Presentation
Calliente is designed with a strict approach to data minimization.
By default, no contact data or sensitive personal information regarding users is stored on our servers.
Only essential, non-personal technical information is retained to ensure the proper functioning of the service.
This page precisely describes what data is stored, for what purpose, and what security guarantees are applied, for the IT, security, and compliance teams.
Data Stored by Calliente
The data listed below is securely stored in Google Firestore, a fully managed NoSQL database that is part of Google Cloud Platform.
Firestore complies with ISO 27001, SOC 2, and GDPR standards.
By default, data is hosted in the European Union, unless a specific request states otherwise.
| Type of Data | Stored | Description | Notes |
|---|---|---|---|
| Tenant Name | Yes | Name of the organization provided during onboarding | Used for identification and display in the administration portal |
| Tenant ID | Yes | Microsoft Entra ID identifier of the tenant | Allows association of Calliente configuration with the corresponding Microsoft directory |
| Device ID (anonymous) | Yes | Randomly generated identifier by device | Used for technical tracking of synchronization, with no link to user identity |
| User Contact Data | No | Names, phone numbers, contact information | Never stored on Calliente servers |
Contact data is transmitted directly from Microsoft Graph to the user's mobile device.
Security Practices
The following principles are applied by default:
- All stored data is non-personal and isolated by tenant
- Hosting on ISO 27001 and SOC 2 certified infrastructure located in the EU
- Device identifiers are random, generated locally, and not correlated to a user identity
- No third-party analytics, advertising, or tracking tools are used
- No exploitation of data for purposes other than the operation of the service
Data Retention
- Tenant and device identifiers are retained as long as the tenant is active
- No contact data or session tokens are retained
- Administrators can request the deletion of tenant metadata at any time through Calliente support
Data Not Stored by Calliente
Calliente does not store under any circumstances:
- Contact lists or personal contact information
- User profile data (name, email address, etc.)
- Microsoft 365 content (mailbox, calendar, files)
- Authentication information, passwords, or secrets
Questions or Specific Requests
For any request related to a security audit, compliance documentation, or data deletion: