Version 1.0
October 10th, 2025
Purpose of processing: Provision of Project Plan as Software-as-a-Service (SaaS).
1. Type of personal data processed:
- User data: (a) First and last name, (b) E-Mail address, (c) User ID and Tenant ID, (d) Company name
- Content data: Any data within your project plans, such as tasks, milestones, assigned resources and freetext fields within the plans
2. Categories of data subjects:
- Employees of the client organizations who use the software
- Clients or Contactors of the controller (organizations using the software)
- Third parties whose data is processed within the software, on behalf of the controller
3. Retention periods:
- The key to decrypt any data is contained in the respective files (e. g. PowerPoint or Excel file), URL/links and tabs in Microsoft Teams. With the deletion of the relevant links/references by the controller, the cryptographic key to decrypt the data will inevitably be deleted and any remaining database records and related personal data becomes permanently indecipherable for any party (“cryptographic erasure”).
- Indecipherable residual data fragments that may remain in system databases or backups are automatically overwritten or deleted in the ordinary course of business after last read access, as defined in the terms and conditions.
- The Controller remains solely responsible for deleting any remaining references or links to the Personal Data within its own systems.
- Usage and log data: Maximum 30 days after collection, unless required for system administration or troubleshooting.