Portal Portal Forum Forum Devolutions Force Devolutions Force Hub Business Hub Business Hub Personal Hub Personal Devolutions Send Devolutions Send Download RDM RDM Workspace Workspace Launcher Launcher
Solutions
Remote Connection
Remote Connection Management
Boost productivity, decrease costs, and increase security with a centralized platform where you can manage a wide range of remote connections and tools.
Remote Connection
Password Management
Improve your security strategy without reducing productivity by using a password management solution.
Remote Connection
Privileged Access Management
Diminish the risk of insider threats and cyberattacks while providing audit and compliance requirements for your team.
Remote Connection
Remote Access Management
Establish a secure entry point for internal or external segmented networks that require authorized just-in-time (JIT) access.
Remote Connection
Use Cases
In the technology world, use cases are only as good as the value someone derives from them. That's why at Devolutions we craft straightforward example use cases to help you and your team choose the best solution for your ideal productive environment.
Products
Remote Desktop Manager
The Best Remote Connection Manager in the Industry
 Devolutions Hub
Cloud-hosted password manager built for IT professionals
 Devolutions Server
Self-Hosted Credential Manager Built for IT Professionals
 Devolutions PAM
Privileged Access Manager Built for IT Professionals
 Devolutions Gateway
Secure Remote Access Management — No VPN Required
 Devolutions Free
We believe in making powerful tools accessible to everyone
Companion Tools
Workspace
Mobile, Desktop Application & Browser Extension
Launcher
Remote Connection Launching Tool
PowerShell
Cmdlets that interact with Devolutions products
Devolutions Send
Secrets sharing made quick, secure, and simple
Support
Devolutions Blog
Devolutions Blog
Stay up to date with our weekly articles on our blog, In The Trenches.
Community Forum
Community Forum
The Devolutions Forum is the place to go to connect with your peers and the Devolutions team.
Devolutions Documentation
Devolutions Documentation
Get answers to product specifications, settings and more on our documentation.
Knowledge Base
Knowledge Base
Popular Knowledge Base articles solving common roadblocks and helping using best pratices.
Contact our Support Team
HELP
PHONE
Level 1 support only — Monday to Friday: 7:30 a.m. to 6:00 p.m. EDT
Report a Security Issue
While we do take care of the security of our products, the fast-changing nature and complexity of security may inadvertently expose our software. Please check out our security commitment for more information.
RESOURCES
Use Cases Success Stories Report & Whitepapers Legal & Privacy Security & Compliance Miscellaneous Glossary (IT and security) Newsroom Media
Contact Send Message
Send Message
 Call me
Call me
 Technical Support Sales Contact Information
About Us Devolutions Timeline Lifestyle
Careers Welcome Available Positions Spontaneous Application
Newsroom Press Releases Newsletters In The News
Media Devolutions Logos Wallpapers
Security & Compliance Security Report a Security Issue Advisories

Legal & Privacy

Privacy Policy Website / Cookies Software License Agreements Online Services Terms Law Enforcement Requests Deleting your data Sub-processors

Guidelines for legal requests for information

1. Introduction

Devolutions provides privileged access management, password management and remote connection management software for organizations and individuals.

These guidelines (the “Guidelines”) provide information to law enforcement officials wishing to request customer information or customer content data from Devolutions in the context of investigations or enforcement of applicable laws. Our Customers and Users may also find this document relevant to understand what information we share with law enforcement and under what circumstances when we receive such legal requests.

For first-party requests (i.e. if you are seeking your own information), please consult our Privacy Policy for more information about your right of access.

In the context of these Guidelines:

  • ""Customer” refers to an organization or individual purchasing a software license from Devolutions or subscribing to a Software-as-a-Service offered by Devolutions.
  • Customer Data” refers to the content data that a Customer or its Users may store with Remote Desktop Manager or Devolutions Server on their local systems or in our cloud-based services such as Devolutions Password Hub, Devolutions Account and RDM Online Services.
  • User” refers to an individual who is duly authorized by a Customer to install, use or access our software products and services.

We may from time to time change our practices for responding to legal requests for information, in which case these Guidelines will be updated.

2. Basic principles

Devolutions recognizes the importance of helping law enforcement serve their legitimate interest in protecting the public, while also being committed to protecting the privacy rights of its Customers and Users, and of anyone else who entrusts us with their personal information.

Having to balance and deal with these often competing interests is not always easy. This is why hope that these Guidelines will help to set expectations on both sides, as well as to add transparency to our internal processes when we receive legal requests for information from law enforcement.

Below are the basic principles that Devolutions will apply when responding to such legal requests:

Legal requirement

When the legal request concerns identifiable non-public information, we will not share this information unless we obtain the prior written consent of the affected individuals or entities, or unless we reasonably believe that we are legally required to do so under the laws that apply to us. In all cases we reserve the right to object to any requests for non-public information, especially where production is prohibited by privacy laws or where the process served is insufficient to compel production of the requested data.

Jurisdiction and authority

We will generally refuse to disclose non-public information if the legal request or court order is issued by a requesting body that lacks jurisdiction over Devolutions, or that does not have the legal authority to issue and to enforce the relevant request, subpoena, or court order.

Notification to affected persons

We will notify affected individuals and entities before we produce information about them, and provide them with an opportunity to object to the disclosure 7-10 days prior to production, unless we are legally prohibited from doing so. We may shorten the notice period in our discretion, but we generally only do so in emergency situations. Public authority or law enforcement officials who believe that such notification would jeopardize an investigation should obtain an appropriate court order or other process that specifically prohibits such notification, and should specifically mention this requirement in their request.

Minimum information

We will only provide information directly related to the activity addressed in the request and we will limit the information that we disclose to the minimum that is necessary to satisfy the legally enforceable request. We will seek to limit or object to requests that are overbroad or seek a large amount of information or affect a large number of Customers or Users.

3. How to submit a legal request for information

Legal requests for information must be made by completing this form.

It is important that you fill in all required fields in our form with detailed information and provide all relevant supporting legal documents (such as a subpoena, court order, or a warrant) when submitting a legal request. An incomplete form or the lack of supporting documents may delay or prevent the processing of your request.

You will need to fill in the following required fields to submit your request:

  • Your official email address and contact phone number;
  • Your name and badge/ID;
  • The nature of your request (by selecting the most relevant category from the list provided in the form);
  • The subject of the request (for example a domain address, an email, a business name or an individual’s name);
  • The specific description of the information that is needed;
  • Name or title of the authority issuing the request (for example, the court that issued the subpoena or government agency that authorized the request);
  • Jurisdiction of the requesting body;
  • The date by which the legal process requests a response from us;
  • If the request must be kept confidential (in which case the court or administrative order that is uploaded must include a disclosure prohibition or the statute, law, or regulation that prohibits disclosure must be properly identified);
  • If it is an emergency request (in which case additional questions will need to be answered to help us evaluate such emergency).

We cannot guarantee any specific response time (even in the case of an emergency request), although we will use commercially reasonable efforts to respond to your request as quickly as possible.

Devolutions reserves the right to seek reimbursement for the costs associated with responding to public authority or law enforcement data requests, where appropriate.

4. Jurisdiction and requests from foreign law enforcement

Canadian government requests

As a Canadian entity, Devolutions may provide information it holds in response to an order issued by a Canadian court or a warrant issued by a Canadian authority, to the extent that all legal requirements are met.

Non-Canadian government requests

Devolutions is not legally required to provide data to foreign governments in response to legal process issued by foreign authorities. Foreign law enforcement officials wishing to request information from Devolutions should contact the appropriate Canadian public authorities, and Devolutions will promptly respond to requests that are issued via Canadian public authorities or Canadian courts by way of a mutual legal assistance treaty (“MLAT”) or letter rogatory.

5. Data preservation requests

We will take steps to preserve requested information for up to 90 days upon formal request from law enforcement in connection with official criminal investigations, and pending the issuance of a court order or other process. Preservation requests must meet all the relevant requirements applicable to legal requests for information mentioned above, and must specify the particular information to be preserved. A request to extend the preservation for an additional 90 days may be submitted to Devolutions by law enforcement before the expiry of the first 90 days period.

6. Emergency requests

Devolutions evaluates emergency requests on a case-by-case basis. If you provide information that gives us a good faith belief that there is an emergency involving imminent danger of death or serious physical injury to any person, we may provide information necessary to prevent that harm if we are in a position to do so, consistent with applicable law and at our sole discretion. Emergency requests must be submitted by filling out the appropriate sections of our form.

7. Types of data that Devolutions may have

The data that we hold on Customers or Users will depend on the Devolutions products or services that they use, the types of interactions that they have with us, and our data retention policies.

When the legal request concerns Customer Data, we will instruct the requestor to obtain that information directly from our Customer, who is the controller of that data, and also because we generally do not have access to Customer Data, as is it whether stored locally on Customer’s or User’s systems or encrypted client-side, depending on the product or service involved.

Categories of data that may be available for law enforcement:

  • Basic Customer or User account information such as email address, name, phone number, organization, billing contact information and/or transactional records;

  • Other User account information such as username, User groups, URL, account creation date, date that User last accessed its account, IP addresses associated with log-ins to a User account, administration and server logs;

  • Content of written communications between Customers / Users and Devolutions, including through our sales and customer support channels and our online forum.

Last update : December 20, 2022