CB Exchange Server Sync Privacy Policy
Connecting Software SaaS
Personal Information
Connecting Software s.r.o. & Co. K.G. limits the personally identifiable information that is used and kept
Action |
Personal Data Collected |
Reason for data collection |
How long data is kept for |
Basis of Processing |
Request remote support |
Screen recordings of the support session
Email correspondence
|
Providing technical support |
Automatically deleted after 90 days |
Contract |
Use the Connecting Software SaaS |
Name
Email address
Platform usage and metrics data
|
Providing account management services
|
Until no longer needed or requested to be deleted
|
For customers -
For non-customers - |
We DO: C.B. Exchange Server Sync reads, creates, modifies, and deletes mailbox items; it also stores metadata information about items and folders for synchronization and caching purposes. We store the Subject and Body of the deleted items for audit purposes. In addition, our service stores log entries created during execution, collects errors and other debug data, and stores the identification of the target systems.
We DO NOT: C.B. Exchange Server Sync does not store whole items. We never analyze any business data or access any data that is not strictly necessary for the application’s functionality.
Cookies
We use cookies to enable specific application features and to compile aggregate data about application navigation. We do not collect personally identifiable information. If you turn cookies off, some features will be disabled, and we cannot guarantee you the full functionality of our application.
Disclosure to Third-Party Entities
We may use trusted third-party services to track aggregate data about application navigation on our behalf.
We do not sell or trade, or otherwise transfer to outside parties any personally identifiable information.
Disclosure to Related Entities
We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries or other companies that we control or that are under common control with us.
Location of Servers
Our service runs on the highly secure infrastructure platform provided by Microsoft Azure. You have the choice to setup a configuration where data residence is deployed in the east U.S. datacenter or Western EU. Microsoft’s Privacy Statement is available here.
EU-U.S. Data Privacy Framework
Connecting Software complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce. Connecting Software has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF, Connecting Software commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF.
In compliance with the EU-U.S. DPF, Connecting Software commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF should first contact Connecting Software at:
office@connecting-software.com
In compliance with the EU-U.S. DPF, Connecting Software commits to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF.
The Federal Trade Commission has jurisdiction over Connecting Software’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Both Connecting Software s.r.o. & Co. KG (Austrian entity) and Connecting Software Inc. (U.S. entity) adhere to the aforementioned DPF principles.
Binding Arbitration
Individuals have the option, under certain conditions, to invoke binding arbitration for complaints regarding our privacy policy that have not been resolved by other means. Your organization is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to Connecting Software and following the procedures and subject to the conditions set forth in Annex I of the DPF Principles.
Liability for Onward Transfers
Connecting Software takes responsibility for the processing of personal data it receives and subsequently transfers to a third party acting as an agent on its behalf. We comply with the EU-U.S. DPF Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions. In cases of onward transfer of data to third parties, Connecting Software is liable for ensuring that the third parties process personal data in a manner consistent with our obligations under the EU-U.S. DPF Principles.
Your Access to Personal Data
You may request a copy of personal information held about you. You may also request to see any personal data we hold on you, rectify it, or have it deleted. Please contact us through the Data Controller Contact Information below or fill out the form online here.
Security and Encryption
For communication with the target systems, we always use the target systems’ secure authentication and encryption methods. We rely on the security provided by the target systems API. Necessary communication is performed via Web service technology and secured with an SSL certificate.
The credentials to the target systems are stored in an Azure database. Additionally, passwords are encrypted according to the AES (Advanced Encryption Standard) specifications.
Fair Information Practices
In order to be in line with Fair Information Practices, should a data breach occur, we would notify the users via an in-application notification within seven business days.
Policy for children
We do not knowingly solicit information from or market to children under the age of 13. If you become aware of any data we have collected from children under age 13, please contact us using the contact information provided below.
Data Controller Contact Information
If you wish to exercise any of the privacy rights that apply to you, or if you have a concern about the way in which we handle any specific privacy matter, you can reach out to us
Connecting Software s.r.o. & Co. KG
Gumpendorfer Straße 19
1060 Vienna
Phone: +43 (1) 3707200
office@connecting-software.com
Last Updated
2024.06.07