anDREa FAQ

anDREa FAQ

First version: 2021-12-09 
Last updated: 2025-02-13
Last change: links to new ISMS and underlying documents

Introduction

This FAQ is a comprised out of links to other articles related to a particular topic.

Contact details

  1. Contact information

General understanding of myDRE


  1. GDPR Compliance Assessment
     - This document describes in detail anDREa's compliance with the GDPR; in what way anDREa unburdens the myDRE Tenants and the Accountable of Workspaces in being demonstrably compliant with the GDPR. A number of GDPR Articles are explicitly evaluated.
    1. anDREa & Subprocessors
    2. myDRE Workspaces DO NOT use Microsoft Teams, OneDrive, or Sharepoint to store or process data
    3. Microsoft is committed to EU-U.S. Data Agreement
  2. Data Protection Impact Assessment (DPIA) - anDREa's own DPIA
  3. Data Handling Policy
  4. Data Protection Policy
  5. Data Breach Procedure
  6. Terms of Services (TOS)
  7. End User License Agreement (EULA)
  8. Privacy Shield / Schrems II - anDREa's view on impact on Schrems II and the use of Remote Desktop Protocol
    1. Microsoft is committed to EU-U.S. Data Agreement
  9. CIA (BIV) Classification
  10. Location of data storage and processing
  11. Does anDREa have access to the data in a Workspace?
  12. myDRE and IAM
  13. Who/what is License Administrator / licenseadmin@mydre.org?
  14. Account sharing
  15. Data - ownership, responsibility, and control
  16. Retention & Destruction Policy

Security in general


ISO27001

  1. ISO 27001 - Overview - Statement of Applicability, including all policies and controls; downloadable ISO27001 certificate
  2. CIA (BIV) Classification

NIS2

  1. anDREa & Subprocessors
  2. Does anDREa have access to the data in a Workspace?
  3. Foundation for Audit Recording
  4. myDRE and IAM
  5. Who/what is License Administrator / licenseadmin@mydre.org?
  6. Using Azure Security Score

Onboarding

  1. Overview Agreements (incl. implementation steps)
  2. Support Team Onboarding
  3. Subscription Enrolment
    1. Additional Subscription Enrolment
  4. License Server Access from anDREa
  5. User onboarding (information & training)

Offboarding

  1. Offboarding and Exit Strategy

    • Related Articles

    • anDREa - General Presentation

      More information: anDREa FAQ

    • anDREa & Subprocessors

      Replaced by: anDREa ISMS Section: Supportive Documents

    • Managing anDREa Accounts

      Replaced by: anDREa ISMS Section: Supportive Documents Section: ISMS Chat for easy answers (beta)

    • anDREa feature development plan

      Roadmap Version: 2022-09-02 Update: 2024-02-23 anDREa is committed to transparency and the best interest of the research ecosystem. We are and will always be developing by, for, and with stakeholders in the research ecosystem. The following ...

    • anDREa Processor or Subprocessor?

      anDREa BV has a Data Processing Agreement (DPA) with all its clients. It is the Tenant that has to enter the DPA with anDREa BV and in principle, this means that DPAs can differ between Tenants. anDREa strives to have its version of the DPA ...