Security & Privacy at Calenso
Calenso gives you the assurance that your critical data is reliably protected by enterprise-grade security. Careful handling of sensitive data has been part of our corporate philosophy since our founding.
GDPR-compliant online calendar from Calenso
Data security meets efficiency
An online calendar that is GDPR-compliant and nDSG-compliant combines efficient scheduling with the highest data protection standards. By complying with both data protection laws, we secure your personal information while ensuring seamless coordination of appointments and tasks.
In today's digital world, data protection is playing an increasingly important role. The GDPR was developed to protect the personal data of EU citizens and to oblige companies to handle this data with care. It is very important for companies that an online calendar is GDPR-compliant. This ensures that all the information you and your customers collect and share is safe and secure.
Why do thousands of companies trust Calenso?
We earn the trust of our users by providing industry-leading security standards. Calenso covers the following areas:
Security
Security is our top priority. We have it deeply integrated into our infrastructure, our product and our company. Calenso offers countless features to ensure comprehensive data security.
Compliance
We adhere to European Union data protection and security laws to help you meet your compliance obligations.
Data protection and privacy
Data protection is a matter of course for us. With our comprehensive data protection program, we are committed to protecting your data and the privacy of your customers.
Reliability and availability
We guarantee high availability of our cloud-based infrastructure and transparently provide our customers with Calenso's system status and performance at all times to ensure business continuity.
What is GDPR?
The GDPR stands for the European Union's General Data Protection Regulation, which came into force in May 2018. It provides a comprehensive framework for the protection of personal data within the EU and sets out clear rules for the processing of this data.
The main objectives of the GDPR are to protect privacy and strengthen the rights of individuals in relation to their personal data. The regulation gives people more control over their data and ensures that companies handle this information transparently and responsibly.
The GDPR affects any company that processes the personal data of EU citizens, regardless of whether the company itself is based in the EU or not. Companies that violate the GDPR can be subject to substantial fines.
What is nDSG?
The nDSG stands for "new Data Protection Act" and refers to the revised Swiss Data Protection Act, which came into force on September 1, 2023. It is an update and amendment to the existing Data Protection Act (DPA) in Switzerland. The new DPA introduces important changes to data protection law and strengthens the protection of the privacy of individuals in Switzerland. It affects the way in which personal data is processed by organizations and website operators in Switzerland.
The nDPA sets out how personal data should be processed on websites, particularly with regard to user consent and minimizing the use of data to what is necessary. It is important to note that the nDPA continues to require compliance with the European Union's (EU) General Data Protection Regulation (GDPR) for the data protection of EU citizens in Switzerland.
Why you need a data protection-compliant online calendar
In an increasingly digitalized world in which the handling of personal data is of great importance, the General Data Protection Regulation (GDPR) plays a central role. Companies and organizations are obliged to ensure the privacy and protection of personal data of their customers and employees. A GDPR-compliant online calendar is therefore essential in the everyday life of companies.
3 reasons for a data protection-compliant online calendar:
Protection of privacy
An online calendar contains sensitive information such as appointments, participant lists or contact details. A data protection-compliant online calendar ensures that this data is adequately protected. This includes measures such as encryption, access controls and secure data transmission to ensure that unauthorized persons do not have access to the information.
Trust of customers and employees
The protection of personal data has a direct impact on the trust that customers and employees have in your company or organization. By implementing a GDPR-compliant online calendar, you demonstrate your commitment to data protection and data protection rights. This strengthens the trust of your target group and can have a positive impact on your image.
Risk reduction
By using a privacy-compliant online calendar, you reduce the risk of data breaches and data mishaps. You implement best security practices and minimize the likelihood of data breaches. This helps you avoid potential fines, reputational damage and legal consequences.
Supporting safety features
ISO 27001 certified servers
All servers hosting our servers are ISO 27001 certified and have redundant data storage.
SSL encryption
All data transferred between the end device and Calenso's servers is protected by 256-bit AES SSL/TLS encryption.
Individual AVV
To comply with the GDPR requirements, customers can conclude a contract for order processing with Calenso with just a few clicks.
Single sign-on
Calenso enables the use of single sign-on to automate user management and simplify the use of the platform.
Regular penetration tests
To protect the platform from attackers and security vulnerabilities, Calenso conducts regular penetration tests.
IP blacklisting
Access to an organization's booking widget can be denied to specific IP addresses using an IP blacklist.
Two-factor authentication
Calenso provides 2-factor authentication (2FA) to secure access to user accounts.
Offsite backups
Automatic offsite backups prevent the loss of data in exceptional cases such as theft, virus attack, hardware failure or natural disasters.
Trained employees
Calenso's employees are specially trained in data protection and security.
Service Level Agreements
Calenso sets high requirements for platform availability and support and backs them up with service level agreements.
GDPR compliance
Calenso complies with all requirements of the GDPR, including data security and privacy requirements.
Advanced password protection
Calenso offers advanced password protection with safeguards against brute force attacks and password leaks.
BSI Certified WAF
Calenso's firewall is certified according to the standards of the BSI to ensure optimal protection of the platform.
Audit logs
Detailed audit logs provide comprehensive tracking of activity on the platform to ensure data security and integrity.
Company-specific user roles
Calenso allows the creation of user-defined roles to control and restrict access to data and functions within the organization.
Hosted in Switzerland
Calenso's servers are located exclusively in Switzerland and are therefore subject to the country's strict data protection laws to ensure maximum security and confidentiality.
GDPR-compliant online calendar:
How Calenso protects your company and customer data
As a GDPR-compliant online calendar, Calenso puts the protection of your company and customer data first. Our platform uses state-of-the-art encryption technologies to ensure that your sensitive information is protected and does not fall into the wrong hands. In addition, our server is located in Switzerland, which means that your data is stored and processed in accordance with strict Swiss data protection laws and regulations.
With Calenso, you have full control over your data, because we store and process it exclusively in accordance with the applicable data protection regulations. We attach great importance to transparency and never pass on your data to third parties. So with Calenso, you can schedule your appointments without compromising on data security and concentrate fully on your business.