How secure is the Synchronizer?

Owned by Thomas Speekenbrink
Last updated: Aug 28, 2020 by Jan Verlaan (Unlicensed)
2 min read

Question

How secure is the Synchronizer?

Answer

The Synchronizer has been audited by professional security companies to ensure a safe synchronization. Audits will be done on a regular basis to ensure security & privacy for all our customers.

As we use Microsoft Azure, we are guaranteed a very secure platform, as Microsoft is currently the only Cloud provider which has adopted the ISO 27018 Privacy Standard.

Please find our Privacy policy here: Privacy Policy
Please find our Terms and Conditions here: Terms and Conditions

To go more in-depth, find below detailed information on where and how we are handling your data.

Processing country

The Netherlands and Ireland. Sub-processing of billing data by Recurly in the United States of America.

Personal data subjects

Administrator(s) of the Synchronizer and linked users.

Personal data categories

During registration of a Synchronizer account, we collect the following personal data: name, email address, and telephone number of the customer administrator and billing administrator. For each linked user we collect the username, name, and email address.

Processing

The personal data collected is for user identification, company billing, and for contact case of issues. Emails will be used to send information on product issues, releases, and other relevant product information.

Sensitive personal data

The Synchronizer does not process or collect sensitive personal data.

Linked users

For Exchange Sync, we store usernames and passwords, of course, scrambled.
For Google or Microsoft 365 users, we do not store usernames and passwords. In this case, it is an OAuth access token (For Microsoft 365 and Google, this OAuth access token is processed and saved in MS Azure)
When a customer uses Microsoft Exchange we offer 2 ways of authentication: each user can individually provide credentials or can use Exchange application impersonation. Credentials are encrypted because they need to be reversible in order to authenticate. Only a restricted number of InfoBridge employees have clearance to access the resources that store the encrypted credentials.