Privacy Policy
Last updated: January 30, 2026
RMA Apps ("we", "our", or "us") provides Zendesk sidebar applications that integrate with third-party services. This Privacy Policy explains how we handle information when you use our apps.
Information We Process
Our apps act as a bridge between Zendesk and your existing systems (such as JAMF Pro or UniFi). We process the following types of information:
- Ticket Data: Requester email addresses and custom field values from Zendesk tickets to look up relevant device or network information
- API Credentials: Credentials you provide to connect to your JAMF Pro or UniFi systems (handled securely through Zendesk's encrypted settings)
- Device/Network Data: Information retrieved from your systems in real-time, such as device names, serial numbers, IP addresses, and network status
How We Use Information
Information is used solely to:
- Query your systems (JAMF Pro, UniFi) based on ticket context
- Display relevant device or network information in the Zendesk sidebar
- Provide error messages when lookups fail
Data Storage
We do not store your data. Our apps operate in real-time:
- Device and network information is fetched on-demand and displayed immediately
- No customer data, device information, or lookup results are stored on our servers
- API credentials are stored by Zendesk using their secure settings infrastructure, not by us
- Server logs may temporarily contain request metadata (timestamps, response codes) for debugging purposes and are automatically deleted within 30 days
Data Sharing
We do not sell, rent, or share your information with third parties. Data flows only between:
- Your Zendesk instance
- Our backend API (hosted on Vercel)
- Your JAMF Pro or UniFi systems
Security
We implement appropriate security measures:
- Encryption in Transit: All data is transmitted over HTTPS/TLS
- Secure Credentials: API credentials are handled through Zendesk's secure proxy and are never visible in browser developer tools
- Access Controls: Our backend only accepts requests from authorized Zendesk domains
- Rate Limiting: API endpoints are rate-limited to prevent abuse
- No Persistent Storage: We don't maintain databases of customer information
Your Rights
Since we don't store personal data, traditional data subject rights (access, deletion, portability) don't directly apply to our services. However:
- You can uninstall our apps at any time through Zendesk
- You can revoke API credentials in your JAMF Pro or UniFi systems
- You can contact us with any privacy concerns
GDPR Compliance
For users in the European Economic Area:
- We process data as a "processor" on behalf of your organization (the "controller")
- Processing is based on your organization's legitimate interest in providing IT support
- Data transfers to the US (where our servers are hosted) are covered by standard contractual clauses through our hosting provider (Vercel)
CCPA Compliance
For California residents: We do not sell personal information. Since we don't store personal data, there is no data to access, delete, or opt out of selling.
Children's Privacy
Our apps are business tools intended for use by IT professionals. We do not knowingly collect information from children under 13.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of significant changes by updating the "Last updated" date.
Contact Us
If you have questions about this Privacy Policy or our practices, please contact us at: