General tech information

Key information :

💽 Hosting

🇫🇷 All of our Data is hosted in France on AWS Servers.

🔐 Compliance

We have received the ISO 27001 certfication.

🙅 Data protection

We collect limited PII (Personal Identifiable Information) which is **anonymised** on send (details below)

☁️ Sub-Providers

Our main sub-providers are : AWS (cloud), Google (IdP), Github (Version Control), Vercel (Deployement)

More detailed Info :

The Data collected :

Extensions

URLs

Gaia IDs, encrypted

Timestamp

Timespent on a URL

Direct Integrations to SaaS Apps

Authentification method

Date of creation

Date of deactivatipn

Permissions

SSO Integrations

List of Users (email, name, Id, team, admin status)

Token of authentifications for external apps

Timestamp of tokens

Scopes granted to external apps

Other types of Integrations

HR tools

Accounting software

Ticketing / ITSM systems

Messaging apps

Recognised Applications:

All applications that are part of our Whitelist can be recognised by Corma. This whitelist currently contains more than 31,000 apps listed. This whitelist is also :

Editable
Continuously updated
Can contain custom client URLS for on premise applications accessed via the browser

Integration requirements:

Client companies must be using the following systems to work with us efficiently :

Google workspace or Microsoft Tenant ID (Azure AD) workspace
Use mainly Chrome, Chromium, Edge browsers or Firefox browsers
Have significent web-based SaaS-Usage

Authentification methods:

We currently support 3 methods of authentication into our app, all 3 methods are systematically included in all pricing versions :

Google SSO
Microsoft SSO
Email + Password

Last update : 07/03/2024

PreviousWhat is Corma?NextThe Corma Glossary

Last updated 3 months ago