How OneOffice respects and enforces GDPR compliance
PII or Personally Identifiable Information relates to data that identifies or contains personal information related to the user.
This can be:
We use server-side Cookies for authentication. It is considered the most secure browser-based session-management today.
Our mobile apps also use session-based headers, similar to Cookies in their use.
OneOffice only stores cookies needed for it to work properly. All cookies come from OneOffice servers directly.
No third-party cookies will be sent to your system. Ever! We host all services that you use with us (Document Editor, Whiteboard, Video calls etc.) That's why we are so secure ... we are monolithic.
Under GDPR legislation, only cookies which contain PII are relevant.
Below is the table of cookies we use, no personal data is stored in any of them.
|Session cookie||Session ID, Secret Token (used to decrypt the session on the server)||24 minutes|
|Same-site cookies||Application settings (not user-related)||Forever|
|Remember-me cookie||User ID, Original Session ID, Remember Token||15 days -- configurable|
We strongly recommend you inform your employees that company-related tools are for work only.
Now, we are all guilty of communicating with families and friends from work emails, either inadvertently or as a matter of habbit.
We should be conscious that we waive any right to privacy when we use company tools for personal reasons.
Therefore, User GDPR rights, such as the right to be forgotten (i.e. forcing the company to wipe out all our data) is waived. How can a company function whent its data is under constant threat of being wiped out by a disgruntled employee.
While we do offer learning tools for K12 (i.e. ClassroomAPP), our main offering of OneOffice Productivity was not made for children.
If you have employees under the age of legal consent, typically less than 18 years of age (some countries allow 16+ to participate in the workforce), please ensure their legal guardians have signed rights waivers on their behalf.
Don't miss this step if you have internships, summer student programs and the like. Make sure your legal department is on top of it.