Data Collection and Purpose
Altus applications process customer data within the customer's M365 tenancy and ACS. This data includes information necessary for work management and can include but is not limited to documents, communication, and collaboration data. The primary purpose is to provide a highly functional and customisable work management platform for our customers and their partner organisations.
Data Ownership and Control
Customers retain ownership and control over their data regardless of the hosted location. Altus will not use or access customer data for purposes other than providing, maintaining, and improving our applications unless explicit consent is obtained. Customers can configure and customise the Altus family of applications to align with their specific needs. Altus applications may provide the ability to opt-out of various ACS functions to make the security posture of the deployment more conservative or to meet local legislative requirements.
In cooperation with Microsoft, Altus implements robust security measures to protect customer data. This includes encryption, access controls, and regular security assessments. We are committed to maintaining the confidentiality, integrity, and availability of customer information.
Data Location and Transfers
Customer data may be processed in the customer's M365 tenancy or ACS, but in either case Altus will endeavour to ensure that the processing occurs within the customer's selected geographic region. The exact regional boarders of the available Altus geographic regions can be supplied on request, and while a best effort will be made to have these regional definitions coincide with harmonious privacy legislation this outcome cannot be guaranteed by Altus. Customers will be informed of any changes to regional data location and any events that may necessitate cross-border transfers.
Compliance with Privacy Regulations
Altus is dedicated to complying with global privacy regulations. We understand that due to the diversity of privacy laws the work to adapt our practices accordingly is an ongoing process. Customers from different regions can trust that our policies strive to align with relevant data protection legislation.
Customer data will only be retained for the period necessary to fulfil the purposes outlined in this policy unless a longer retention period is required or permitted by law. For M365 Applications see Microsoft for data their latest data retention policy and for ACS based applications Customers can configure retention settings within the applications.
Altus may facilitate engagement with third-party service providers (Partners) to enhance our services. These partners adhere to privacy and security standards consistent with Altus policies and will provide additional information and be responsible for any changes to the Altus family of applications that varies from this policy. Customers engaging with an Altus partner are encouraged to review their privacy practices.
Privacy Inquiries and Complaints
Altus is committed to addressing privacy inquiries and complaints promptly. Customers can contact our privacy team via email at privacy at altus.pro for assistance.