The explosion of teleworking and hybrid working has led to the widespread use of video conferencing solutions in organisations. Tools that involve the processing of a multitude of personal data of your company’s employees.
Protect your employees and your business
Deploying a videoconferencing solution within your organisation involves processing the personal data of all your employees. This data is of various kinds and includes information about your employees but also about your activity.
Thus, depending on the request, the names, first names, or user IDs and passwords are personal data that can be collected, just like the titles of meetings, their dates or the list of participants.
In most organisations, especially those in sensitive sectors, this data must remain strictly confidential. It is therefore imperative to have a clear view on how personal data is handled.
5 essential questions to ask yourself
1/ Who processes my data?
The data controller determines the purposes and means of processing personal data. The personal data processor processes personal data on behalf of the data controller.
Depending on the use of its services, TIXEO is either a data controller or a data processor on behalf of its Cloud customers.
2/ Why are they used?
These are the purposes set by the controller that justify the use of personal data.
For example, Tixeo processes personal data during a videoconference meeting to generate a meeting history, which is necessary for its client, and to allow to find the participants who attended a meeting.
3/ Where are they housed?
This is a key issue as the hosting of personal data is a key factor in determining the level of protection.
Indeed, within the European Union, the GDPR excludes any possibility of hosting personal data abroad or transferring data to a third country, without a contractual agreement in advance.
Outside the European Union, regulations are much more flexible. In the US, the Cloud Act, a series of extraterritorial laws, allows authorities to force publishers located in the US to provide electronic communication data, whether stored on US or foreign servers.
Tixeo hosts all its data in France, with OVH, a French company and European leader in the cloud.
4/ How long is it kept?
Processed data may be kept for a limited period of time. This must be clearly specified.
5/ What personal data protection measures are implemented?
The GDPR compliance of a videoconferencing solution is a first guarantee of security.
Tixeo goes further by taking a number of precautions to maximize data security. Among them, the encryption of the hard disks of the staff’s workstations handling personal data or the verification of the subcontractors’ compliance with article 28 of the GDPR.
Indeed, security is part of Tixeo’s DNA: its European video conferencing solution is the most secure on the market and is certified and qualified by the ANSSI.
Discover how Tixeo handles your personal data
In its GDPR guide, Tixeo explains in full transparency its personal data protection policy.
In one click, select your user profile and discover all the information about how Tixeo, a 100% GDPR compliant video conferencing solution, handles your personal data.