Zoho Cliq's shared responsibility of security and privacy with customers
Zoho Cliq complies with ISO and SOC standards for security and privacy to ensure we provide our customers the best service possible. While we work towards offering you an uncompromised cloud experience, we treat your security and privacy with the utmost care and believe it is a shared responsibility between us and our users.
A clear understanding of customer responsibility, Zoho Cliq's responsibility, and shared responsibility as a whole will help you overcome any challenges in data security and privacy.
Customer Responsibility
- Passwords
- Permissions given to users
Zoho Cliq's responsibility
- Availability of services
- Application level controls
- Data storage
- Data security
- 24 hours a day M-F technical support
- Disaster recovery
- Reporting any breach incidents
- Mail sending IP reputation
- Email delivery infrastructure
Shared responsibility
- Data management
- Encryption
- Awareness and training
- Policy and compliance
Shared responsibility
The following responsibilities are common to both the customer and us. As we provide you with the services and tools to help secure your data, we need your contribution towards these services as well.
Data management
Zoho Cliq provides you with:
- Password protection to protect any files you export.
- Ability to create roles and set privileges for modules to prevent one user from accessing other user data based on their roles and privileges.
Your responsibilities:
- Set strong passwords to protect your exported files.
- Report incidents of data breach to Zoho Cliq immediately and follow our recommendations for next steps.
- Notify your users and data-protection authorities in case of any breach.
- Check the legal requirements for adding and processing data using our system.
- Assign appropriate user roles and privileges for those handling your data.
- Periodically review your company's user roles and access permissions.
Encryption
Zoho Cliq's responsibilities:
- Encryption of Personal Identifiable Information (PII) at rest and in transit.
Your responsibilities:
- Ensure the files you download are secured and protected using passwords.
- Enable disk encryption on your devices.
Awareness and Training
Zoho Cliq's responsibilities:
- Educate our employees about data-handling requests raised from the customers.
- If required, access a customer's data and log it for support purposes with the customer's approval.
- Regularly conduct security and privacy training for all employees to ensure they adhere to our security and privacy standards.
Your responsibilities:
- Educate your users on the risks related to a cloud environment, as well as standards and procedures for the use of our services.
Policy and Compliance
Zoho Cliq's responsibilities:
- Adhere to policies and laws like GDPR, CCPA, and more depending on the region to ensure our customer data is handled appropriately.
- Review privacy policies and terms of service for third-party integrations and carries out operations.
- Securely migrate data from one region to another while following necessary guidelines for that region.
Your responsibilities:
- Enable or disable third-party integrations after reviewing what data will be shared with them.
- Review the terms and privacy policies of how your data would be stored, handled, and used in third-party apps.
- Evaluate all regulations and laws that are applicable to you and review our compliance with regulations and standards that are needed for your business.
- Before processing personal data, assess your lawful basis. If your lawful basis is consent, get the consent of your customers as well.
Refer to the shared responsibility model in Zoho for more information on this topic.
If you have any questions or would like some clarification on these points, please write to us at support@zohocliq.com.