« Back

Trimble Connect

Appendix 1

Appendix 1: Processing Specification Form 1

Types of Personal Data Data Processing Activities and Purpose Categories of data subject affected
  • Name
  • Phone
  • Email
  • Location
  • Information
  • Online ID
  • Language Preference
  • User authentication
  • Application use
  • Sales and billing
  • Customer support
  • Entitlement management
  • Project location
  • Spatial data rendering
  • Social networking
  • Employees and Contractors of Enterprise customers
  • Application end-users
 

Appendix 2

Appendix 2: Technical and Organizational Security Measures

This Appendix describes the technical and organizational security measures and procedures that the Data Processor shall, as a minimum, maintain to protect the security of personal data created, collected, received, or otherwise obtained. Data Processor will keep documentation of technical and organizational measures identified below to facilitate audits and for the conservation of evidence.

Data Security

All communication with Trimble Connect occurs over HTTPS, ensuring communication is encrypted with TLS (SSL). All customer data is stored for high-availability and durability. Data generated within Trimble Connect is stored in secure databases which are backed-up daily. The Trimble Connect application security model prevents customer data cross-over and ensures complete customer data segregation and privacy.

Software Security

All code developed in-house or by third-parties is checked for security defects with a source code analysis tool. Production servers are regularly scanned for vulnerabilities.

Access Controls

Only authorized employees have access to servers and application data. Trimble Connect servers can only be accessed through secure encrypted channel connections using a VPN operated by Trimble Connect.

Account Security

Accounts for Trimble Connect are managed in a secure database stored outside of the Trimble Connect application. Additionally, passwords are stored as salted one-way hashes. Passwords themselves are never stored and never transmitted in plain text.

Appendix 3

Appendix 3: List of Third Party Sub-Processors

Sub-Processor Name Address Safeguards acc. to Art. 44 - 50 GDPR
Amazon Web Services, Inc 440 Terry Avenue N.
Seattle, WA 98109, USA
Data Processing Agreement
Marketo, Inc. 901 Mariners Island
Boulevard, Suite 500,
San Mateo, CA, 94055, USA
Data Processing Agreement
Trimble Inc. 935 Stewart Drive
Sunnyvale, CA 94085 USA
Data Processing Agreement
   

Revised August 26, 2020