The descriptions apply to all Cryptshare Products. If the information differs in detail for any Cryptshare add-on products this will be pointed out explicitly.
Add-on Products include the following list of products:
- Cryptshare for Outlook
- Cryptshare for Notes
- Cryptshare Robot
- Cryptshare Java API
- Cryptshare .NET API
What personal data is processed in Cryptshare?
In order to inform recipients of a transfer the name, phone number and e-mail address of the sender are collected when the sender performs a verification. This information is stored on the client computer of the sender. In addition, this information is used in e-mail notifications to all recipients of a transfer.
The recipient e-mail addresses typed in by a sender in the user interface are stored on server-side in a database.
Why is personal data processed?
Cryptshare is a communication solution based on e-mail communication. In order to provide a comfortable way to communicate with each other, this minimum amount of personal information is stored:
- The name and phone number of a sender is stored on client-side so the user does not have to re-enter this information with every use of the system.
- Sender contact details are provided to the recipient to inform them where the information comes from and how to contact the sender.
- E-Mail addresses for senders and recipients are stored on server-side as a technical pre-requisite (Meta-Information of a Transfer).
- IP addresses for senders and recipients are stored on server-side for audit trail and troubleshooting purposes.
- E-Mail addresses of recipients are stored in a server-side database in order to provide senders a comfortable way of selecting addresses previously used.
How long is personal data kept?
Name and Phone Number
Web User Interface
Name and phone number of a sender are stored in Browser Cookies. These cookies are deleted automatically depending on what was configured by the administrator. By default Cryptshare Cookies will be removed after 30 days.
Besides from the automatic deletion of a browser cookie, the user can delete these cookies manually at any time by either using the built-in function for deleting cookies in the browser, or by using the deletion function in the Cryptshare User Interface:
E-Mail addresses of recipients the addressed by the sender are stored in a server-side database. This address book stores a maximum amount of addresses per sender. If the maximum is exceeded the addresses which have not been used for the longest time will be removed automatically.
All add-on products store personal information in a local configuration file on client-side. When this file is deleted or the product is uninstalled this information is deleted as well.
All e-mail addresses and IP addresses are stored in the Cryptshare System Log and as meta-information as part of a Cryptshare Transfer. The retention period for transfer-log data depends on administrative settings.
Selective deletion of specific e-mail addresses is not possible as this information is part of the transfer meta-information.
Product Configuration Recommendations
- Activate the automated deletion of expired transfers.
- Control the verification settings in order to configure when user verifications will be removed.
Check if trace-logging is active and deactivate it if not required at the moment (Required for Cryptshare Support)
Cryptshare for Notes
Activate the automated deletion of log documents in the CS4N Log Application.