The policy covers both Quest and One Identity and is effective for all sites, portals or properties owned or managed by either Quest or One Identity or associated with Products designated with either a “powered by Quest” or “powered by One Identity” logo. References to Quest in this policy document should be read to include One Identity unless the context requires otherwise.
This privacy policy (“Privacy Policy”) is applicable to the quest.com and oneidentity.com websites and any other websites owned and operated by Quest Software Inc. (“Quest”), 20 Enterprise, Suite 100, Aliso Viejo CA 92656, US, and its subsidiaries or affiliates (referred to as “this Website,” “We”, “our” or “us”). This Privacy Policy does not apply to the websites of our customers or Business Partners or to the websites of any other third parties, even if we have links to their websites on our website.
If you would like to view this Privacy Policy by country, please click here.
This Privacy Policy governs information we collect from you when you use any of our products or this Website. This Policy also outlines our specific practices related to collection, use, processing, transfer and/or storage of Personal Data (as defined below) in connection with your purchase, access and use of our SaaS software applications.
For the purposes of this Privacy Policy, "Business Partners" are subcontractors, vendors distributors, resellers and other entities with whom we have ongoing business relationships to provide products, services and information to our customers. “Affiliates” are legal entities that are owned by or under direct common ownership with Quest. "Personal Data" means information that can directly or indirectly identify you as an individual, such as your name, telephone number, address, billing information and email address or other similar information.
When you use our Website, we may seek your explicit consent to process Personal Data we collect or that you voluntarily provide. In case you do not grant the requested consent for the processing of your Personal Data or if you later inform Quest (in accordance with the “Contact Us” section below) that you do not want Quest to further process your Personal Data, any further use of certain offerings or services of Quest may be either prevented or limited in scope.
When do we collect Personal Data?
We may ask you to provide your Personal Data when you:
- Use This Website;
- Register for an account on This Website;
- Purchase a SaaS product or Service from This Website;
- Use one or more of our SaaS (software-as-a-service) offerings;
- Register products you have purchased from us;
- Obtain a software trial or update;
- Contact us, including for sales, professional services or technical support;
- Participate in a call using Microsoft Teams, Zoom, or other teleconference solution;
- Participate in a marketing/sales promotion or an online survey;
- Subscribe to our newsletters, promotional emails or other materials;
- Request information about our products, quotes, downloads or white papers;
- Apply for credit or financing;
- Register for a webinar or to view a webinar recording;
- Apply for a job, or otherwise enter our recruitment and hiring process
Personal Data We Collect
Quest collects and processes Personal Data in multiple ways from visitors to this Website whether or not they subscribe to our products. For example, when someone subscribes to an online product or service, we collect that person’s (“Subscriber’s”) first and last name as well as their company’s name, email, and phone number. Once registration is complete, we collect similar information from the person designated by the Subscriber as the designated administrator for the subscription. That administrator may share additional end user information to enable Subscriber’s end users to use the subscribed service. In all of this, however, it is the Subscriber who is responsible for notifying their end users that their information may be collected and shared with Quest as part of their use of the Service.
When you visit this Website Quest uses session “cookies” – – a piece of information stored on your computer – to allow the Website to uniquely identify your browser while you are logged in and to enable Quest to process your online transactions. Please see the “Use of Cookies” section for further information.
Mobile: When you download and use Quest services (including SaaS services) we automatically collect information on the type of device you use, the frequency of usage, application version, operating system version, the time it been used, and the device location.
Recruiting and hiring: We process your Personal Data, such as contact, job applicant data and biographical data, to assess your application and to evaluate and improve our recruitment system, our application tracking and our recruitment activities. You may also provide us with sensitive information like your Social Security Number or government identifier and other Personal Data in connection with your job application. We may use your Personal Data to communicate with you regarding your application for employment in connection with opportunities at Quest that appear over time that we believe may be of interest to you. We also use your Personal Data to send you new hire and employee experience information. We may verify your information, including through reference checks and, where allowed, background checks. Quest and our third-party utility-tracking partners gather certain information automatically and store it in log files. This information includes Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp and clickstream data.
How We Use Personal Data
We use your Personal Data to:
- Deliver the products and support or carry out the transactions you have requested;
- Establish a unique account for you to access our SaaS software;
- Address accounting and billing questions and activities;
- For the purposes of identification and authentication for visitors;
- Send communications to you, such as:
- to contact you about your use of the service,
- your transaction status (for example, order confirmations),
- information about products and services available from our portfolio and from our affiliated and subsidiary companies,
- for research purposes and to generally improve the content, functionality, and security of the Website and related services,
- event announcements,
- important product notices including those announcing changes to our terms or policies,
- information about particular programs in which you have chosen to participate, and
- surveys, promotional offers, periodic newsletters and other related communications.
- Execute other actions or processes that may be necessary or useful in order for us to provide the services you have purchased;
- Advertise and market our software product lines by delivering targeted advertisements on This Website and other sites;
- Administer, customize, personalize, analyze and improve our products, services (including the content and advertisements on this Website), technologies, communications and relationship with you;
- Enforce our conditions of sale, website terms and/or separate contracts (if applicable) with you;
- If your call is recorded, it may be reviewed for immediate employee training and monitoring purposes;
- Prevent fraud and other prohibited or illegal activities;
- Protect the security or integrity of this Website, our business, or our products or services; or
- Take such other actions or perform such other activities as disclosed to you at the point of collection or as required or permitted by law.
Quest uses Google Analytics and services like AdRoll to advertise online. Third-party vendors, including Google, show our ads on sites across the Internet. Quest and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on your past visits to our website. You may opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using Google’s Ads Preferences Manager.
Unless stated otherwise in this Privacy Policy, Quest processes Personal Data in the role of a processor or service provider on behalf of our customer(s), who are typically the responsible controllers of the Personal Data we process.
Sharing Your Information
We may share Personal Data with our affiliated and subsidiary companies or Business Partners to carry out transactions you request, to make our business more responsive to your needs, to provide you with information about our products and services, or for research and analysis. In addition, we or our affiliates may share your information with our Business Partners for the purposes of credit card processing when you register for subscription plans.
Our credit card processing intermediary is not permitted to store, retain or use your billing information except for the limited purpose of credit card processing on our behalf. We may transmit Personal Data to third party vendors and hosting partners that provide the necessary hardware, software, networking, storage, and other technology and maintenance services required to operate and maintain this Website and any services, including SaaS that we provide. Transfers to any third parties are covered under the provisions in this Policy and the service agreements with our clients.
We may also share Personal Data with Business Partners that help us customize, analyze and/or improve our communications or business relationship with you. These communications may include requests relating to our products or services, including SaaS services. As an example, we may share Personal Data to a payment processor who will bill you for services or an email service provider to send out emails on our behalf. In these (and other similar) instances, we will only share Personal Data with Business Partners who share our commitment of protecting your Personal Data and who have agreed in writing to provide protection to your Personal Data that is both in compliance with legal requirements and commensurate with the protections we ourselves provide. We will not disclose Personal Data to third parties for their own marketing purposes in absence of your consent.
Except as described in this Policy, Quest will not give, sell, rent, share or loan any personal information to any third party other than as outlined in this Policy. More specifically, here are the reasons and circumstances where we share your Personal Data:
- Legal reasons: We may disclose Personal Data to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary to enable us to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law. In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- Business Transitions: If Quest is involved in a merger, acquisition, or sale of all or a portion of its assets, or a corporate reorganization or any other action or transfer between Quest entities, your information may be shared with the new successor entity for continuation of service, as well as any choices you may have regarding your Personal Data.
- Statistical analysis: Quest may provide summary or group statistics about our customers, sales, traffic patterns, and related Website information to reputable third-party vendors, but these statistics will include no Personal Data.
- Links to other sites: This Website contains links to other sites that are not owned or controlled by Quest. Please review the privacy policy of such other sites to familiarize yourself with their practices. We encourage you to be aware when you leave our Website and to read the privacy statements of each Website that collects Personal Data. This Policy applies only to Personal Data processed by this Website.
- Social Media Features: Our Website includes social media features, such as the Facebook and Twitter buttons and Widgets, the “Share This” button or interactive mini-programs that run on our Website. These features may collect your IP address and the page you are visiting on our Website and also may set a cookie to enable the social media feature to function properly. Social media features and Widgets are either hosted by a third party or hosted directly on our Website.
- Public Forums: Our Website offers publicly accessible blogs or community forums. You should be aware that any Personal Data you provide in these areas may be read, collected, and used by others who access them. To request removal of your Personal Data from our blog or community forum, contact us at privacy@quest.com. Our blog functionality is also managed by a third-party application that may require you to register to post a comment. You will need to contact or login into the third-party application if you want the personal information that was posted to the comments section removed. Your interaction with these features is governed by the privacy policy of the company providing it.
- Testimonials: We post customer testimonials on our Website which may contain Personal Data. We obtain a customer’s consent via email prior to posting the testimonial to post that customer’s name along with their testimonial. A customer may always withdraw such consent at privacy@quest.com.
- Surveys: From time-to-time we may provide you the opportunity to participate in surveys and contests. Participation in these surveys or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes contact information, such as email or phone number. We use this information to improve our Services to send our customers updates on how we are improving those Services based on their feedback, and to market our solutions.
Breach Notification
Quest takes its responsibility for managing security and compliance very seriously and has established policies, processes and controls designed to ensure the protection of your Personal Data, including a variety of security strategies intended to prevent unauthorized access to your Personal Data. These policy statements and security strategies are explained and described on our website at: www.quest.com/legal.
Quest evaluates and responds to reports of incidents that might involve unauthorized access to Personal Data. If we become aware that Personal Data has been compromised, we report any such action or activity to you in accordance with prevailing legal and/or contractual requirements.
We may aggregate or de-identify information (including Personal Data) so that it does not identify you and then share that de-identified (and therefore no longer personal) data with third parties, either on its own or with other non-personal data.
Selecting Your Communication and Marketing Preferences
You may choose to receive or not receive marketing communications from us by indicating your preferences on this Website. If you would prefer not to receive future marketing communications or wish to change or modify information previously provided or delete inaccuracies, please contact us at listmaster@quest.com. Upon receipt of your request, your information will be updated as soon as possible, but no later than ten (10) days after our receipt of your request. We will respond to all requests for access to your Personal Data within 30 days.
We will retain your Personal Data for as long as your account is active or as needed to provide you services and as necessary to comply with our legal, regulatory or compliance obligations. Even if you opt out of receiving marketing communications, we may still communicate with you in connection with servicing any existing account you may have, fulfilling a request from you, or administering any promotion or any program in which you may have elected to participate.
Targeted Email Marketing
Some marketing you receive, including email marketing, may also be personalized to you based on your visits to this Website and your browsing and purchase history with us. In addition, when you click on some links in email marketing our email service provider may place a cookie on your browser. This cookie would be linked to your email address and used to gather information about the products and services you view on this Website. Information gathered in this way may be used to personalize and customize future email marketing messages you receive. You may opt out of this use by clicking on the unsubscribe link provided in every personalized email marketing message you receive from us.
Collection and Use of Children’s Personal Data
We take children’s privacy seriously. We do not knowingly collect Personal Data from children under the age of 13 through this Website. If you are under 13 years of age, please do not submit any Personal Data through this Website without the express consent and participation of a parent or guardian.
Targeted Display Advertising
We also work with advertising and personalization Business Partners that use cookies to help us display personalized content and appropriate advertising during your visits to this Website and other websites.
Third Party Advertising
For more information regarding the privacy and data collection practices of third parties that use cookies for advertising from this Website, including information on how to opt out of such cookies please use the following links:
Adobe: Information regarding the privacy and data collection practices for Omniture.com (offered by Adobe) is located at https://www.omniture.com/en/privacy/policy.
Akamai Technologies: Information regarding the privacy and data collection practices for Akamai Technologies is located at https://www.akamai.com/legal/privacy-and-policies/privacy-statement.
AppNexus: Information regarding the privacy and data collection practices for AppNexus is located at https://www.appnexus.com/privacy-policy.
Beeswax: Information regarding the privacy and data collection practices for Beeswax is located at https://www.beeswax.com/website/.
Bing Ads: Information regarding the privacy and data collection practices for Bing Ads (Operated by Microsoft) is located at https://privacy.microsoft.com/en-us/privacystatement.
Bootstrap CDN: Information regarding the privacy and data collection practices for Bootstrap CDN is located at https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net.
Brightcove and Zencoder: Information regarding the privacy and data collection practices for Brightcove and Brightcove Zencoder is located at https://www.brightcove.com/en/legal/privacy/.
Demandbase: Information regarding the privacy and data collection practices for Demandbase is located at https://www.demandbase.com/privacy-policy/.
Drift: Information regarding the privacy and data collection practices for Drift is located at https://www.drift.com/privacy-policy/.
ELOQUA: Information regarding the privacy and data collection practices for Eloqua is located at https://www.eloqua.com/trust/Privacy_Policy.html.
Facebook: Information regarding the privacy and data collection practices for Facebook is located at https://www.facebook.com/policy.php.
Gainsight: Information regarding the privacy and data collection practices for Gainsight is located at https://www.gainsight.com/policy/privacy/.
Google: Information regarding the privacy and data collection practices for Google Analytics, Google Fonts, and Google Tag Manager is located at https://www.google.com/privacy/privacy-policy.html.
Google & DoubleClick: Information regarding the privacy and data collection practices for DoubleClick (offered by Google) is located at https://www.google.com/privacy/privacy-policy.html.
jQuery: Information regarding the privacy and data collection practices for jQuery is located at https://privacy-policy.openjsf.org.
LeadLander: Information regarding the privacy and data collection practices for LeadLander is located at https://www.leadlander.com/privacy.html.
LinkedIn Analytics: Information regarding the privacy and data collection practices for LinkedIn Analytics is located at https://www.linkedin.com/legal/privacy-policy.
LiveRamp: Information regarding the privacy and data collection practices for LiveRamp is located at https://liveramp.com/privacy/.
Marketo: Information regarding the privacy and data collection practices for Marketo is located at https://www.marketo.com/privacy.php.
MediaMath: Information regarding the privacy and data collection practices for MediaMath is located at https://www.mediamath.com/privacy-policy/.
New Relic: Information regarding the privacy and data collection practices for New Relic is located at https://newrelic.com/termsandconditions/privacy.
OneTrust CMP: Information regarding the privacy and data collection practices for OneTrust CMP is located at https://www.onetrust.com/privacy/.
OptInMonster: Information regarding the privacy and data collection practices for OptInMonster is located at https://optinmonster.com/privacy/.
Quantcast: Information regarding the privacy and data collection practices for Quantcast is located at https://www.quantcast.com/how-we-do-it/consumer-choice/privacy-policy.
Snap Engage: Information regarding the privacy and data collection practices for Snap Engage is located at https://snapengage.com/privacy-policy/.
Spiceworks: Information regarding the privacy and data collection practices for Spiceworks is located at https://www.spiceworks.com/privacy/.
theTradeDesk: Information regarding the privacy and data collection practices for theTradeDesk is located at https://www.thetradedesk.com/privacy-policy/.
VWO: Information regarding the privacy and data collection practices for VWO is located at https://vwo.com/privacy-policy/
Wordpress: Information regarding the privacy and data collection practices for Wordpress is located at https://automattic.com/privacy/
X (Twitter): Information regarding the privacy and data collection practices is located at https://x.com/en/privacy
Similarly, third parties other than our affiliated companies use cookies to deliver advertising to you on the Internet based on your visits to this Website and other websites. These companies may also use data relating to your visits to measure the effectiveness of their advertising campaigns. These cookies can be effective whether you are on this Website or another website. These cookies assist the third parties in identifying the pages you view, the links and ads you click on, other actions you take on those web pages, and the website from which you came before arriving at this Website.
You may have the opportunity to opt out of targeted advertising through links on the advertisements themselves and you may be able to control the use of cookies through your web browser as described in the “How We Use Cookies” section below.
“Do Not Track” Signals
Some web browsers also may give you the ability to enable a “do not track” setting. This setting sends a special signal to the websites you encounter while web browsing. This “do not track” signal is different from disabling certain forms of tracking by declining cookies in your browser settings. Browsers with the “do not track” setting enabled still have the ability to accept cookies. Our system does not respond to web browser “do not track” signals at this time. If we do so in the future, we will describe how we do so in this Privacy Policy. For more information about “do not track,” visit www.allaboutdnt.com.
Cookies and Web Beacons
How We Use Cookies
This Website uses “cookies” to enable you to sign-in to our services and to help personalize your online experience. A cookie is a piece of text that is placed on your computer’s hard drive. Depending on the settings you have selected, your browser adds the text to your device as a small file. You can change the browser settings as described below; many browsers are set to accept cookies by default. We use cookies to store your preferences and other information on your computer in order to save you time by eliminating the need to enter the same information repeatedly.
You have the ability to accept or decline cookies. Many web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies, if you prefer. If you choose to decline cookies, you may not be able to sign in or use other interactive features of this Website and services that depend on cookies. The Help portion of your web browser, most likely found on the toolbar, typically tells you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.
When you first visited our website, you were presented with a banner announcing our use of cookies. The banner offers a link to our Cookie Use Policy as well as buttons to accept cookie settings and to manage cookies in the Cookie Preference Center (also known as “Your Privacy Choices”) where you can change your preferences at any time.
If you have implemented Global Privacy Control (GPC), our cookie consent solution honors the resulting GPC signals. Please note that opting out of advertising cookies will eliminate personalized advertisements, but you will continue to see advertisements. Additionally, you can opt-out of interest-based advertising by participating companies via the following consumer choice mechanisms:
Digital Advertising Alliance (DAA): Access the self-regulatory opt-out page at http://optout.aboutads.info/ and to download the mobile application "AppChoices" visit https://youradchoices.com/appchoices.
European Interactive Digital Advertising Alliance (EDAA): Access the consumer opt-out page at http://youronlinechoices.eu.
Network Advertising Initiative (NAI): Access the self-regulatory opt-out page at http://optout.networkadvertising.org/.
How We Use Web Beacons
We or our Business Partners may use web beacons on this Website, in our email messages, in our advertisements on other websites, or in our advertisements in others’ email messages. Similarly, third parties whose content or advertisements appear on this Website may also place web beacons in their ads or emails for the purposes of measuring the effectiveness of the content, advertisements or email messages.
A web beacon is an electronic image that can be used to recognize a cookie on your computer when you view a web page or email message. Web beacons help us measure the effectiveness of this Website and our advertising in various ways. For example, web beacons may count the number of individuals who visit this Website from a particular advertisement or who make a purchase from this Website after viewing a particular advertisement or they may tell us when a web page is viewed and provide a description of the page where the web beacon is placed. Web beacons may also measure the effectiveness of our email campaigns, by counting the number of individuals who open or act upon an email message, determining when an email message is opened and determining how many times an email message is forwarded.
The information we collect through web beacons may include some limited Personal Data, and web beacons allow us to recognize users by accessing our cookies. We may also combine the information that we collect through web beacons with other information we have collected from you. We use all this information to better tailor our marketing communications to you, and we may use this information for other purposes, such as to enable a shopping cart, customize content on this Website and undertake internal research.
We prohibit web beacons on this Website from being used by third parties to access Personal Data. We may allow Business Partners to compile individual information or aggregated (anonymous) statistics from the use of web beacons on this Website to determine the effectiveness of online marketing and to develop statistics related to purchase activity or any other action on the advertiser’s site. Aggregate information may include demographic and usage information, but no Personal Data about you is shared with Business Partners for this research.
You can make some web beacons unusable by rejecting cookies in your web browser and you can always change your preferences in the Cookie Preference Center, also available from our home page as “Your Privacy Choices”.
How We Use Pixel Tracking
Similar to Cookies, this Website and some of our Business Partners use pixel tracking to gather information about your experience with which to enhance our Website and its performance for your environment. And similar to Cookies, you can set your pixel tracking preferences via the Cookie Preference Center (Your Privacy Choices). Here are the types of data we collect:
- The type of device the user used (desktop or mobile)
- The type of operating system the user used, including mobile OS
- Activities performed during the session
- Screen resolution of clients
- The client the user used (browser, mail program, etc.)
- IP address
- What time the user opened the email or visited the website
Listed below are Business Partners for whom pixel tracking has been enabled and their privacy policies:
DemandScience – Information regarding the privacy and data collection practices is located at https://demandscience.com/privacy-policy/.
Google: Information regarding the privacy and data collection practices for Google Analytics, Google Fonts, and Google Tag Manager is located at https://www.google.com/privacy/privacy-policy.html.
LinkedIn Analytics: Information regarding the privacy and data collection practices for LinkedIn Analytics is located at https://www.linkedin.com/legal/privacy-policy .
Microsoft: Information about privacy and data collection practices for Microsoft is available at https://privacy.microsoft.com/en-us/privacy.
X (Twitter): Information regarding the privacy and data collection practices is located at https://x.com/en/privacy
You can disable pixel tracking by rejecting cookies in your web browser and you can always change your preferences to reject marketing cookies in the Cookie Preference Center, also available from our home page as “Your Privacy Choices”.
How We Secure Personal Data
We are committed to protecting the security of Personal Data. We use a variety of security technologies and procedures to help protect Personal Data from unauthorized access, use and disclosure. For details about our data protection processes, please see our Information Security Policy and our Technical and Organizational Measures available on the Security page on this website. When you provide us with sensitive Personal Data (such as financial information) we encrypt that information via SSL. While we strive to protect your Personal Data, we cannot ensure or guarantee that the Personal Data or private communications you transmit to us will always remain confidential, and you do so at your own risk. If you have any questions regarding security, you can contact at webmaster@quest.com.
We and our affiliates maintain reasonable security measures to protect your information from loss, destruction, misuse, unauthorized access or disclosure. When you enter sensitive information (such as your login information) on our Website or connect to our Service, we may encrypt the transmission of that information. If you have any questions about security on our Website, you may contact us at privacy@quest.com
When we use your Personal Data in connection with a SaaS product or service, the data will most often be encrypted both in transit and at rest. When we do engage third party providers for various services, including cloud hosting services for certain aspects of our offerings, we rely on the public policies and protections of those globally available services for the protections we apply to your Personal Data. For a breakdown of the policies of our primary cloud hosting service providers, please visit the Security Guide(s) for the products you are purchasing or using.
Public Forums
This Website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your Personal Data from our blog or community forum, contact us at webmaster@quest.com. In some cases, we may not be able to remove your Personal Data, in which case we will let you know if we are unable to do so and why.
Transfer of Personal Data
Personal Data we collect may be stored and processed in the United States or any other country in which the entities represented by our affiliates, subsidiary companies or Business Partners maintain facilities. We provide appropriate levels of protection to safeguard your Personal Data including providing adequate protection for any transfer of Personal Data to a country outside the EU/EEA. These safeguards include data protection agreements, incorporating the new EU standard contractual clauses, and the Data Privacy Framework.
Your Data Subject Rights
If you would like to exercise any of your rights, or receive more information about them, please contact us via “ preferences.quest.com/privacy. We promptly respond to all requests from individuals seeking to exercise their rights described in this Privacy Policy and pursuant to applicable data protection laws. Please note that some of the following rights may not be applicable to your situation:
Right of access: You have the right to gain access to information about the personal data that we process about you. Should you have any questions regarding the processing or want more insight into the personal data we process from you, you are always welcome to contact us, and we will provide you with further information.
Right to rectification: You have the right to get your personal data updated or corrected. Upon your request to us, we will promptly correct your information inaccurately stored by us and/or supplement incomplete personal data completed by including a supplementary statement provided by you.
Right to erasure/right to be forgotten: You have the right to request that we permanently delete your personal information. You can make such a request if you, for example, believe that the personal data are no longer necessary in relation to the purpose for which the personal data were collected or otherwise processed.
Right to restrict the processing activities: You have the right to restrict our processing activities. If you choose to restrict our processing activities regarding certain personal data, note that you may not be able to use our Website properly.
Right to data portability: You have the right to transfer your Personal Data, when possible.
Right to object: You have the right to object to the processing of your Personal Data that is carried out on the basis of legitimate interests, such as direct marketing.
Right Not to be Subject to Automated Decision-Making: You have the right not to be subject to automated decision-making, including profiling, which produces legal effects. We and our affiliates do not currently engage in the foregoing on our websites or in our products and services.
If you are unsatisfied with the way we treat your Personal Data, you may reach out to us via email at privacy@quest.com to discuss the issue. However, you always have the right to lodge a complaint to our third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request or to a supervisory authority.
Your California Privacy Rights
The California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act (CPRA) , give California residents certain rights relating to the way we collect, disclose, and use your Personal Data. At Quest, we do not sell Personal Data. Our website is configured to honor your Global Privacy Control (GPC) preferences.
We support the following:
- Right to Know. You have the right to request that we disclose what Personal Data we collect, use and disclose, and when and how we do so.
- Right to Deletion. You have the right to request that we delete Personal Data of yours we may have collected or maintained.
- Right to Opt-Out of the Sale. You have the right to opt-out of the sale of your Personal Data. Quest does not sell Personal Data and has not sold Personal Data.
- Right to Designate an Agent. You may also designate someone else as an authorized agent to make any of these requests your behalf.
- • Right to Limit the Use of Sensitive Personal Data. Quest does not collect or use Sensitive Personal Data from prospects or customers, except in very limited circumstances and for purposes explicitly authorized by you and for no other reason. You have the right to request that we limit the use of your Sensitive Personal Data.
To submit any of these requests ,visit preferences.quest.com/privacy and complete the request form. Upon receipt of a completed request form, we will send an email to authenticate the request. When we receive confirmation, we will begin processing the request. Upon completion of the request, we will send a final email reporting the results.
Alternatively, you may call 1 888 820 4606 to submit a request. The data you provide during that call will be entered into our data subject request management system, which will then follow the same process as described above starting with an email requesting authentication confirmation.
Data Privacy Framework
Quest complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce (collectively, the “Frameworks”). Quest has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Quest has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Under the Frameworks, we are responsible for the processing of Personal Data that we receive from our customers and subsequently transfer to a third party acting as an agent on our behalf. We comply with the Frameworks Principles for all onward transfers of personal data from the EU, United Kingdom (UK), and Switzerland, including the onward transfer liability provisions.Quest Software Inc. and its U.S. affiliates Quest Software Public Sector Inc and One Identity LLC. are adhering to the EU-US DPF Principles, including the UK Extension to the EU-US DPF and Swiss-US DPF Principles.
With respect to Personal Data received or transferred pursuant to the Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Quest Software Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Quest commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact us via our web form. If you are an individual in the EU, UK, or Switzerland and have a question or complaint related to participation by Quest in the DPF Frameworks, we encourage you to contact your employer if your employer has a contract with us for the provision of services or contact us via our web form. For any complaints related to individuals of the EU, UK, or Switzerland who are not otherwise governed by a contract between Quest and your employer, and that Quest cannot resolve directly (related to the DPF Framework), we have chosen Truste, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit TRUSTe for more information or to file a complaint. These dispute resolution services are provided at no cost to you at:
https://feedback-form.truste.com/watchdog/request.
Retention Periods
We retain your Personal Data as long as it is necessary for the purposes stated above, if not stated otherwise in this Privacy Policy. We will retain and use your Personal Data as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and for other necessary business purposes.
Effective Date and Notification of Changes to our Privacy policy
This Privacy Policy is effective as of November 1, 2024 and is reviewed periodically. We reserve the right to change this Privacy Policy at any time. If we materially change this Privacy Policy, we will post a prominent notice on this Website. Changes are effective as of the date we post them on the Privacy Policy page of this Website. We encourage you to periodically review this Privacy Policy.
Contact Us
If you wish to cancel your account or request that we no longer use your information to provide you services, contact us at listmaster@quest.com. If you would like to request to view, correct or delete your personal information, submit your request at https://preferences.quest.com/privacy. If you have questions or concerns regarding this Privacy Policy, please contact us webmaster@quest.com or via postal mail at 20 Enterprise, Suite 100, Aliso Viejo, CA 92656.
If you are an individual in the EU, UK, or Switzerland and have a question or complaint related to participation by Quest in the DPF Frameworks, we encourage you to contact your employer if your employer has a contract with us for the provision of services or contact us via our web form. For any complaints related to individuals of the EU, UK, or Switzerland who are not otherwise governed by a contract between Quest and your employer, and that Quest cannot resolve directly (related to the DPF Framework), we have chosen Truste, an alternative dispute resolution provider based in the United States.
As further explained in the DPF Principles, binding arbitration is available to EU, Swiss, and UK individuals to address residual complaints not resolved by other means. Quest is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Page last Updated November 2024.