The present document is aimed to provide Clients with specific details about Data Protection for Condeco Connect application. The document contains only information related to the Connect product.
Connect uses data (including Personal Data) stored by Microsoft Outlook to manage room bookings. Condeco Connect also collects and stores some room booking information over a limited time period of several weeks for use by Connect Room Finder Outlook Add-in to check room availability.
Condeco Connect collects and stores users’ credentials to access the system in the public cloud provided by MS Azure. Condeco acts as Data Processor of such data.
In particular, Connect processes data of Client’s authorised user, as follows:
Connect also processes data of Client’s room bookings as follows:
All personal data is stored inside the MS Azure datacentres. Every Client has a separate DB and data cannot be accessed by other customers. For security reason, data is replicated inside a MS Azure secondary site (DR site). Both sites are inside the EU (or EEA area) and data is never transferred outside of the EEA area.
As stated above, personal data is never transferred outside the EEA area. In case the Client should require a data transfer (for business reasons) such transfer must be required to Condeco in a written form. After Client’s authorisation, Condeco will proceed to the transfer according to one of the criteria established by the GDPR regulation, upon the signature of an official Data Transfer Agreement (DTA).
We may use your personal information for the following purposes.
We may disclose your data to a restricted number of Condeco employees only if it is strictly necessary for the delivery of the service. In particular, only authorised personnel belonging to Condeco SaaS Global Support Team may access Client data.
The Connect Cloud portal is a multi-tenanted application hosted in the cloud using Microsoft’s Azure hosting service. Leverages the same Azure-cloud components that underpin Skype and Bing. The Microsoft Azure platform guarantees excellent security standards of our customer data.
Being multi-tenanted, all Connect customers reside within one instance of the Connect Cloud software, but their data is fully segregated. There is no booking information or Microsoft Exchange or Google account information stored in the Connect Cloud application.
Additional security features of Condeco’s MS Azure PaaS solution are as follows:
Finally, Condeco has two international certifications in place:
Connect is inside the certified scope. More than 100 controls are in place to protect Client’s data.
For a complete view of our security countermeasures, please consult the “Information Security Kit”.