First version: 2021-12-09 
Last updated: 2024-03-10
Last change: Added Overview Agreements and User Training links


This FAQ is a comprised out of links to other articles related to a particular topic.

Contact details

  1. Contact information

General understanding of myDRE

  1. GDPR Compliance Assessment - This document describes in detail anDREa's compliance with the GDPR; in what way anDREa unburdens the myDRE Tenants and the Accountable of Workspaces in being demonstrably compliant with the GDPR. A number of GDPR Articles are explicitly evaluated.
    1. anDREa & Subprocessors
    2. myDRE Workspaces DO NOT use Microsoft Teams, OneDrive, or Sharepoint to store or process data
    3. Microsoft is committed to EU-U.S. Data Agreement
  2. Data Protection Impact Assessment (DPIA) - anDREa's own DPIA
  3. Data Handling Policy
  4. Data Protection Policy
  5. Data Breach Procedure
  6. Terms of Services (TOS)
  7. End User License Agreement (EULA)
  8. Privacy Shield / Schrems II - anDREa's view on impact on Schrems II and the use of Remote Desktop Protocol
    1. Microsoft is committed to EU-U.S. Data Agreement
  9. CIA (BIV) Classification
  10. Location of data storage and processing
  11. Does anDREa have access to the data in a Workspace?
  12. myDRE and IAM
  13. Who/what is License Administrator /
  14. Account sharing
  15. Data - ownership, responsibility, and control
  16. Retention & Destruction Policy

Security in general


  1. ISO 27001 - Overview - Statement of Applicability, including all policies and controls; downloadable ISO27001 certificate
  2. CIA (BIV) Classification


  1. anDREa & Subprocessors
  2. Does anDREa have access to the data in a Workspace?
  3. Foundation for Audit Recording
  4. myDRE and IAM
  5. Who/what is License Administrator /
  6. Using Azure Security Score


  1. Overview Agreements (incl. implementation steps)
  2. Support Team Onboarding
  3. Subscription Enrolment
    1. Additional Subscription Enrolment
  4. License Server Access from anDREa
  5. User onboarding (information & training)


  1. Offboarding and Exit Strategy

    • Related Articles

    • anDREa & Subprocessors

      Introduction This article answers the most common questions around anDREa's subprocessors in relation to processing personal data. Summary anDREa has no subprocessors other than the (sub)processors that the Tenant already uses. Rationale All data is ...
    • anDREa feature development plan

      Roadmap Version: 2022-09-02 Update: 2024-02-23 anDREa is committed to transparency and the best interest of the research ecosystem. We are and will always be developing by, for, and with stakeholders in the research ecosystem. The following ...
    • Managing anDREa Accounts

      Introduction The purpose of this document is to describe anDREa’s Managing anDREa Accounts.  This document will be updated at least annually and when significant change happens.  Managing anDREa Accounts All changes must be approved or conducted by ...
    • anDREa Processor or Subprocessor?

      anDREa BV has a Data Processing Agreement (DPA) with all its clients. It is the Tenant that has to enter the DPA with anDREa BV and in principle, this means that DPAs can differ between Tenants. anDREa strives to have its version of the DPA ...
    • anDREa Service Level Agreement

      First version: 2021-12-19 Last updated: 2023-11-28 Last change: Banner on top anDREa reserves the right to modify the EULA and SLA at any time in its sole discretion. Changes will be effective upon the posting of the modifications on the EULA and ...