Compliance of Guests with the Swiss data protection law revDSG

Switzerland is introducing a new data protection law, known as revDSG. The revDSG has been adapted to the technological and societal changes of our time and grants individuals more rights over their own data. Swiss companies must conform to the revised regulations by September 1, 2023. Link to source

Key changes for us as provider of Guests

1. Only natural person data is affected
The law only applies to data concerning natural persons.

2. Privacy by Design
This means that developers must integrate data protection and respect for the privacy of users into the structure of products and services that collect personal data. This requirement is in effect from the product’s launch, necessitating the highest level of security.

3. Expanded duty to inform
The duty to inform has been expanded to ensure that the affected person is informed in advance of any acquisition of personal data.

What personal data in Guests is affected?

In the context of Guests, there are no “particularly sensitive” personal data. However, with the app, we process the following sensitive personal data:

• System administrators
• Teams users
• Guests (External Identities)

Privacy by design implementation

At the start of a trial
When a Microsoft 365 administrator initiates a trial, we store the following information:

• Tenant ID
• The administrator’s display name
• The date on which the trial was started and our terms were accepted.

The Tenant ID is a GUID and is anonymous to us. We have no way to identify the organization or the user behind the GUID. The administrator’s display name is a string and not an email, and it also does not allow us to identify individuals or organizations. We store this information to demonstrate that our terms and privacy policy were accepted by a person from the company. Trials can be conducted anonymously, and we have no information for conducting advertising campaigns.

In communication with the customer tenant
Guests exclusively uses the secured Microsoft Graph API for communication with the customer tenant. Each Guests component (Admin Center, Teams App, Agent) has a separate app registration. During Guests setup and operation, the Microsoft 365 administrator can finely configure Guests’s permissions for using the Graph API. Guests’ permissions are controllable based on the Least-Privileged principle.

When storing system configurations
We persistently store configurations of templates and policies in Guests in our database. Certain configurations require us to store the Object ID of users or Microsoft Entra ID groups of the customer. If a customer no longer uses our services, they can delete all Guests application settings, including any optionally provided Object IDs of users and/or Microsoft Entra ID group IDs.

When storing guest information
Guest information, such as the responsible person, assigned policies, or status, is directly stored in the customer’s Entra ID and not in AskMeWhy’s systems.

When storing log files
When using Guests, we only capture the Object ID of users (Microsoft Entra ID user ID) in our application telemetry (in Microsoft Azure Application Insights) for support reasons. This data is automatically deleted after 90 days. Due to the Object ID of users, we, as AskMeWhy, cannot identify the users and cannot link the Object ID to other data such as names, emails, phone numbers, etc.

How do we inform affected persons about the collection of personal data?

In the Guests app, we do not collect personal data. However, when setting up Guests, we ask the Microsoft 365 administrator to confirm our privacy policy, which informs about the collection and processing of personal data.

We collect personal data when customers fill out and submit forms for support requests or offers on our website https://guests.one. Submitting these forms requires consent to our privacy policy.

What responsibilities do Microsoft 365 customers have regarding guest information?

The law for the protection of personal data demands that only necessary data be collected, protected, and subsequently deleted. Guests addresses these requirements.

When inviting new guests, Microsoft 365 customers can specify what information (e.g., name, first name, company, address, etc.) should be collected, depending on the type of guest. This information is stored in your Entra ID instance during usage.

The Guests Teams App provides a guest list that displays the guests of the logged-in Teams user, but it also offers a view that shows all guests in the tenant and their details. Your administrator can configure Guests to allow a Teams user to see only their guests. Similarly, for each guest type, it can be controlled whether group memberships are displayed to Teams users.

With the offboarding policies, you ultimately ensure that guest information is automatically removed from your directory at the end of the collaboration, preventing accidental or intentional misuse.