Security Director Cloud and Secure Edge Supplemental Information
This Security Director Cloud and Secure Edge (collectively, the “Security Cloud Services”) Privacy Summary is provided as a supplement to the Juniper Networks Privacy Notice.
Introduction
Juniper Security Director Cloud is the central manager for all SRX Series Services Gateways. It provides security policy management for all physical, logical, and virtual firewalls through an application that runs on an innovative, intuitive, and intelligent centralized web-based interface that offers enforcements across emerging and traditional threat vectors.
Juniper Secure Edge delivers full-stack Security Service Edge (SSE) features, including Firewall as a Service (FWaaS), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), and advanced threat prevention.
For more information about the features and functionality of Security Director Cloud or Secure Edge, please see the Security Director Cloud and Secure Edge Cloud Services Description (“CSD”). Capitalized terms that are used but not defined in this Privacy Summary have the meanings set forth in the CSD.
The Security Cloud Services are designed to include data protection by default. All information processing is carried out in accordance with the Juniper Networks Privacy Notice, aligned with data protection laws.
Data Protection Laws
Juniper Networks is committed to protecting personal data in accordance with applicable privacy laws around the world and has implemented a global data protection program.
European Data Protection Laws
Juniper Networks is the data processor that processes Customer Data on behalf of customers, who are the data controllers under the General Data Protection Regulation (GDPR).
Juniper Networks built the Security Cloud Services to incorporate the following data protection principles:
- Proportionality, Fairness, and Transparency: Processing takes place in accordance with agreements entered into by Customers and Juniper Networks. Juniper Networks provides documentation providing transparent information about the Security Cloud Services. This information supports Customers’ evaluation of whether they would like to provide notices to or obtain consents from data subjects.
- Purpose Limitation: Juniper Networks processes Processed Data only as instructed by its Customers to provide the Security Cloud Services and as otherwise permitted by the DPA (defined below).
- Data Minimization: The Security Cloud Services, by default, collects the information required to provide and maintain the Security Cloud Services. Customers are generally able to configure the type and quantity of Processed Data collected.
- Storage Limitation: Juniper Networks limits retention of Processed Data as set forth in the “Data Retention” section of the CSD.
- Integrity and Confidentiality: Mist employs robust security measures to protect Device Data as described in the “Data Security” section of the CSD.
- Data Portability: Customers may export certain data from the Security Cloud Services
- Data Subject Requests: Customers have the capability to fulfill certain data subject requests on their own, and for any other requests, Juniper Networks is available to assist Customers.
International Data Transfers
For information on where data is hosted, please see the “Data Location” section of the CSD.
Juniper Networks complies with international cross-border data transfer protections as set forth in the European Commission’s Standard Contractual Clauses.
United States Data Privacy Laws
Please see Juniper Networks' Privacy Notice – United States Supplement for details regarding how Juniper addresses United States privacy laws.
A Global Approach
Juniper Networks’ Customer Data Protection and Privacy Exhibit for Juniper Products and Services (“DPA”) is our data processing agreement for customers. The DPA incorporates the European Commission’s Standard Contractual Clauses and required terms from other data privacy and data protection laws from around the world.