Trimble Connected Forest® Single Sign-On (SSO) is a global service for the entire Connected Forest® product line, and it provides secure access to Connected Forest® apps from a single access point. The data required to manage authentication for and control access to SSO includes information about organizations, users, subscriptions, and transactions. This data is stored in the United States of America (USA).

The stored data consists of:

• Organization data: The names, street addresses, and (optionally for some apps) business IDs of the user organizations, and the first and last name, email address, and (optionally) phone number of each organization’s contact person. Each organization must have a contact person for matters related to software licensing.

• User data: The first and last names, email addresses, 2nd factor information such as phone numbers, and software subscription types of all users in each organization. A software subscription provides a user with access to the software in question for a specified period of time.

• Subscription data: The types, activation dates, and expiration dates of all Connected Forest® subscriptions for each organization.

• Transaction data: The dates, statuses, payment methods, and currencies of the transactions made by each organization to purchase Connected Forest® subscriptions within SSO, and the names and email addresses of the contact persons that made the purchases. Only subscription purchases made within SSO are tracked, and no credit card information is stored for subscriptions that are purchased online.

This data is used to manage authentication and access control for Trimble Connected Forest® apps: the apps that each user can access, which organization(s) each user can access, and the basic permissions for each user. It is also used to manage licensing for Connected Forest® products. This data is essential for controlling software access and ensuring business data security for all Connected Forest® users. Only minimal data required to run these services is tracked. Trimble does not use the data for any other purpose, and it is only accessible and visible to the Connected Forest® apps.

The stored data does not include confidential business data or any type of sensitive data about individual people such as personal addresses or bank account numbers.

SSO authenticates users through the Trimble Identity (TID) service. Users have and will continue to have the option of storing their TID profile data in a specific geographical region. This includes, for example, optional phone number information for Multi-Factor Authentication. However, this does not affect the geographical region in which the SSO authentication and access control data is stored.

Trimble Forestry Corporation (Canada) and Trimble Forestry Europe Oy (Finland) are each the controller and responsible party for the data processing activity described above. Each of these entities acts as data exporter and Trimble Inc. is the data importer to the United States as a processor for Trimble Forestry Corporation and Trimble Forestry Europe Oy. The Trimble entities have entered into data processing agreements on the basis of the EU Standard Contractual Clauses (Controller to Processor). For data of residents in Europe and the United Kingdom, Trimble Inc. is certified according to the EU-U.S. Data Privacy Framework. This Framework provides EU individuals whose data would be transferred to participating companies in the United States with several new rights (for example, to obtain access to their data, or obtain correction or deletion of incorrect or unlawfully handled data). In addition, it offers different redress avenues in case their data is wrongly handled, including before free of charge independent dispute resolution mechanisms and an arbitration panel. More details regarding Trimble Inc.’s processing activities as data importer under the Framework can be found here. The recent adequacy decision by the European Commission on the EU-U.S. Data Privacy Framework covers data transfers from any public or private entity in the EEA to U.S. companies participating in the EU-U.S. Data Privacy Framework.

Data can be removed upon request by contacting Trimble Forestry Support, noting that this will terminate access to Trimble Connected Forest® apps.