Provision of Meeting Room Display Services
We process personal data to provide our meeting room display services to our customers. This involves synchronizing calendar information from our customer's Microsoft Entra ID (Azure AD) and displaying it on screens outside their meeting rooms.
For this purpose, IdoMeetings K/S typically acts as a data processor on behalf of our customer (the data controller), who determines the scope of data synchronized and displayed.
Categories of personal data
The following types of personal data, originating from the customer's calendar system (Microsoft Entra ID), may be processed and displayed:
- Meeting subject/title
- Meeting organizer name
- Meeting attendee names (if configured by the customer)
- Meeting start and end times
- Meeting room name/identifier
- Status of the meeting room (e.g., available, busy)
For administrators of the customer company who manage the IdoMeetings service configuration, we may process:
- Name, email address, telephone number (if provided)
- Company name
- System ID number or account identifier
- Configuration settings related to the Microsoft Entra ID integration
Source of the personal data
We collect/receive personal data from the following source(s):
- Directly from our customer's Microsoft Entra ID (Azure AD) via Microsoft Graph API and webhooks, as configured by the customer.
- Directly from our customer's administrators when they set up or manage the service.
Legal basis for the processing
When acting as a data processor for our customer, our processing is based on the data processing agreement with our customer, pursuant to Article 28 of the GDPR. The customer, as data controller, is responsible for establishing a legal basis for the collection and sharing of their calendar data (e.g., legitimate interest, performance of employment contract).
For processing personal data of our customer's administrators, our legal basis is:
- Article 6.1.b GDPR (necessary for the performance of the contract between Us and the customer company).
- Article 6.1.f GDPR (necessary for the pursuit of our legitimate interests, e.g., to manage the service and provide support).
Recipients
We share or make personal data accessible to:
- The data (meeting information) is displayed on screens at the customer's premises, visible to employees and visitors of the customer.
- Authorized personnel within our customer's organization.
- Suppliers and vendors (sub-processors) that We work with to assist our company and the service We provide (e.g., hosting providers, technical support). Such sharing is governed by data processing agreements.
Data retention
Meeting information synchronized from the customer's Microsoft Entra ID is typically cached for display purposes and updated regularly. We do not store this data long-term independently of the customer's source system. The retention of the source calendar data is determined by our customer's policies.
Personal data related to customer administrators will be retained for the duration of the business relationship with the customer company, and thereafter for the period required or permitted by applicable law (e.g., for accounting purposes, or for the establishment, exercise, or defence of legal claims, typically up to 5 years plus the current year after termination of the service).
Managing Customer Accounts and Support
We process personal data of individuals acting as representatives or contact persons for our corporate customers. This is for purposes of managing the customer relationship, fulfilling contractual obligations, providing support, and general communication.
Categories of personal data
The following types of personal data may be processed for individuals representing our customers:
- Name, email address, telephone number
- Workplace and job title
- Company name, address, and CVR/VAT number
- Signature (on contracts or orders)
- Communication history (e.g., emails, support tickets)
- Invoicing details (e.g., contact person for invoicing, P.O. number)
- Screenshots or system information provided during support requests.
Source of the personal data
We collect your personal data from the following source(s):
- Directly from you (e.g., when you contact us, sign a contract, or request support)
- From your employer (our customer company)
Legal basis for the processing
We process your personal data on the following legal bases:
- Article 6.1.b GDPR (necessary for the performance of the contract between Us and your employer/the customer company).
- Article 6.1.f GDPR (necessary for the pursuit of our legitimate interests, such as managing customer relationships, providing effective support, ensuring service quality, and communicating about our services).
Recipients
We may share your personal data with:
- Suppliers and vendors that We work with to assist our company and the services We provide (e.g., CRM providers, billing systems, technical support tools, financial institutions).
Data retention
We will retain personal data processed for this purpose for as long as the business relationship with the customer company exists and thereafter for the period required or permitted by applicable law. This will typically be up to 5 years plus the current year counted from the termination of the business relationship or from your last interaction (e.g., support request), for purposes such as accounting, and the establishment, exercise, or defence of legal claims.
Marketing and Website/Service Optimization
Personal data may be used for marketing-related purposes, including to market our services to potential or existing business customers (e.g., via email to business contacts, or through targeted advertising).
Further, personal data may be collected when you use our website or any administrative interfaces for our service. We use this information to optimize the user experience and improve our offerings.
See also our cookie policy for more information about our use of cookies on www.idomeetings.eu/cookie-policy
Categories of personal data
The following types of personal data may be processed:
- Name, email address, telephone number (for business contacts)
- Workplace and job title (for business contacts)
- Company you represent
- Your interactions with our marketing communications (e.g., email opens, clicks)
- Your use of our website or service interfaces (e.g., pages visited, features used, IP address, browser type, device information), often collected via cookies or similar technologies.
Source of the personal data
We collect your personal data from the following source(s):
- Directly from you (e.g., when you fill out a contact form, subscribe to a newsletter, or interact with our website/services)
- Publicly available business sources (e.g., company websites, LinkedIn for B2B marketing)
- Analytics tools and cookies on our website.
Legal basis for the processing
We process your personal data on the following legal bases:
- Article 6.1.a GDPR (consent), for instance, for sending newsletters or for certain types of cookies.
- Article 6.1.f GDPR (necessary for the pursuit of our legitimate interests), for example, to conduct B2B direct marketing to business contacts, to analyze and improve our website and services, and to understand the effectiveness of our marketing efforts.
Recipients
We may share your personal data with:
- Suppliers and vendors that We work with to assist our company, our marketing activities, and the service We provide (e.g., marketing automation platforms, analytics providers, advertising networks).
Data retention
Personal data processed for marketing purposes based on consent will be retained until you withdraw your consent, or it is no longer relevant. Data processed based on legitimate interest for B2B marketing will be retained as long as the interest is valid or until you object.
Data related to website/service usage for optimization is typically retained for shorter periods (e.g., 1-2 years), or as specified in our cookie policy.