« Back

Trimble Connect

Appendix 1

Appendix 1: Processing Specification Form 1

Types of Personal Data Data Processing Activities and Purpose Categories of data subject affected
  • Name
  • Phone
  • Email
  • Location
  • Information
  • Online ID
  • User authentication
  • Application use
  • Sales and billing
  • Customer support
  • Entitlement management
  • Project location
  • Spatial data rendering
  • Social networking
  • Employees and Contractors of Enterprise customers
  • Application end-users

Appendix 2

Appendix 2: Technical and Organizational Security Measures

This Appendix describes the technical and organizational security measures and procedures that the Data Processor shall, as a minimum, maintain to protect the security of personal data created, collected, received, or otherwise obtained. Data Processor will keep documentation of technical and organizational measures identified below to facilitate audits and for the conservation of evidence.

Data Security

All communication with Trimble Connect occurs over HTTPS, ensuring communication is encrypted with TLS (SSL). All customer data is stored for high-availability and durability. Data generated within Trimble Connect is stored in secure databases which are backed-up daily. The Trimble Connect application security model prevents customer data cross-over and ensures complete customer data segregation and privacy.

Software Security

All code developed in-house or by third-parties is checked for security defects with a source code analysis tool. Production servers are regularly scanned for vulnerabilities.

Access Controls

Only authorized employees have access to servers and application data. Trimble Connect servers can only be accessed through secure encrypted channel connections using a VPN operated by Trimble Connect.

Account Security

Accounts for Trimble Connect are managed in a secure database stored outside of the Trimble Connect application. Additionally, passwords are stored as salted one-way hashes. Passwords themselves are never stored and never transmitted in plain text.

Appendix 3

Appendix 3: List of Third Party Sub-Processors

Sub-Processor Name Address Safeguards acc. to Art. 44 - 50 GDPR
Amazon Web Services, Inc 440 Terry Avenue N.
Seattle, WA 98109, USA
Data Processing Agreement;
Privacy Shield Certification
Freshworks, Inc 1250 Bayhill Drive, Suite 315
San Bruno, CA 94066, USA
Privacy Shield Certification
Google, Inc. 1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA
Privacy Shield Certification
Marketo, Inc. 901 Mariners Island
Boulevard, Suite 500,
San Mateo, CA, 94055, USA
Data Processing Agreement,
Privacy Shield Certification
The Rocket Science
Group LLC, dba as
Mailchimp
675 Ponce de Leon Ave NE,
Suite 5000,
Atlanta, GA,
30308, USA
Data Processing Agreement;
Privacy Shield Certification
Salesforce.com, Inc. The Landmark, 1 Market
Street, San Francisco, CA,
94105 USA
Privacy Shield Certification
SendGrid, Inc. 1801 California Street, Suite 500,
Denver, CO 80202, USA
Privacy Shield Certification
Sumo Logic, Inc. 305 Main Street, Redwood
City, CA 94063, USA
Privacy Shield Certification
Trimble Inc. 935 Stewart Drive
Sunnyvale, CA 94085 USA
Data Processing Agreement

Revised September 11, 2018