!ALLOcloud GDPR data sets
Personal data sets stored on ALLOcloud Service platforms
The following tables describe the personal data sets held by ALLOcloud on its platforms, how it is collected, for what reason and how long the data is kept. Please note that we do not share this data with any third-party apart from the Partner with whom the End-User Organization has the commercial relationship.
-
Business Telephony
Glossary
-
Provider: ALLOcloud (commercial name of OpenS BE0821.802.905)
-
Service(s): service(s) offered by the Provider
-
Platform: the IT infrastructure and software that delivers the Service(s)
-
Partner: an organization that resells or manages Services and with whom the End-User Organization has a contract with
-
EUO (End-User Organization): an organization that uses the Services
-
Admin: a person that administrates the account of the EUO. This person can belong to the Provider, Partner or EUO
-
User: a person that uses our services
|
Data set |
Collected by |
What for? |
How long |
|
EUO name and postal address (*) |
Admin |
Invoicing |
Duration of the contract + 6 months |
|
Company phone directories |
Admin/User |
Facilitate outgoing calls and identify incoming callers |
Duration of the contract |
|
User address |
Idem |
Communicate to emergency services in case of emergency call. If empty, company postal address is used |
As long as the User existes on the platform |
|
User first and last name
|
Idem |
Send voice-mails, virtual faxes and various information |
Idem |
|
User desired language |
Idem |
Defines portal and phone language. Allows to communicate in the correct language |
Idem |
|
User email address |
Idem |
Send voice-mails, virtual faxes and various information |
Idem |
|
User mobile phone number |
Idem |
Redirection of calls to mobile phone. Notifications |
Idem |
|
User personal directory (**) |
User |
Facilitate outgoing calls and identify incoming callers |
Idem |
|
Voicemails (.wav) (**) |
Caller |
Voice messaging |
By default, immediately sent via email and not stored |
|
Incoming faxes (.pdf) (**) |
Sender |
Faxing |
Idem |
|
Outgoing faxes (.pdf) (**) |
Sender |
Faxing |
Deleted immediately after sending |
|
Call recording (**) |
User/Admin. Responsibility belongs to User/Admin |
Recording |
Deletion belongs to User/Admin. Automatically deleted at contract end |
|
Call history (CDRs) |
The Platform itself, without any human intervention |
Invoicing, reporting and fraud detection |
Duration of the contract + 6 months. Furthermore, we plan to add a mechanism that anonymizes old CDRs (3 last digits replaced by XXX) |
*= mandatory information
**=not accessible to Provider staff
-
SIP Trunking
|
Data set |
Collected by |
What for? |
How long |
|
EUO name and postal address (*) |
Admin |
Invoicing |
Duration of the contract + 6 months |
|
Call history |
The platform itself, without any human intervention |
Invoicing, reporting and fraud detection |
Duration of the contract + 6 months. Furthermore, we plan to add a mechanism that anonymizes old CDRs (3 last digits replaced by XXX) |
*= mandatory information
-
Web Meeting
Glossary
Further to the above definitions, this service adds additional roles:
-
Meeting organizer: Person with login credentials, authorized to schedule meetings.
-
Participant: Person attending a meeting.
Meeting organizer data
This personal data is stored for as long as the account is paid for. Once the account becomes inactive (not paid anymore) the data is retained for 360 days in case the user decides to re-activate the account. After that, the data (including “Meeting Data”) is completely removed from the system.
The system only stores the most current values of these data sets.
|
Data set |
Required? |
What for? |
|
Freely selectable account name |
Yes |
To identify an account by a name. Only applicable if the meeting organizer is also the account admin. |
|
Company name |
No |
Only for billing purposes, will appear on invoices |
|
First and last name of the meeting organizer |
Yes |
The name of the meeting organizer is shown in the meeting invitation that this meeting organizer sends through the system |
|
Email address |
Yes |
The email address is used as the login user name. It also acts as a reply-to address for meeting invitations and summaries, etc., sent by that user |
|
Preferred language of the user interface |
Yes |
The preferred language is stored to display the user interface in that language. It is also used to identify the language used in meeting invitations and summaries. |
|
Address book (List of email addresses) (**) |
Yes |
Every email address used to send a meeting invitation is stored in the users address book. The address book is used for the “forward typing” feature when scheduling a meeting. Each email address can be deleted by the session organizer at any time. The email addresses in this address book are not used for any other purpose. |
|
Documents (**) |
No |
Documents uploaded by the meeting organizer. Can at any time be irrevocably deleted by the meeting organizer. |
|
List of all planned and future meetings (**) |
Yes |
To allow access to the meeting room. For details, see “Meeting data”. Can at any time be irrevocably deleted by the meeting organizer. |
*= mandatory information
**=not accessible to Provider staff or Partners
Data of participant
The data is stored for as long as the “Meeting Data” is stored in the system, see below.
|
Data set |
Required? |
What for? |
|
Name (**) |
Yes |
The name will be visible to all other meeting participants of this meeting. It will also appear in the chat history next to any chat message that was sent. The name will also appear in the “Connection Statistics” |
|
Email address (**) |
No |
To send the meeting summary at the end of the meeting |
**=not accessible to Provider staff or Partners
If a participant participates in several meetings, no connection is made between the different meeting sessions. We do not track meeting participants across multiple meetings.
Meeting data
During the session all data filled in by participants (chat messages, uploaded documents, etc.) are stored. The meeting organizer has access to all these data, except the private notes of other participants in the “Past Meetings” section of the administration control panel. The meeting organizer can delete meetings and all related data at any time. The system does not automatically delete past meeting data expect when configured accordingly.
After the meeting, if configured, the meeting data is automatically sent by email to all participants as a meeting summary.
|
Data set |
Required? |
What for? |
|
Topic of the meeting (**) |
Yes |
Required for the meeting invitation and summary as well as to identify meetings in the list of upcoming and past meetings |
|
Meeting agenda (**) |
No |
The agenda of the meeting. |
|
Invited persons: list of email addresses (**) |
No |
The list of participants is required to send meeting invitations and invitation updates. |
|
Documents and files (**) |
No |
Before and during the meeting the organizer and the participants can upload documents to be shared among all other participants. The system sends out a meeting summary with all the documents after the meeting to all meeting participants that have provided their email address. |
|
Whiteboard drawings (**) |
No |
Users can draw on the white board. These drawings are shared among all other participants. The system sends out a meeting summary with all the drawings after the meeting to all meeting participants that have provided their email address. |
|
Chat messages (**) |
No |
Users can chat in a group chat or individually between participants. The system sends out a meeting summary with the group chat after the meeting to all meeting participants that have provided their email address. |
|
Meeting minutes (**) |
No |
Users can write the meeting minutes during the meeting. The minutes are shared among all participants during the meeting. The system sends out a meeting summary with the meeting minutes after the meeting to all meeting participants that have provided their email address. |
|
Private notes (**) |
No |
The user can take private notes during the meeting. The system sends out a meeting summary including these private notes to the author of the notes, given that the author has provided an email address. |
**=not accessible to Provider staff or Partners
-
All services
Connection statistics
The system collects connection statistics. These connection statistics are stored exclusively for technical support purposes and are automatically deleted after maximum 180 days.
-
Operating system (name, version)
-
Browser (vendor, type, version)
-
Effectively used bandwidth and network statistics (round trip time, jitter, packet loss)
-
Call quality
-
Connection errors
System logs
System and server logs are used exclusively for technical problem analysis and troubleshooting. The logs are deleted after maximum 180 days.
Cookies, Analytics and Data Analysis
Cookies are used solely for system-related purposes (login, user settings, etc.). There is no analytics tool installed like Google Analytics configured out of the box. No trackers or files from other websites are included.
Data Subject Rights
On the above listed data sets, users have the below rights. Most of these rights can be fulfilled directly on the portals, in self-service mode. If they can’t, the user is required to contact their account administrator (EUO, Partner or Provider).
• The right to have incomplete or inaccurate data about them corrected or completed
• The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us
• The right to lodge a complaint or seek judicial remedy through their national Data Protection Bodies and Courts