Before we bring new partners on board, we subject them to a thorough review of all aspects of data protection and information security. For us, the GDPR and ISO 27001 are decisive.

We only enter into this partnership if we have no concerns in this regard.

You and your data protection and information security officers should always be able to work with d.vinci without any concerns. We do not want to give you more work than you already have by introducing additional checks.

However, we recommend that you always involve your data protection officer when activating any feature.


You will find documents that will help you with the internal review of the calendar integration in the attachment:

  • Cronofy - Standard Data Processing Addendum
  • Cronofy - Data Management Policy
  • Cronofy - Security Whitepaper
  • Annex 4 - Additional Sub-Processor Cronofy (The DPAs can be found on our website)


Important information regarding the partnership with Cronofy (Netherlands)

  • Cronofy's server locations are in the EU.
  • ISO27001/18 and SOC 2 reports from Cronofy are always available via their Privacy and Security Hub (You will be forwarded to their website).
  • You can find compliance reports from Cronofy on their website.
  • You should be aware that Cronofy will have access to your employees' calendars. This is the only way we can offer the widely requested simplified appointment scheduling.
  • We want you to have the freedom to choose whether to use this feature. That's why we've designed the calendar integration so that you can enable or disable it for the entire company.

For more information, you can also visit our website.