Privacy Policy for CloudMigrator

Cloud Technology Solutions Ltd
Lowry House
17 Marble Street
Manchester
M2 3AW

Privacy Policy for CloudMigrator

Last modified September 2019

Cloud Technology Solutions Ltd (CTS) are a UK based company that provides software and SaaS solutions to enable businesses globally, to manage change and transform within and to the cloud.

We have created this privacy policy in order to demonstrate our firm and continuing commitment to the privacy of personal information provided by our Customers when installing and using our CloudMigrator solution. The following discloses our information gathering and dissemination practices for CloudMigrator.

We recognize the importance of protecting your privacy and our policy is designed to assist you in understanding how we collect, use and safeguard the personal information you provide to us and to assist you in making informed decisions when using CloudMigrator. This policy will be continuously assessed against new technologies, business practices and our Customers’ needs.

CTS are committed to protect Customer Subjects’ privacy and the confidentiality of Customer Subject data to the maximum extent permitted by law and/or accepted by industry standards.

Our Privacy Policy explains:

  • What information we collect and why we collect it.
  • How we use that information.
  • How you can opt-in or opt-out.

Roles

Data Controller

The Customer is the Data Controller.

Data Processor

CTS is the Data Processor.

Opt-In

CloudMigrator will process information about Customer Subjects where the Customer has chosen to install and configure CloudMigrator.

It is the Customer’s responsibility to (a) ensure that Personal Information is dealt with in a way that is compliant with Article 1(1) of the GDPR; and (b) to justify the processing of the Personal Information is in accordance with Article 6(1) of the GDPR, and communicate that justification to each Customer Subject in accordance with relevant laws. It is also the Customer’s responsibility to have appropriate privacy policies in place with Customer Subjects, and to otherwise comply with applicable law as a Data Controller.

During installation of CloudMigrator the Customer is notified of the access to Personal Information required by CloudMigrator and must accept that access before completing the installation.

Installation does not automatically synchronise or store user data, and subsequent configuration actions must be completed by the Customer to achieve this.

The Customer can opt-out at any time and remove CloudMigrator from their environment by uninstalling CloudMigrator.

Data Processing

What Information Do We Collect?

The following types of information are collected and processed to provide CloudMigrator services.

  • Device Information
    We collect IP addresses and/or server names of source platform servers.
  • Log Information
    CloudMigrator automatically collects and stores certain information in application logs. This includes:
    • User ID of users migrated using CloudMigrator (including their username and password if entered).
    • First and Last Names (if entered)
    • Details of how you use the service.

This information is not used by CTS for any purpose other than to facilitate and support the Customer’s use of CloudMigrator, and shall only be kept for as long as it is relevant to that purpose for which it was collected or for as long as required by law.

As the data owner a Customer has control over which data it collects about Customer Subjects. Therefore, additional Personal Information may be held and processed by us if CloudMigrator is configured to do so by the Customer.

Who is collecting the data

The data is collected from Customer Subjects by the Customer.

How do we collect the data

The data is collected or added by the Customer using one or more of the following methods:

  • Data upload by the Customer (spreadsheet) relating to Customer Subjects

Why is it the data being collected

The data is collected in order to provide services and functionality of CloudMigrator required by the Customer.

How will the data be used

The data is used by the Customer to configure their migration project or access/use additional functionality provided by CloudMigrator. Data collected by CTS is used to provide the CloudMigrator service and better develop the product.

Who will the data be shared with

CloudMigrator will not access, view or review any accessible Customer Subject data, under no other circumstances will CloudMigrator access Customer Subject data or share Customer Subject data with any third parties without Customer prior permission, except to the extent required by law or governmental or regulatory body or necessary to render our services to the Customer.

How CloudMigrator secures any information stored

CloudMigrator Pro is provided to the customer and installed in the Windows infrastructure of their choice and therefore is reliant on the security measures provided therewith. In addition, to protect the data we process, CloudMigrator has been designed with the following Security features:

Access

Cloud Technology Solutions provides technical support to all customers. If a user contacts CTS Support for assistance, a CTS engineer may request access to logs or configuration data which may contain usernames, full names or user passwords as well as server names, IP addresses and email or file metadata.

Data in Transit Protection

  • All data is transferred over HTTPS
  • Encrypted transmissions between source and destination platform servers
  • SSL for Google APIs, EWS Managed API, and SharePoint API

Additional Links

Google Cloud & the General Data Protection Regulation (GDPR)
https://www.google.com/cloud/security/gdpr/

Microsoft Cloud & the General Data Protection Regulation (GDPR)
https://www.microsoft.com/en-ww/trust-center/privacy/gdpr-overview

Contact Details
cloudmigrator@cloudsolutions.co.uk

Changes

From time to time we may make changes to this policy to reflect any changes to our privacy practices in accordance with changes in legislation, best practice enhancements. We will notify you about material changes to this policy by sending a notice to the email address you provided to us or by placing a prominent notice on our website.

Key terms

APIs

A set of functions and procedures that allow the creation of applications which access the features or data of an operating system, application, or other service.

Customer

In this policy, references to “you” or the “Company” refers to the organisation who submits data to us in relation to the purchase and use of CloudMigrator.

Customer Subject

An individual in respect of whom the Customer provides to us the Personal Information, and who will usually be an employee of the Customer.

Device

A device is a computer that can be used to access Google services. For example, a device could be a desktop, tablet or smartphone.

GDPR

The General Data Protection Regulation (EU 2016/679)

Google App Engine

Google App Engine (often referred to as GAE or simply App Engine) is a web framework and cloud computing platform for developing and hosting web applications in Google-managed data centers.

G Suite Domain

Your domain host is the Internet hosting service that stores the records you need to update when you set up G Suite. These DNS records control where you receive your email, your web addresses, and settings for your domain.

HTTPS

Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to.

IP Address

Every device connected to the Internet is assigned a number known as an Internet protocol (IP) address. These numbers are usually assigned in geographic blocks. An IP address can often be used to identify the location from which a device is connecting to the Internet.

Multi-tenant

Multi-tenancy is an architecture in which a single instance of a software application serves multiple customers

Personal Information

This is information that you provide to us which personally identifies you, such as your name, email address or IP Address.

Role Based Access

Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users.

Server Log

CloudMigrator stores information for the operation and troubleshooting of the service. This includes IP Address, user ID, errors, and access times.

SSL

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser.

User ID

A unique sequence of characters used to identify a user and allow access to CloudMigrator.

X509 Certificate

An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the user, computer or service identity contained within the certificate.

    Close Menu