Data Management Policy
Introduction
Elqano needs to gather and use certain information about individuals. This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards – and to comply with the law.
This data management policy ensures Elqano:
- Complies with data protection law and follows good practice
- Protects the rights of customers, staff and partners
- Is transparent about how it stores and processes individuals’ data
- Protects itself from the risks of a data breach
Elqano database and application are installed on customer servers and rely on the customer servers’ security. All customers data (user data, documents, questions, answers…) stays on customer servers.
Once Elqano is installed on the customers server, it crawls platforms identified and selected with the client.
Data accessibility
To continue to improve Elqano algorithm and keep improving user experience, a part of Elqano team, the support team, will have access to a selected part of customer data.
Those selected members including customer success managers will have one personal access to customer’s admin Elqano account. They are not allowed to copy, share, or amend in any way any of customer data. Each customer success manager will sign an NDA with the customers he/she is in charge of.
FAQ
What documents can be analised?
All Office documents, PDF, Word, Excel and PowerPoint. Perimeter is always selected and identified with customer.
How to manage documents with access rights?
There are several ways to manage:
- ask for permission to user each time there is a document to attach
- exclude them from the scope
Are conversations between 2 persons or emails analysed?
No they are not.
How does the score and ranking work? Is there a leaderboard?
The ranking and score is only linked to documents. It is based on keywords and work history based on those identified tags. Therefore there is no leaderboard displayed.
Information Asset Register
The data is visible through 3 main interfaces and there are 4 roles that can have access to this data:
| Roles / Interfaces | User | Customer Admin | Elqano Super Admin | Elqano DB |
|---|---|---|---|---|
| Standard UI | X | X | X | |
| Customer Admin | X | X | X | |
| Elqano Super Admin | X | X |
User Personal Data
| User | Customer Admin | Elqano Super Admin | Elqano DB | Data | Sensible |
|---|---|---|---|---|---|
| X | X | X | X | User requests: Question, dates Nbr of Votes and likes Nbr of Comments | No |
| X | X | X | Forwarded questions: Number | No | |
| X | X | X | User & Expert Identity: First Name Last Name | No | |
| X | X | X | Logs (Bot Usage): Nbr of Questions asked Nbr of Answered questions | No | |
| X | X | Logs; User connection | No | ||
| X | X | Number of question consultations (view) | No | ||
| X | X | Score: Documents Ranking Experts ranking based on documents history | No | ||
| X | No | ||||
| X | Documents work history | No |
All those data are kept for 3 months after contract ends.
Customer Data
| User | Customer Admin | Elqano Super Admin | Elqano DB | Data | Kept for |
|---|---|---|---|---|---|
| X | X | X | X | Questions | 3 months after contract ends |
| X | X | X | Experts answers with documents (suggestions & attachment from experts) | 3 months after contract ends | |
| X | X | Comments, likes and votes | 3 months after contract ends | ||
| X | X | X | Document tags & taxonomy (keywords) | 3 months after contract ends | |
| X | X | Document path | 3 months after contract ends | ||
| X | X | Document name | 3 months after contract ends | ||
| X | Document raw text | 3 months after contract ends | |||
| X | Document | Contract duration | |||
| X | Api (graph & bot) | Contract duration | |||
| X | SSO | Contract duration |
All those data are Strictly confidential without any transfer outside EU.
All application data are stored on client servers, behind corporate firewalls (Elqano app and software database – the software DB contains Q&As). Elqano has only access to a super admin view for application monitoring.
Data Protection Officer
Yann Echeverria, yann@elqano.com
Data disposability
Customer can request at any moment the deletion or transfer of data. The deletion or transfer must be done within 2 weeks after request. Users can request at any moment the deletion or transfer of their personal data. The deletion or transfer must be done within 1 week after request.