You are here

en-US BYOD Privacy Policy

Primary tabs

Clone Agreement Document

Body Content

NIKE BRING YOUR OWN DEVICE POLICY

Prior to participating in the Bring Your Own Device (“BYOD”) Program and connecting a personal device to Nike Systems, you must agree to comply with this Policy. By agreeing to this Policy, you acknowledge having read and understood this Policy, agree to fully comply with this Policy at all times and acknowledge that failure to comply with this Policy will at a minimum result in denial of access to Nike Systems with a personal device, and may also lead to disciplinary action, including termination. 

1. OVERVIEW & DEFINITIONS                                   

Nike, Inc., and its subsidiaries and affiliates ("Nike" – see complete list of entities and their addresses {{agreement:localentities:here}}) have adopted a Bring Your Own Device Program (“BYOD Program”) to allow employees and contingent workers (“users”) to use their own devices such as mobile phones, tablets, and personal computers for professional purposes at Nike. 

Users participating in the BYOD Program are permitted to connect their personal devices to Nike Systems to conduct Nike business only as described in this Policy and as consistent with other Nike policies.  Hourly employees who enroll in the BYOD Program must record all hours worked in accordance with Nike’s time and attendance policies.  Also, participation in and availability of the BYOD Program may be subject to local legal requirements or restrictions in certain jurisdictions.  Please check here for additional information.  

Participation in the BYOD Program is voluntary and offered as a convenience to users.  Users who prefer to use a Nike-owned and issued device and who are eligible for such a device based on their role and responsibilities should do so.  

As used in this policy: 

"Nike Systems" are composed of Nike-owned hardware or Nike-licensed and approved software including company servers, company email accounts, applications and programs (such as those available through Nike Tools), company shared drives or file shares, message boards, instant messaging systems, blogs, internet channels, company cloud storage locations and various other systems owned or provided by Nike.    

Nike Material” is any Nike-related information held in electronic form, including company emails and other communications, documents, data, databases, images, graphics, photos and other materials, which may include, but is not limited to, personal, proprietary or confidential information of Nike, its clients, consumers, suppliers, partners or other third parties.  

Secure Access Method” is a Nike-provided and approved method that enables secure access to Nike Systems and Material that a participating user will be required to use (or, depending on the particular access method, may require the download and local installation of software) on his or her device to participate in the BYOD Program. 

Participating Device” is the user-owned device on which the user accesses Nike Systems and Nike Material through the Secure Access Method and thereby participates in the BYOD Program. 

2. REGISTERING FOR THE BYOD PROGRAM 

A user’s request to participate in the BYOD Program will be granted only when Nike is satisfied that the user’s participation meets all applicable requirements and therefore will not present undue risk or burden to Nike. 

a. Eligible Devices 

Only devices and operating systems approved by Nike are permitted to be used in the BYOD Program.  Devices may be excluded from this BYOD Program based on compatibility of technology or failure to meet the security requirements listed below. See the list of approved devices here

b. Connecting a Participating Device 

To participate in the BYOD Program, and before accessing any Nike Systems or Nike Material on a personal device, the user must use the Secure Access Method provided and approved by Nike, as appropriate to the type of Participating Device to be used for that access.  For mobile phones, this includes downloading and locally installing the Mobile Device Management Software available here

c. Information collected from a Participating Device 

By participating in the BYOD Program, you understand and agree that Nike may need to collect device information, user identification, and other information for Nike’s records to enable the operation of the Secure Access Method. This information may be used to identify and, where location services have been activated, locate a Participating Device and to verify a user’s compliance at all times with this Policy.  Access to device and user information is limited to those persons with a need to access such information to administer and support the BYOD Program or who are authorized to enforce Nike policies in accordance with existing process. Where permissible under applicable law and where Nike has a reasonable basis to justify its use, device and user information may be used as the basis for disciplinary action against a user, up to and including termination for improper use/disclosure of Nike’s proprietary or confidential information. 

Depending on the Secure Access Method used, information that may be collected from a user may include: 

  • Country;
  • Location (where the user has activated location services);
  • Corporate email address;
  • Device status information;
  • Device ID and name;
  • Device manufacturer;
  • Device type;
  • Device OS version;
  • User name and ID;
  • UDID;
  • IMSI;
  • IMEI;
  • IP address;
  • Asset number;
  • Phone number;
  • Wifi / MAC address;
  • Available RAM and storage;
  • Display size;
  • Power status;
  • Physical memory;
  • List of apps (for managed mobile devices);
  • SIM card status;
  • BYOD Program inventory; and/or
  • Jailbroken/rooted information. 

Detailed information about the information collected for each Secure Access Method provided is available here

d. The BYOD Program Software 

Participating users will be required to use only Nike-provided Secure Access Methods on their device to access Nike Systems and Nike Material. Depending on the particular access method used, this may require the download and local installation of software to enable the Secure Access Method. The user agrees to follow all security controls required by the Secure Access Method and implement any updates to any enabling software as needed.  The Secure Access Method allows Nike to manage access to Nike Systems and Nike Material on the Participating Device, which may include the ability to limit access to Nike Systems and Nike Material or with certain technologies (such as the mobile device management client used for mobile devices) enable remote wiping of all Nike Material on the Participating Device.  

The “managed space” of a Participating Device is that space on the Participating Device comprised of the Secure Access Method and the Nike Systems and Nike Material accessed through that method. The user is prohibited from conducting Nike business outside of the managed space of the Participating Device; this includes sending Nike Material or other confidential business communications via personal email or storing images of confidential or proprietary Nike Material on the Participating Device. 

The Secure Access Method will maintain logical segregation of Nike Material in the managed space of the Participating Device from the user’s personal content or information outside of the managed space, to maintain confidentiality of all Nike Material. The user shall not change, disable or circumvent the Secure Access Method settings or methods, or otherwise seek to store or access Nike Materials outside of the managed space. 

The Secure Access Method is not intended to provide Nike with remote access to content in areas outside of the managed space that have not been accessed, backed up-to or restored to any Nike System. The user should not store non-Nike personal resources in the managed space of the device, and should not back up their device to the Nike Network in a manner that would provide Nike with access to non-Nike personal resources.  The user agrees that s/he is solely responsible for maintaining backups of any personal information on a Participating Device. 

3. SECURITY REQUIREMENTS FOR PARTICIPATION IN THE BYOD PROGRAM 

a. Device Security Requirements 

All Participating Devices must be enabled with industry standard security methods as appropriate to the device, which methods must be kept current and up to date. The user agrees to manage the security of the Participating Device by maintaining up-to-date software patches and malware, anti-virus and anti-spyware updates from all relevant telecommunications, hardware and software providers.  To meet the BYOD Program’s minimum security requirements the Secure Access Method will, as needed, verify that the Participating Device meets the appropriate security requirements, which may include: 

  • file or disk encryption;
  • up-to-date security patches;
  • strong password or PIN authentication for all accounts that can access the device;
  • setting a maximum number of invalid log-in attempts;
  • up-to-date anti-malware, anti-virus and anti-spyware software; and
  • no jailbreak or other security circumvention software, applications or tools (except for device unlock software provided by the telecommunications carrier for the device). 

From time to time Nike may implement additional settings and security requirements, such as password complexity requirements and lockout rules resulting from invalid login attempts, through the Secure Access Method. 

b. Participating Device Security Settings 

The user agrees that Nike may access the managed space on a Participating Device – including by remote access – to manage the security settings of that device when the user is accessing Nike Systems, without providing further notice to the user of such access or of any changes to such security settings. 

4. EXPENSE REIMBURSEMENT 

Certain users may be eligible for a subsidy, reimbursement, or payment of certain services charges for Participating Devices (e.g., carrier and data charges), either at Nike’s sole discretion or as otherwise required by applicable law.  Please contact your manager for more information.  

5. NIKE CONFIDENTIAL AND PROPRIETARY INFORMATION 

The user acknowledges that a Participating Device may provide access to proprietary or confidential information of Nike, its clients, suppliers, partners, consumers, or other third parties. The user must protect all Nike Material from unauthorized access or use and maintain the strict confidentiality of all Nike Material, and particularly such proprietary and confidential information, regardless of how accessed. 

The user will not permit any other person, including colleagues, family members and friends, to access Nike Systems or Material using the Participating Device. 

Subject to applicable law, users have no ownership rights in Nike Material accessible through their Participating Device. 

Without limiting Nike’s other rights, Nike may access any Nike Material stored on any Participating Device consistent with Nike polices and subject to any legal restrictions or requirements.  

6. USE OF DEVICES ON NIKE SYSTEMS 

a. Compliance with Other Nike Policies 

Use of a Participating Device on the Nike Systems or otherwise in connection with any Nike-related work or activities is also subject to other Nike policies and guidelines, including without limitation: 

The user agrees to comply with such policies and agreements at all times when accessing the Nike Network or Nike Materials. 

b. Authorized and Unauthorized Use 

The user is only authorized to conduct Nike business within spaces on the Participating Device that are managed by the Secure Access Method.  The user must not use the space on a Participating Device outside of the managed space (see above, Section 2.d) to conduct any Nike business or to access, use or store any Nike Material. 

The user must not engage in any prohibited, unlawful, improper, offensive or otherwise inappropriate communications, conduct, activities or behavior in Nike Systems using a Participating Device, or otherwise in connection with any Nike-related work or activities. 

The user is not permitted to back up any Nike Material outside of the managed space (including personal cloud storage). Users shall not synchronize their Participating Device with any other device in their home in a manner that would allow the transfer of Nike Material to that other device.  

7. REPORTING, MONITORING, AND OTHER PURPOSES 

a. Reporting Security Incidents 

Security Incident” means any event that potentially or actually allows another person to access any Nike Material through a Participating Device. This includes, but is not limited to: 

  • temporary misplacement or permanent loss of the device;
  • suspected or actual bypassing of access controls;
  • suspected or actual misuse of the device and Nike accounts;
  • suspected or actual infection of the device; or
  • suspected or actual use of the device by any other person. 

The user must immediately report any lost, stolen or damaged Participating Device or any Security Incident to the Nike Cyber Defense Center: NCDC@nike.com

b. Replaced, Lost, Stolen or Damaged Participating Device 

Before replacing a Participating Device, the user should remove all Nike Material from the device and uninstall or unenroll from the Secure Access Method (the Nike Global Service Desk at NikeNow or a local Tech Bar can assist with this as needed). If the user wishes to continue to participate in the BYOD Program, the user will be required to use a Secure Access Method as appropriate to their new device and the user authorizes Nike to remotely wipe any Nike Material from the old device when such action is enabled by the Secure Access Method. 

If a Participating Device is lost or stolen and the user has chosen to enable location service inside the Secure Access Method, at the user’s request Nike may remotely track its location to assist in attempting to recover the device.  

c. Remote Wipe of Information on Participating Device 

To the extent the Secure Access Method includes this capability, Nike may perform a remote wipe of any Nike Material in the managed space of any Participating Device that is lost, stolen or damaged, or when there is suspicion or threat of a Security Incident or other similar incident.  

Nike will not purposefully remotely wipe non-Nike Material on the Participating Device, unless requested by the user.  However, the user is hereby informed that because a remote wipe requires wiping part or all of the memory or storage of a Participating Device, personal or private content or information stored on a Participating Device may inadvertently be permanently damaged, erased or destroyed by operation of the remote wipe capability of the Secure Access Method.  Nike does not assume any liability for any damage, erasure or destruction of such content or information. 

d. Investigations 

The user agrees to cooperate with Nike as requested by Nike or its representatives or any legal, governmental, regulatory or quasi-regulatory authorities in the event of an internal or external investigation, examination, litigation, discovery request or other similar inquiry or process (an "Investigation"), including by preserving and providing access to the Nike Material stored on the Participating Device for forensic or other analysis. 

Where permissible under applicable law and where Nike has a reasonable basis to justify such a request, Nike may request and the user must present the Participating Device to confirm no confidential Nike Materials have been stored outside of the managed space of the device.  If Nike finds Nike Material outside of the managed space of the device, Nike will take appropriate and necessary actions to remove, retrieve, migrate or delete that information from the non-managed space. Nike will take reasonable steps to prevent accessing, copying or disclosing any user personal or private information stored in the non-managed space on the Participating Device.  Where a Participating Device must be retained for the reasons above, Nike shall return the device within a reasonable period of time.  

e. Participating Device Monitoring 

When a user decides to use a Participating Device to access Nike Systems and Nike Material, s/he understands that the managed space on that Participating Device is treated like any other Nike System, and monitored in compliance with Nike’s Acceptable Use Policy 

8. TECHNICAL SUPPORT 

Prior to taking a Participating Device to any service provider, vendor, technician or other person for support or updates, the user must first logout of the Secure Access Method to disable access to the Nike Networks and Nike Materials prior to service. Please contact the Nike Global Service Desk for any questions or concerns. 

The Nike Global Service Desk will provide limited support for a Participating Device. Support may be limited to installation, setup and support for the Secure Access Method or other Nike-provided software or applications (like Nike Tools), or taking action in response to a reported theft, loss, damage, replacement, or other potential or actual Security Beach. The Nike Global Service Desk will not provide general support for any Participating Device or assist with issues involving non-Nike applications. 

9. DE-REGISTRATION, TERMINATION AND BREACH OF THIS POLICY 

a. De-Registration and Termination 

If at any time a user would like to cease participating in the BYOD Program, that user can opt-out of the program by logging out of and, as appropriate, uninstalling the Secure Access Method.  Please contact the Nike Global Service Desk with any questions or concerns.  

When a user leaves Nike’s employ for any reason, the user will allow Nike to remove access to the Secure Access Method and remove any Nike Material from the Participating Device. Nike may retain copies of such Nike Materials as needed. Nike retains the right, at its sole discretion, to wipe all Nike Material from the Participating Device by remote and/or direct means.  As allowed by local law, the user may be asked to present their Participating Device to ensure and/or confirm that the device has been wiped of all Nike Material and that access through the Secure Access Method has been properly removed from the Participating Device such that the user’s access to Nike Systems has been fully revoked. 

b. Breach of this Policy 

The user agrees to immediately notify the Nike Legal Department if s/he has breached or is unable or unwilling to comply with any or all of the requirements of this Policy. Failure to comply with this Policy may result in disciplinary action, up to and including termination of employment. 

In the event Nike has reason to believe that a user may not be in compliance with all the requirements of this Policy, Nike may remove, limit, modify or suspend that user’s participation in the BYOD Program.  For example, actions that Nike might take could include: 

  • Notifying the user, management and human resources of the issue and providing remediation instructions;
  • Limiting a Participating Device’s access to certain applications and services;
  • Blocking a Participating Device’s access to all or some Nike Systems; and
  • Bringing a Participating Device into compliance by forcing (including remotely) installation of software, packages or settings on the device, which could result in loss or corruption of user personal data or information stored on the device. Nike does not assume any liability for any damage, erasure or destruction of such content or information. 

10. SHARING USER PERSONAL DATA 

Nike may disclose information collected from the Participating Device with the following recipients for the purposes set forth in this Policy: 

  • Nike IT Department,
  • Nike Global Investigations Department,
  • Nike Human Resources,
  • Nike legal department or outside counsel, and/or
  • third-party software vendor in connection with administering the software. 

Recipients of such information may be located elsewhere than the country where the user works. These disclosures will be made in compliance with applicable law (for example, disclosure may be made to entities that have signed standard contractual clauses approved by the European Commission, in order to ensure protection of personal data of users residing in the EU.) 

Except as provided above, such information will not be shared with anyone else outside of Nike unless required for law enforcement, legal proceedings, or otherwise by applicable law. 

11. PROTECTING YOUR PERSONAL INFORMATION

Any personal information Nike collects and processes in furtherance of this Policy will be processed and stored for the purposes and by the recipients described in this Policy and in compliance with Nike’s Employee Privacy Policy, to the extent such a policy is in effect in your location and is applicable to you as a company employee.

12. POLICY STATUS, CHANGES, AND UPDATES 

This BYOD Program and Policy does not form part of any employment contract with Nike. Nike may modify this Policy at any time and will inform the user of any material change by providing the user with access to the new Policy. A user’s continued use of a Participating Device under the BYOD Program after notification of the change will constitute the user’s acceptance of the change.  Nike may at any time revoke this Policy and discontinue permitting users to use their devices to access Nike Systems and Nike Material.

13. CONTACT 

If you have any questions regarding this Policy and how we handle your personal information in the context of Nike's BYOD Program or, where available, to exercise your data subject rights, please contact Nike's Human Resources department or Data Protection Officer at privacy.office@nike.com.

 

BY CONTINUING WITH THE REGISTRATION PROCESS, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS POLIOCY AND ACKNOWLEDGE AND AGREE THAT YOU HAVE READ AND UNDERSTOOD THIS POLICY AND AGREE TO COMPLY WITH THIS POLICY AT ALL TIMES. YOU FURTHER ACKNOWLEDGE AND AGREE THAT YOUR PARTICIPATION IN THE BYOD PROGRAM IS CONDITIONED UPON YOUR COMPLIANCE WITH THIS POLICY AT ALL TIMES.

TO THE EXTENT REQUIRED BY LAW, YOU EXPRESSLY AUTHORIZE ALL ACTIONS (INCLUDING WIPING OF NIKE MATERIALS FROM MY PARTICIPATING DEVICE AND POTENTIAL TRACKING THE LOCATION OF MY PARTICIPATING DEVICE) AS DESCRIBED IN THIS POLICY.

This Policy is current as of January 2019.

Locales *

User login