Employee Policy

Employee Device Privacy Policy (MDM)

Effective Date: 03/11/2026
Applies To: All employees, contractors, and authorized users of company‑managed devices

1. Purpose

This policy explains what information the Company can and cannot access on devices enrolled in our Mobile Device Management (MDM) system. The goal of MDM is to protect company data, ensure security, and support business operations while respecting employee privacy.

 

2. Devices Covered

This policy applies to:

  • Company‑owned smartphones, tablets, and computers joined to the MDM
  • Personally owned devices registered in MDM for work purposes

 

3. Information the Company May Collect

When a device is enrolled in MDM, the Company may collect and view the following information:

  • Device details (model, operating system, serial number)
  • Device security status (encryption, passcode compliance, OS version)
  • Installed work‑related applications
  • Device compliance status with company security policies
  • Device name and assigned user
  • Network and connectivity information related to corporate access

This information is used solely for security, support, compliance, and operational purposes.

 

4. Information the Company Does Not Collect

The Company does not access or monitor:

  • Personal emails, text messages, or phone call content
  • Personal photos, videos, or files
  • Personal app content or browsing history
  • Personal account passwords (e.g., Apple ID, Google account, personal email)

For personally owned devices, MDM management is limited to work‑related data and configurations only.

 

5. Monitoring and Tracking

  • The Company does not actively track real‑time location unless required for device recovery, legal obligations, or security incidents.
  • Any monitoring is limited to what is necessary to protect company systems and data.

 

6. Data Separation

Where supported, work data is logically separated from personal data. The Company may remove or restrict access to company data only without affecting personal data.

 

7. Remote Actions

If a device is lost, stolen, compromised, or when employment ends, the Company may:

  • Lock the device
  • Remove company data and applications
  • Perform a full device wipe on company‑owned devices

For personally owned devices, only company data will be removed where technically feasible.

 

8. Employee Responsibilities

Employees must:

  • Use managed devices in accordance with company policies
  • Maintain required security controls (passcodes, encryption)
  • Report lost or stolen devices immediately
  • Not attempt to bypass or disable MDM controls

 

9. Privacy Expectations

While the Company respects employee privacy, users should understand that:

  • Company‑managed devices are primarily for business use
  • Limited monitoring is necessary to protect company systems and data
  • Use of a managed device implies consent to this policy

 

10. Questions or Concerns

Questions about this policy or MDM practices should be directed to:
[IT Department / Security Team / Contact Email]

 

Acknowledgement
By using a device enrolled in the Company’s MDM system, you acknowledge and agree to this policy.