Certified & secure—data protection at desk.ly
The protection of your data and of your employees is our top priority. Therefore, we adhere strictly to the requirements of the GDPR and are certified according to the ISO 27001 standard for information security.

1,000+ companies of all sizes and industries trust desk.ly

















Information about data security at desk.ly
desk.ly meets all requirements of the European GDPR and is data protection compliant as an organization and software. We have tailored our product to the essential legal guidelines such as data protection through technology design with the appropriate default settings (Art. 25 EU GDPR) and support customers in exercising their rights as data subjects (right to erasure, information or data portability; Chapter 3 EU GDPR) and make appropriate adjustments.
Thanks to desk.ly's self-service approach, employees can also view their digital booking overview themselves at any time and anonymize their data, or more precisely their name.
The certification gives you the certainty that your data is in good hands with desk.ly. It also facilitates compliance with your company's own security requirements.
The DORA regulation establishes high security standards, particularly for banks and financial service providers. With desk.ly, you benefit from a stable, resilient IT infrastructure that supports the highest compliance requirements.
“AWS uses the techniques detailed in DoD 5220.22-M (”National Industrial Security Program Operating Manual “) or NIST 800-88 (”Guidelines for Media Sanitization“) to destroy data as part of the decommissioning process.”
For customized data, we will manually remove all identifiable accounting data associated with the account from our database upon request. Derived anonymized data (e.g. “total number of events booked on the platform this month”) will not be removed as it cannot be linked to the source data. User accounts of your company can also be removed upon request. We keep backups for 30 days, after which the data is no longer available.
On the one hand, the admin can set that everyone can decide for themselves whether to book anonymously. On the other hand, the admin can set all employees to book completely anonymously.
PROLIANCE GmbH
www.datenschutzexperte.de
Leopoldstr. 21
80802 Munich
If you have any questions about data protection at desk.ly, please contact datenschutz@desk.ly.
Access for individual employees is on a “need to know” basis and access rights are reviewed on a quarterly basis.
Applications → Amazon Web Services
REST request → desk.ly application layer
desk.ly application layer → SQL session
API response → Applications
At rest, customer data is encrypted with a key management system that automatically logs every access. In addition, passwords are both hashed and salted with one-way encryption, protecting them even in the unlikely event of unauthorized database access. Application credentials are stored separately from the code base. Clients authenticate themselves to desk.ly using a token system.
Each token has a specific range of access that can be revoked individually without affecting other users of the platform. Furthermore, in the event of a security incident, we can immediately invalidate tokens for the entire platform.
You have additional questions about data protection at desk.ly?
Book an appointment and let's discuss your questions.DPA request
You can request our current data processing agreement (DPA) using this form. We will be happy to contact you. Below you will find our key information to answer your questions.
.png?width=300&name=Platz%204%201.%20OG%20Teamraum%20desk.ly%20(6).png)
Try desk.ly for free as a team
Sign up in less than 2 minutes and test desk.ly with up to 15 users for as long as you wish.