CharterDesk Application Privacy Statement

This product privacy only applies to the installation relating to these instructions. If the CharterDesk Application is installed in the client’s Azure environment, it is seen as a customization and product privacy policy will language will be stated in a Master Services Agreement that will be signed by both the client and SoHo Dragon (SoHo).

We at SoHo are committed to protecting your privacy. This Product Privacy Policy applies to your use of SoHo’s CharterDesk Application (CharterDesk) Subscription Service as a customer of SoHo. This Product Privacy Policy describes how we collect, receive, use, store, share, transfer, and process your booking data. It also describes your choices regarding use, as well as your rights of access and correction of, your Personal Data.

This Product Privacy Policy also describes how we process booking Data on behalf of our customers in connection with CharterDesk. This Product Privacy Policy does not apply to any information or data collected by SoHo as a controller for other purposes, such as information collected on our websites, other applications, or through other channels for marketing purposes. Please find the SoHo Privacy Policy that covers this information or data by clicking here.

SoHo processes Customer (User) Data for the CharterDesk under the direction of our Customers and has no direct control, access, or ownership of the actual booking Data we process on behalf of our customers. Customers are responsible for complying with any regulations or laws that require providing notice, disclosure, and/or obtaining consent prior to transferring the booking Data to SoHo for processing purposes. Terms not otherwise defined herein shall have the meaning as set forth in the SoHo Dragon Customer Terms of Service. In the event of a conflict between this Product Privacy Policy and the Customer Terms of Service, the terms of the Customer Terms of Service will control.

We periodically update this Product Privacy Policy. We will post any changes on this page and, if the changes are material, we will provide an update through the notification app in your admin email of the Subscription Service.

A. The SoHo Dragon Subscription Service

CharterDesk’s online Payment Subscription Service is performed by a 3^rd party provider Recurly. See this link for their Privacy Policy, Terms of Service, and Acceptable Use Policy.

PCI-DSS Compliance

The admin data such as email address and subscription ID is stored in Hubspot. See this link for their Privacy Policy

B. Use of data By Our Services

Our CharterDesk customers use the CharterDesk Application Subscription Service only to book meetings in their O365 environment. When customers use this Subscription Service, SoHo does not control or collect the content of actual booking meetings or collect any personal user data other than:

• Email address
• Number of floors related to the tenant subscription
• O365 Tenant ID

The CharterDesk functionality is controlled and saved in the user’s browser, NOT in SoHo’s hosted environment. Booking information is controlled by the user’s browser policies, disclosed, and protected by their organization’s O365 privacy policies in their environment.

A. With Service Providers

We do not. This isn’t our business model

B. In accordance with Compelled Disclosure

We reserve the right to use or disclose your collected Personal Data if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights.

(1) O365 Integration

By using the ‘O365 Integration’ with the CharterDesk will grant the SoHo access to the customer’s MS Graph API. There is no access to user passwords, server information, email metadata, or message bodies.

(2) Azure Integration

The is no integration with the customer Azure environment.

(3) Data Practices and Service Data

We do not automatically collect metrics and information about how Users interact with and use the Subscription Service.

You may request the deletion of your email address or Subscription Service by sending a request here.

SoHo does not collect any booking data. User Data collected during your use of the Subscription Service is retained as long as you have a Paid Subscription and/or remain an active customer in our system. Your data is deleted upon your written request or after an established period following the termination of all customer agreements. In general, Customer Data is deleted after your paid Subscription ends and your portal becomes inactive.

We do not. This comes from your tenant MS Graph endpoint.

Privacy Shield Notice

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, SoHo Dragon is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, SoHo Dragon may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. You may direct any inquiries or complaints related to our Privacy Shield compliance here.