We use booking anonymization and privacy settings to protect personal data.
With Flexopus, personal data can be anonymized and protected in various ways. You can also find out where the Flexopus data is hosted .
Booking anonymization
With Flexopus you determine whether and after what period of time personal data is removed from the system. However, booking details such as the start and end time of a booking are retained for utilization evaluations. However, these can no longer be traced back to a specific user. In this way, you can keep track of the utilization of the available resources in order to optimise your sharing concept and at the same time protect your employees' sensitive data. The anonymization of personal data is of course irreversible. According to GDPR, we recommend deleting the data after 14 days. This is due to the chains of infection tracking and enables you to trace it easier in the event of an infection.
NOTE: Flexopus also collect log data about user activities like (reservations, edit and delete operations or failed log in attempts). The log data regarding the reservation will also be anonymized through this setting, so the reservations can not be tracked in this way.
Privacy for users
With Flexopus personal data can be completely hidden. This means that users cannot see any information about each other. The profiles are hidden, the bookings do not show their names and users cannot be found using the search function. Depending on the wishes of your company, the following options for the privacy settings of your employees can be used and changed again if necessary (You can find these settings in the admin area at "Settings" > "Data Privacy Settings" > "Data Privacy and Anonymization"):
- You disable the feature. This allows your employees to see the booking data of their colleagues, for example to book a seat next to a specific colleague or to see when a specific colleague is present in the office.
- You activate the function globally. This means that no user can see booking information about colleagues. All data is displayed anonymously.
- You activate the function and leave the privacy settings to your employees. In this way, everyone can set themselves whether their own booking information is visible or hidden for colleagues.
. - Let users decide (default: hide)
As with option 3, users can decide on their personal data themselves. If the user does not change this setting, his/her personal data will be hidden.
.
The following setting options can be found in the admin area under "Settings" > "Data Privacy settings". Then scroll to the relevant section, recognisable by the bold headings:
Access to mobile applications
Determine whether access authorisation for users via mobile applications is activated or deactivated. If this option is disabled, users will receive an error message when trying to log in to Flexopus via mobile apps. Please note that this setting does not affect whether users can install the Progressive Web App (PWA) or use Flexopus via their mobile browsers.
Close session on exit
Use this feature to automatically close the session when the browser is closed.
Session validity
The maximum duration of a session is 1 week (24 hours a day, 7 days a week, 168 hours in total). Note that session times may be extended after each request. This limit is for information security purposes.
Archived users
If this option is activated, archived users will be automatically anonymized and permanently deleted unless they are reactivated within a specified number of days. We recommend permanent deletion of archived users between 7 and 14 days.
NOTE: Activating this function automatically removes all archived users. This also affects users who have been automatically deactivated by external services, such as SCIM. Setting an appropriate grace period, which specifies the number of days before final deletion, provides a protection period to avoid accidental deletions.
Privacy policy
You can either use our privacy policy in the global settings (use at your own risk, we are not allowed to give legal advice), which is generated automatically, or upload your own document. You can also decide whether you want to require a confirmation of consent from each user and document this.
You also have the option to provide additional information about your legal basis and whether your processed data will be transferred to countries outside the EU.
Data Protection Officer
In the administration area, you have the option to enter the contact details of your data protection officer(s). Another option is to enter the information of a company that takes care of your data protection requirements.
R0003