Introduction

The present document is aimed to provide Clients with specific details about Data Protection for the Condeco Enterprise application. The document contains only information related to the Condeco Enterprise product.

For general information about Data Protection at Condeco, please see our privacy policy.

What information do we collect?

Condeco Enterprise processes and stores data (including Personal Data) used to manage room bookings, desk bookings and visitors.

In particular, that data of a Client’s authorised user, as follows:

• name
• surname
• telephone
• email
• mobile phone
• work phone
• PINs (chair, user, screen)
• Outlook delegates
• business category
• department
• location

Condeco Enterprise processes and stores the data of a Client’s location as follows:

• room or desk name
• room or desk location

Condeco Enterprise processes and stores the data of a Client’s booking as follows:

• meeting start date and time
• meeting end date and time
• meeting title
• meeting type
• attendee information (including visitor information)
• services
• cost code
• notes

Where information is stored?

All personal data is stored inside the MS Azure datacentres. Every Client has a separate DB and data cannot be accessed by other customers. For security reason, data is replicated inside a MS Azure secondary site (DR site). Both sites are inside the EU (or EEA area) and data is never transferred outside of the EEA area.

Is Personal Data transferred outside the EEA Area?

As stated above, personal data is never transferred outside the EEA area. In case the Client should require a data transfer (for business reasons) such transfer must be required to Condeco in a written form. After Client’s authorisation, Condeco will proceed to the transfer according to one of the criteria established by the GDPR regulation, upon the signature of an official Data Transfer Agreement (DTA).

Using your personal information

We may use your personal information for the following purposes.

• To enable your use of the services available with Condeco Enterprise.
• To enable your use of the room booking services available with Condeco Room Finder.
• To deal with enquiries, support queries and complaints made by or about you relating to Enterprise or Condeco Room Finder.

Disclosures

We may disclose your data to a restricted number of Condeco employees only if it is strictly necessary for the delivery of the service. In particular, only authorised personnel belonging to Condeco SaaS Global Support Team may access Client data.

Security of your personal information

Enterprise Cloud application is a single-tenanted application hosted in the cloud using Microsoft’s Azure. It leverages the same Azure-cloud components that underpin Skype and Bing. The Microsoft Azure platform guarantees excellent security standards of our customer data.

Being single-tenanted, all Enterprise customers’ data is fully segregated into separate Azure SQL databases.

Additional security features of Condeco’s MS Azure PaaS solution are as follows:

• Auto scaling: additional resources may be instantly added at peak times
• Point in time restore: transaction log backups occur every 10 minutes
• Faster network: MS Azure is underpinned by one of the largest multi-terabit global networks
• Advanced alerts: live monitoring
• Auto updates: always the latest fixes and features
• Increased reliability
• Geo replication
• Threat detection
• Latest security updates
• Secure datacentres
• Compliance: compliance with standard and regulations

Finally, Condeco has two international certifications in place:

• ISO 27001:2013
• CSA STAR (gold level)

Connect is inside the certified scope. More than 100 controls are in place to protect Client’s data.
For a complete view of our security countermeasures, please consult the “Information Security Kit”.