The SOC 2 Report is completed following a review by an independent auditor. This report provides more detailed information regarding an organization’s controls relevant to security, availability, and confidentiality of data. BlueJeans currently undertakes a SOC 2 Type II audit on annual basis and can make the report available to current or potential customers upon execution of a non-disclosure agreement. If you are interested in viewing BlueJeans’ recent SOC 2 Type II report, please contact your account manager for more details.
Our SOC 3 report is freely distributable and includes the service auditor's opinion on BlueJeans maintaining effective controls at the organization relevant to security, availability and confidentiality.
The General Data Protection Regulation (GDPR) unifies data privacy requirements across the European Union (EU) and has taken effect on May 25, 2018. The GDPR establishes data privacy as a fundamental right for EU citizens.
Key principles of GDPR include:
Keeping personal data only as long as needed to fulfill the original purpose of collection
Having in place appropriate technical and organizational security measures help to protect data against unlawful processing, disclosure, access, loss, destruction, or alteration
Responding to and effectively handling data subject requests regarding their personal data
Data security and user privacy have always been priorities for BlueJeans. To better support your GDPR-compliant use of our services, we have been working in many areas, including the following:
BlueJeans continues to implement its existing technical and organizational measures regarding the security of personal data including routinely reviewing and updating security controls related to data retention, data at rest and in transit, and incident management.
BlueJeans is continuously looking for ways to strengthen its data security and privacy practices, both in designing and providing our products and services as well as in our internal operations. Our current practices include the following:
To learn more about BlueJeans’ security practices please refer to our privacyshield.gov.
If you require a Data Processing Agreement as part of your company’s compliance requirements, please request a copy of our Data Processing Agreement by emailing email@example.com.
The California Consumer Privacy Act (CCPA), extends certain rights to California consumers starting January 1, 2020.
BlueJeans, as a video conferencing services provider, collects minimal personal information that includes email address, first name and last name of a user to both identify and authenticate the user as well as to personalize the services for that user. While scheduling and conducting meetings, certain call detail records (start date/time, duration, etc.) are collected and stored for reporting. If a user records a meeting, such recordings are stored encrypted, for which the user manages the sharing permissions and the life cycle.