Complying with GDPR Requests in Jamf Pro

Technical Articles
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

Jamf is committed to complying with the EU General Data Protection Regulation (GDPR) and helping our customers comply with "right of access" and "right to be forgotten" requests related to GDPR. This article provides information about the remediation process that Jamf Pro customers can use in their environments if they receive GDPR-related requests from end users.

The following procedure includes steps to delete personal data collected by default and stored in the Jamf Pro database. For information on the personal data that is deleted and the database tables affected, see the GDPR Compliance Reference for Jamf Pro article.

Requirements

  • Jamf Pro 10.4.1 or later

  • Jamf Pro user account with the administrator privilege set and full Jamf Pro access

  1. In Jamf Pro, click Users in the sidebar.
  2. Perform a simple or advanced search for the applicable user inventory record.
    Note:

    If your environment is integrated with Apple School Manager, user information may be displayed in the Roster category. This user information is deleted from Jamf Pro when it is removed from Apple School Manager.

  3. If the user is assigned to any computers, they will be listed in the Computers category in the user's inventory information. To delete a computer, click the computer name to view its inventory information, click Delete at the bottom of the pane, and then click Delete again to confirm. Repeat as necessary to delete all computers that the user is assigned to.
  4. Perform a user search again to return to the applicable user inventory record.
  5. If the user is assigned to any mobile devices, they will be listed in the Mobile Devices category in the user's inventory information. To delete a mobile device, click the device name to view its inventory information, click Delete at the bottom of the pane, and then click Delete again to confirm. Repeat as necessary to delete all mobile devices that the user is assigned to.
  6. Perform a user search again to return to the applicable user inventory record.
  7. After all assigned computers and mobile devices have been deleted for the user, the user record must be deleted from Jamf Pro. To delete the user record: While viewing the user's inventory record, click Delete at the bottom of the pane, and then click Delete again to confirm.
    Note:

    If the user is assigned to other items in Jamf Pro, a list of dependencies is displayed. You will need to update the listed items to remediate the dependencies before the user can be deleted. For example, if VPP content has been assigned to the user, you will need to remove the user from the scope of the assignment. The user cannot be deleted from Jamf Pro until all dependencies have been removed.

  8. Review your organization's log flushing policies to ensure that logs are scheduled to be flushed within a timeframe that meets GDPR requirements. To access Log Flushing settings in Jamf Pro, navigate to Settings > System > Log Flushing.

For related information, see the following sections in the Jamf Pro Documentation:

In addition, see the following article: Data and Tables Affected by Log Flushing.