LogMeIn Resolve MDM is a tool for organizations and service providers to make device management simple and efficient. To fulfill this task, LogMeIn Resolve MDM needs permission to specific content on the device. By providing automatically collected and relevant information, LogMeIn Resolve MDM enables administrators to ensure that all the managed devices comply with the security standards and policies of the organization.

Primarily LogMeIn Resolve MDM collects data for identifying a device and providing accurate inventory data about it. The data collection focuses on the managed device's technical inventory information. For data security, LogMeIn Resolve MDM follows generally accepted industry standards to protect the information submitted to us.

Read more from our Privacy Policy on what data LogMeIn Resolve MDM collects about users, who is allowed to access the data, what we use it for, and how to contact our Privacy Officer in case of any further questions.

Sometimes device users are worried about whether somebody can access their contacts, call details, messages, files, or photos through LogMeIn Resolve MDM. This is not possible for anyone.

Concerns might come up when the user needs to grant the management tool permissions that are not self-explanatory. Often permissions are handled as bundles and to access some individual tool or data, granting permission to the entire permission group at the same time. How the access permissions are requested, depends on the device platform. In some cases, device enrollment to LogMeIn Resolve MDM might be suspended if the requested permission is lacking.

The following step lists the requested permissions for Android device management. You can find out why LogMeIn Resolve MDM needs certain permissions and what can or can't be done with them. These principles apply to all device platforms.

Camera

LogMeIn Resolve MDM needs camera permissions for collecting inventory information about the device's camera, including megapixels, flash, and focal length.

If you deny this permission group, the inventory data about the camera cannot be automatically gathered.

LogMeIn Resolve MDM can't be used to take pictures or videos with the camera of the managed device.

Contacts

LogMeIn Resolve MDM needs permission to contacts for writing contact information to the devices' contact lists.

If you deny this permission group, deploying the contact information to managed devices remotely with LogMeIn Resolve MDM can't be done.

LogMeIn Resolve MDM can't read any contact information from the managed devices.

Files and photos

LogMeIn Resolve MDM needs access to the file system for:

• Writing a log file, which is useful in troubleshooting technical issues.
• Enabling the IT admin to deploy files or applications remotely with LogMeIn Resolve MDM to the devices.

Denying this permission group is not recommended because many of the essential device management features require this permission.

LogMeIn Resolve MDM can't be used to access personal files or photos located on managed devices.

Location

This is a feature for improving device security and, for example, a tool to find lost phones. Location data allows administrators to track the location of devices on a map. With permission, the Miradore client can also collect inventory data, including the mobile cell ID and a list of configured WiFi networks.

During the initial device enrollment, LogMeIn Resolve MDM gets permission to the device's location but location data is never collected by default. LogMeIn Resolve MDM administrators can choose to collect location data by enabling the location tracking feature on a device.

Notification in devices with Android 10 and above

The device users of Android 10 (and above) may see a notification saying: Miradore client got your location in the background. This is due to the renewal of Google's permission policy with Android 10, and the notification is shown even when LogMeIn Resolve MDM's location tracking feature is off. The device user can't change the location permissions if the device is managed with LogMeIn Resolve MDM.

Phone calls

LogMeIn Resolve MDM needs the phone call permissions for reading the device's IMEI code and phone number, which are used to identify the device and the inserted SIM card.

Denying this permission is not recommended, because it is required for reliable identification of devices.

LogMeIn Resolve MDM can't be used to make phone calls with managed devices: additionally, it does not collect any information about phone calls made with the managed device.

Text messages

LogMeIn Resolve MDM must access text messages to pass the device's SMS enrollment information.

If you deny this permission, the device enrollment with SMS won't work.

LogMeIn Resolve MDM doesn't read the contents of text messages in managed devices and does not send any text messages from managed devices.