SolarWinds Privacy and GDPR (FAQ)
What is GDPR and what is SolarWinds doing to comply?
The European Union (EU) General Data Protection Regulation (GDPR), enforceable as of May 25, 2018, imposes additional requirements upon companies to strengthen the security around and enhance the protection of personal data of EU residents. SolarWinds has a dedicated, cross-functional team overseeing SolarWinds’ GDPR readiness. We discuss SolarWinds’ efforts and commitment to GDPR in the SolarWinds MSP GDPR Resource Center.
What’s changing with SolarWinds’ Software Services Agreement, End User License Agreement, and Privacy Notice?
As part of our commitment to GDPR, SolarWinds has released an updated SolarWinds Software Services Agreement (SSA), an End User License Agreement (EULA) as well as its Privacy Notice. The SSA is to be used with all of our software services, and the EULA is used in association with our on-premises software products. Our new SSA, EULA, and Privacy Notice are more user-friendly and address updates in various data regulations (including GDPR).
Here are some of the things that are new to the SSA and the Privacy Notice:
Software Services Agreement – For our customers’ convenience and a better customer experience, we have created a unified SSA for the SolarWinds entities, SolarWinds MSP Canada ULC and SolarWinds MSP UK. Additionally, we have updated our SSA to prepare for GDPR.
End User License Agreement – For on-premises products, we have updated our EULA to prepare for GDPR.
Privacy Notice – We’ve provided greater transparency in our Privacy Notice so that you can better understand what information we collect from you, why we collect it, how we use and store it, and when and with whom we share it. Our Privacy Notice has been updated to address GDPR and explain how you can exercise your rights under GDPR.
These changes make it easier to understand how SolarWinds collects, uses, and discloses personal data as well as the choices that you have in that regard. We have added more information about how we process personal data that is subject to GDPR and how you can exercise your rights thereunder. Our Email Preference Center allows you to control the types of marketing mailings you receive from us.
SolarWinds encourages you to review the SSA and Privacy Notice in full.
Does SolarWinds process personal data?
Yes. We process personal data to provide our products and services to you, and for other purposes as outlined in our Privacy Notice.
How does SolarWinds handle transfers of personal data outside of the EU?
To help safeguard your personal data when it leaves the EU, SolarWinds has committed to uphold, and has applied for certification under the EU-US Privacy Shield. This means that if we process your personal data in the US, we may only process your personal data in accordance with the Privacy Shield principles, which is further outlined in our Privacy Notice.
For On-Premises Products
Please note, the on-premises software products purchased from SolarWinds are used within our customers’ infrastructure/environment, behind their firewall. By keeping software and data related thereto on the customer’s infrastructure, it is our customer who decides what, how, where, and under which conditions data is stored and protected.
For SaaS Software Products
In addition to our Privacy Shield certification, SolarWinds has published its Data Processing Addendum, where SolarWinds is a processor of personal data, which also shall meet GDPR obligations with respect to processing of EU personal data outside of the European Economic Area and Switzerland. The Data Processing Addendum shall be effective upon provision of the duly executed copy to [email protected].
Please note, as we are a global organization, we will transfer your personal data globally in accordance with our Privacy Notice, including to other organizations who help us provide you with the SolarWinds products and services; some of these organizations may be within the SolarWinds family. Additionally, we require that our vendors enter into contracts with us and abide by the SolarWinds Vendor Data Protection Requirements.
How does SolarWinds secure my data?
SolarWinds has implemented organizational and technical safeguards to help secure our customers data. For more information on security at SolarWinds, please see our Security page.
Can SolarWinds help me respond to a Data Subject Rights request?
As a processor of personal data for our customers, we will assist our customers with responding to a data subject rights request received under GDPR. If SolarWinds receives a data subject request from one of your customers, it will notify you of such request. In many cases, you may be able to independently address the data subject request by logging into the applicable SolarWinds product and using settings available within such product or your account. Where this is not possible, please submit a data subject request to request assistance.