Privacy Policy

Introduction

Office Cloud Services takes data privacy seriously. This privacy policy explains who we are, how we collect, share and use personal information, and how you can exercise your privacy rights. We recommend that you read this privacy policy in full regularly to ensure you are fully informed. If you have any questions or concerns about our use of your personal information, then please contact us using the contact details provided at the end of this page.

Basic Information

About us

Office Cloud Services is a service built to store email data automatically in your Office365 SharePoint. It is operated by CRG Products & Services GmbH . We are located in Germany.

Key Terms

In this privacy policy, these terms have the following meanings:

"We and us" is refering to the staff of CRG Products & Services GmbH .

"SharePoint" is a short form for your Microsoft Office 365 SharePoint Online, which is a separate service and the plattform our service works on and for.

"Customer" refers to you or your coworkers, since your account is tenant-based.

"Configuration" is a setting, the customer created to provide information to us, which email should be stored at which SharePoint list.

"App" refers to the managing interface we provide to the customer.

Privacy for customers

This privacy policy applies to the personal information we collect and process from a customer through the provision of our services.

This privacy policy only applies to the usage of the app and is not refering to the usage of crgis.com or office-cloud-services.com .

Information we collect

The personal information that we may collect broadly falls into the following categories:

Information you provide to us

In the course of engaging with our Services, you may provide Personal Information about you. Personal information is provided during the sign up process and during the usage of the apps interface. Additionally, if you contact us, the information will be stored during the answering process and might be kept as reminders.

Our service is hosted via Microsoft Azure. During the usage of our service, your data will be processed on servers of Microsoft Azure.

The collected data consists of:
  • Your name
  • Your email address
  • Your SharePoint-Tenant-ID
As far as you subscribe to a paid plan, we additionally store:
  • Your companies name
  • Your companies address
  • Your companies VAT-number
  • Your or your companies credit-card information (which is not present at our servers but available for stripe

We do not provide or sell your information for any purposes.

Due to tax and accounting issues, for paid subscriptions we need to provide your information to third party services such as stripe , lexoffice .

Information we collect automatically

During the storage process of your emails, we collect

  • The senders name
  • The email subject
  • And the time the mail was sent.

Additionally we store logging information to handle errors or support you in cases of requests. This automatic logging data is available to us for 30 days, and will be deleted automatically and fully after 90 days.

Further, we track the usage and requests to our service automatically for maintenance and support issues. This information contains:

  • The visited site
  • The corresponding visiting time
  • Amount of send bytes
  • Request headers
  • Your used browser
  • Your used operation system
  • Your IP-Address in an anonymized way (not trackable)

We do not provide or sell any of this information to third parties. Nevertheless, since our service is hosted on Microsoft Azure, your data is processed on the servers of Microsoft Azure.

Usage of personal information

We may use the personal information we collect through the services or other sources for a range of reasons, including:

  • To fulfill our service.
  • To send you system alerts and messages. Those messages are sent by email via the service of Mandrill .
  • To bill and collect money owed to us by you.
  • To communicate with you about your account and provide customer support.
  • To enforce compliance with our Terms of Use and applicable law, and to protect the rights and safety of our Members and third parties, as well as our own. This may include developing tools and algorithms that help us prevent violations.
  • To meet legal requirements.
  • To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
  • To prosecute and defend a court, arbitration, or similar legal proceeding.
  • To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  • To provide, support and improve the Services. For example, this may include sharing your or your Contacts’ information with third parties in order to provide and support our Services or to make certain features of the Services available to you.
  • Other purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.

Data Protection Rights

The customers may have the following data protection rights:

You may request which personal data of you is stored at our service without any charge. Additionally you may request to update your data properly. Further, you may request us to hand out the stored data in a machine-readable way. Finally you may request us to delete your personal data.

As long as your request to delete your data does not conflict any of the German or European lwas of storage, we will have to delete your data. As long as the data is not needed for fulfilling our service, and storage laws do not aply, we will delete your data. As far as it might not be possible to delete your data, we will decrease the usage of your data and inform you about that. Your data will be locked and not be used for any other as the prohibiting causes.

Users of this service may deny the usage of their personal data at any time.

Please contact datenschutz@crgis.com if you want your data to be changed, deleted or exported.

Retention of Data

We retain personal information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we'll refer to these criteria in order to determine retention period:

  • Whether we have a legal or contractual need to retain the data.
  • Whether the data is necessary to provide our services.
  • Whether our customers have the ability to access and delete the data within their accounts.
  • Whether our customers would reasonably expect that we would retain the data until they remove it or until their accounts are closed or terminated.
  • When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Our Security

We are very concerned about IT security. We take appropriate and reasonable technical and organizational measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal information.

International transfers

We are located in Germany. We use Microsoft Azure at the middle european location.

Changes to this policy

We may change this privacy policy at any time and from time to time. The most recent version of the privacy policy is reflected by the version date located at the top of this privacy policy. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this privacy policy or other notice on the Websites. We encourage you to review this privacy policy often to stay informed of changes that may affect you. Our electronically or otherwise properly stored copies of this privacy policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this privacy policy that was in effect on each respective date you visited the Website.

Questions and concerns

Please contact datenschutz@crgis.com in case of any questions and concerns about you privay or personal information.