Legal
Data Processing Statement
This statement summarizes processing roles, safeguards, and controls for enterprise customers using Easy WBS.
1. Roles
- Customer organization: data controller for workspace content and user access.
- Easy WBS operator: processor for hosted deployment operations.
- Self-host mode: customer controls infrastructure and processing environment.
2. Processing activities
- Authentication and access control.
- Versioning, approvals, comments, and export generation.
- Security monitoring and audit logging.
- Optional consent-based analytics telemetry.
3. Security controls
- Tenant-scoped access checks and session isolation.
- Transport security and security header hardening.
- Audit event trails for critical actions.
- Configurable SSO, emergency access controls, and policy guardrails.
4. International transfers and subprocessors
Where subprocessors are used, they are contractually bound to data protection obligations aligned with customer agreements and applicable law.
5. Retention and deletion
Data retention is policy-driven. Deletion workflows can be executed by authorized administrators according to tenant governance controls.
6. Contact and DPA
For data processing agreements, security questionnaires, or subprocessor list requests, contact the Easy WBS support channel used by your organization.