Can you explain data privacy & security?

Data Privacy

Candex is as private as email and designed to support even the most confidential business matters. The best way to understand how data privacy works is by feature:

1)  Canpays

When you engage integrate your activity with a business partner on your Canpay, it creates a new joint control discussion where either side can add participants (used for deals and distributions).  Notifications can be customized but by default all messages produce an @mention.

2)   Internal Channels  

Anyone inside your company can discover and access channels. If your company is set to multi-team, then internal channels are only discoverable by those who share a private teams. External users can only be invited by a company (or team) admins. In all internal channels, notifications can be customized but by default are produced only if a participant is "@mentioned".

3)  Private Channels

These are for private collaborations where anyone from inside or outside your company can be invited to participate. Those who leave or are removed can no longer access the information and external users can never invite new users.  

4)  Direct Messaging

You can message with "anyone" inside or outside your company. All content exchanged is "jointly controlled" by both parties. All messages are @mentions.

5)  Ledger

When engaging a business partner for a payment, it adds an entry in a feed of all the Canpays which is called the ledger. This feed is limited to other members on your teams. If your company is a single team, then the ledger is shared with all users from that company. When a canpay is marked as confidential, only admins can see them.  They can be searched in thousands of ways. The actual value of any money exchange cannot be viewed unless a user is responsible for the transaction or an admin.

6)  Profiles

When you look at the profile of a co-worker, you can see the people they have worked with from outside your organization. When you look at the profile of an external user, you can see who they worked with from inside your own organization.  You can keyword search by name, company or searchable expertise.

No one can discover or find you on Candex and your personal information is in no way publicly available, though other users can send you messages and view your public profile if they know your email address.  

Data Ownership

For all users of Candex (paid or not), the data belongs to the company that owns a user's email domain or explicitly adds an outside user to their network. If someone leaves a company, they will not be able to take their past communications or files with them and they will lose all access from desktop or mobile device. To insure compliance, users cannot change the email address associated with their Candex account to an outside domain. By authorized request, Candex will export any data controlled by an organization.

Data Security

At Candex, we take security very seriously and make it fundamental to everything we do. Encryption is used for all data transfers and we host all data in ISO 27001 compliant secure hosting facilities and in compliance of GDPR, EU Safe Harbor rules, HIPAA, and FINRA. Our team has decades of experience building rugged and secure enterprise applications and we engage with outside security experts for third party reviews.