Results 1 to 6 of 6

Thread: Privacy Statement

  1. #1
    Member
    Join Date
    Jan 2013
    Posts
    84

    Privacy Statement

    Looking for a DO Privacy Statement I could found only the "End User License Agreement".
    Considering Privacy and the new European General Data Protection Regulation (GDPR) this is not enough. Maybe any statements are not necessary cause there is no personal data transfer. But this should be mentioned somewhere!
    Samsung Galaxy Note IV, Android 6.01, Outlook 2010 German, Windows 7,WiFi sync

  2. #2
    Senior Member DJOCTO's Avatar
    Join Date
    Apr 2010
    Posts
    2,222
    Caught!

    It should be posted shortly. I think we're all covered. We are acting as a GPDR processor...

    New Terms of Service, Privacy and GPDR so 20 pages to replace the previous 2 pages. Sweet.

  3. #3
    Member
    Join Date
    Jan 2013
    Posts
    84
    Hope that our privacy is not such a new thing to you.
    But I'm surprised myself that I didn't detected the lack of your privacy statement. By professional reasons I shouldn't never use such a service.
    Samsung Galaxy Note IV, Android 6.01, Outlook 2010 German, Windows 7,WiFi sync

  4. #4
    Senior Member
    Join Date
    Oct 2011
    Posts
    437
    I think that GDPR has been an excuse for the legal eagles (vultures??) to make some money. I am sure that some of them have made it more complicated than necessary.
    Cecil

    Motorola Moto G5 Android 8.1.0
    DJO 4.4.11 (1091) Companionlink 7 (7046)
    ACT 16
    USB Sync
    Syncs to Android Contacts App only

    Lenovo Tab 4 8
    DJO 4.4.11(1091)
    WiFiSync
    Syncs to Android Contacts App only

  5. #5
    Senior Member DJOCTO's Avatar
    Join Date
    Apr 2010
    Posts
    2,222
    halweg, we've always had a privacy statement. So this is not new to 2018. It's been on the CompanionLink website.

    As of yesterday (May 25th) we have updated Terms of Service, Privacy and DPA (GDPR).

    We have made some important changes to increase security. We have reduced the number of avenues to our data server. It was already locked down, but now it is more strictly locked down. At this point, only 3 people have access to the data, and they access is limited to a small number of IP addresses. This means that I can no longer assist when I travel since I must be in our home location to see the database. We have recently implemented new standards for our tech team when they collect logs. Finally, we have validated that the maximum live span of data in DejaCloud is about 8 months. That is; if you do not log in for six months, your data hits our normal cleanup procedure. Our backups are a two month cycle (weekly and archival) so the final backup is rolled 60 days after, so a total of 8 months from your last login, your sync data out of our system. This is an automated system. We keep customer and sales data longer, but we respect people's right to be removed and/or forgotten.

    As far as I can see, GDPR mostly impacts business who rely on free services. They collect data and resell it, so their revenue model is based on the hidden value of the data. CompanionLink charges for software and services, and has a business relationship with our customers. You know when you are charged, because you entered it on the screen and see it on your bill. We do not resell any of our customer lists.

    In any case, we have updated our policies and I think we're good to go. More importantly, I think we are in compliance with GDPR to continue to serve our EU based customers, based on the agreements we have posted.

    http://www.dejaoffice.com/terms.html
    https://www.companionlink.com/terms.html
    https://www.companionlink.com/aboutus/privacy.html
    https://www.companionlink.com/aboutus/gpdr.html

  6. #6
    Member
    Join Date
    Jan 2013
    Posts
    84
    Thanks for information. Good to know that privacy statements are not new to you.
    Finally your service and software should be more promoted by privacy.

    But the fact that most of free software uses my data for sure doesn't mean to me that payed software will not.

    Considering the wording of your privacy statement I'd prefer to have more clear statements in some places. So why you write "CL does not sell the above data to other companies" and not "CL does not give the above data to third parties". Legal requirements as well as service providers should be be mentioned as exception.
    Moreover you do not declare that local synchronized PIM-data will not be transferred outside my local network. Instead there's some "Using USB, Wi-Fi and Bluetooth sync involves data stored on our server."
    For me this reads like "Deja Cloud PIM data (covered by the sentence above) is a little bit more private than all local PIM data."
    If local sync is really local this should be mentioned explicitly. It's a key feature of your software that should leave no doubt.

    Greetings, Halweg

    @Cecil: For us in Europe the GDPR makes it much easier cause one declaration, one audit covers all Europe. In Germany many data protection authorities in past started there own proofs even when the products was reviewed outside Germany. Now they don't have the right to do that in such cases.
    Samsung Galaxy Note IV, Android 6.01, Outlook 2010 German, Windows 7,WiFi sync

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •