Your data, our priority
A reliable workplace management solution with the highest security standards.
5’000+ workplaces run on deskbird
Our guarantees
Learn more about GDPR and data protection at deskbird.
deskbird was built from the ground up with European GDPR in mind. The European General Data Protection Regulation (GDPR) is the toughest privacy law in the world that poses strict requirements on how data processing companies are allowed to store and process personal data. deskbird is also fully ISO:27001 certified by Insight Assurance.
Your data is processed and hosted exclusively in the EU. For the physical hosting and data processing, we work with the subcontractor Google Ireland Limited (Google Cloud Platform), which is fully compliant with the frameworks such as ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, SOC 1, SOC 2, SOC 3.
The contractual agreement with our subcontractor, Google Ireland Limited, only allows deskbird data to be hosted and processed physically in Google’s cloud data location in Frankfurt, Germany. Even though Google has multiple cloud locations (e.g., London, Berlin, Hong Kong, etc.), our client data will only be hosted and processed in Frankfurt and not leave this location. Ever.
In compliance with EU GDPR regulations, any personal transactional data related to office scheduling, desk or room bookings, and office check-ins is automatically anonymized after six months. This means that although we can see, for example, your office occupancy of seven months ago, we cannot associate any specific employee with the resources they booked. The anonymization period is customizable and can be reduced to a 1-day minimum upon customer request.
Companies can allow their employees to book anonymously in case they prefer not to be seen by their colleagues. In this scenario, coworkers can view that a resource has been reserved but not who made the booking. Only administrators have access to the personal information of anonymous bookings. Additionally, employees can make their deskbird profile private, restricting access to their schedule to authorized individuals only.