person Information

  • We check there is a lawful purpose
  • We use in line with consent provided
  • We suspend processing for individual’s data
  • We track which data is shared with others

4. Delete
Person Information

  • We identify data for retention
  • We know when retention periods end
  • We securely delete data that is no longer needed

TeamViewer – Security-Focussed Training Videos

Learn how to stay at the cutting edge of IT security with TeamViewer

Privacy policy updates and contract changes

The following terms will supplement your current contract with TeamViewer. The updated EULA, website- and product policies can be found linked below.

Get exclusive deals and the latest news Newsletter Subscription