Personal information accessed by Cameyo

This article answers a set of questions regarding personal information stored by Cameyo, which can be helpful with regards to your company's compliance requirements.

Cameyo stores the user's identifier and IP addresses. User identifier is the username used to identify the user during Cameyo login / session start (see below section). Here's an example of what is stored:

User identifier

In most cases, user's identifier is the user's email address. However, this can vary depending on your configuration -- precisely two configuration items:

1. App configuration: unauthenticated access

In your app's page, there is a setting named "Unauthenticated access". By default and in most cases, it is turned off.

 When it is turned on, users don't have to authenticate in order to start the app. Hence in this case no user identifier will be known or stored by Cameyo, unless the user explicitly logs in prior to starting the session (which they don't have to do). Hence in case of unauthenticated app access configuration, the only user identifier is generally the IP address.

2. Server configuration: user profile

If you are using a dedicated Cameyo server, this setting appears in your server's page, the default being Temporary user profiles:

Here is how user identifier is affected by the different choices:

  • Temporary user profiles / Cached user profiles: user's email address and IP are the only recognizable user identifier stored for user sessions (unless Unauthenticated app access is configured as explained above).
  • Native Windows accounts: the user is prompted for their native Windows login information. In this case, the user's IP and Windows profile name (i.e. "john.deacon") are stored by Cameyo.

Location and duration

The above information is stored in Cameyo's datacenters hosted by OVH Canada and Microsoft Azure US. The data is stored for an unlimited duration, or until a user performs the "Delete & forget me" option on their profile page.

Data view

The above information can be viewed by Cameyo administrators in activity logs as shown above.

When user emails are stored, they can also be viewed by administrators in the users page.

According to GDPR regulation, users can also view their own data on their own profile's page by using the "Export my data" link.

Application data

Another aspect of user privacy is the data stored by their application usage. For example, users working with an accounting application generate data that may itself contain private information. Hence application-generated data itself may in some cases be considered as containing private information. What data is stored and where depends on Cameyo's storage configuration. By default, no data is stored and all session's data is wiped out from one session to the next.

Explicit file saving

In most Cameyo configuration scenarios, users have the possibility to save files as a browser download (in which case it is downloaded into their device). In some configuration scenarios, data can also be saved into a user's or company's cloud drive such as Google Drive or Dropbox. Such data is typically not a user privacy issue, as it is directly controlled and requested by the user.

Cameyo's cloud-based data persistence (SessionSync)

This feature can be enabled within your session settings page:

Data persistence stores user's profile information in Google Cloud Storage. The information includes user's files (anything generated during a session in the user's directory C:\Users\xxxx) and registry keys (HKCU). It can only be enabled by Cameyo's administrator using a Google account as login identifier. Your organization's Cameyo account has its own Google Cloud Storage bucket, accessible only by two keys: the above-mentioned Google account, and Cameyo's service Google identifier, hence inaccessible to any other organization.

Server-stored data

Depending on your server's user profile configuration, application data is either removed from servers after session's end or left on it.

  • Temporary user profiles (default): session's user profile and data are removed after each session.
    • Local data persistence (default): user profile and data is kept on the server, locally.
  • Cached user profiles: data remains on servers, mapped to each user through a pseudo-user identifier.
  • Native Windows accounts: using the native Windows profile system, data remains on servers.