1. Overview of the Service

Integrated with Microsoft Teams, MyDataBot is a Teams bot that empowers every Microsoft 365 user to take ownership of their data security posture, within the scope of the MyDataSecurity subscription held by their organization.

MyDataBot notifies the user about information relating to the security of their personal Microsoft 365 space, and in particular:

  • Access Review Campaigns: participation in periodic security checkups and access reviews on the user’s personal and collaborative resources;
  • Security Alerts: notification when a risk is detected on the user’s data – such as unusual sharing, a change in rights and permissions, or potential data exposure – allowing the user to act before it becomes a threat.

MyDataBot helps establish long-term security best practices and simplifies data protection for all IDECSI customers.

Prerequisite: an active MyDataSecurity subscription held by the user’s organization is required to use MyDataBot.

2. Scope of the License to Use

Access to MyDataBot is granted to the user on a personal, non-exclusive and non-transferable basis, for as long as the user remains a collaborator within an IDECSI customer organization holding an active MyDataSecurity subscription.

This access is strictly tied to the MyDataSecurity subscription held by the user’s organization: it automatically ceases upon termination or suspension of that subscription, or upon the user losing their status as a collaborator within the customer organization.

The user agrees to use MyDataBot in accordance with its intended purpose, their organization’s internal policies, and these terms.

3. Access to and Use of the Services

The use of the platform and its features, including the bot, is governed by the applicable agreements entered into between the Customer and IDECSI. These agreements prevail over any other documentation, including this notice.

4. Microsoft 365 Access and Permissions

To operate, MyDataBot relies on a permission to send messages to the user within Microsoft Teams. This permission is strictly limited to notifying the user as part of the features described in Section 1 (access review campaigns, security alerts).

IDECSI does not access, review or otherwise use the content of the user’s Teams conversations beyond what is strictly necessary to perform these features.

5. Data Processed

Personal data processed in connection with MyDataBot (in particular information relating to the security of the user’s Microsoft 365 space) is processed in accordance with IDECSI’s Privacy Policy.

IDECSI also enters into a Data Processing Agreement (DPA) with each customer organization — a contractual document that, in accordance with Article 28 of the GDPR, sets out the terms under which IDECSI processes personal data as a processor on behalf of the customer. This document is available on request from IDECSI or from the organization’s MyDataSecurity administrator.

6. Intellectual Property

MyDataBot, its name, interface, and all elements it comprises are the exclusive property of IDECSI or its partners, and are protected under French and international intellectual property laws. No rights other than the right of use described in this notice are granted to the user.

7. Support and Assistance

For any question relating to the use of MyDataBot, the user may contact its organization’s MyDataSecurity administrator.

The adminstrator may refer to the IDECSI help center, available at help.idecsi.com,

8. Warranties and Liability

MyDataBot is provided within the scope and under the terms of the agreement entered into between IDECSI and the customer organization. The warranties, limitations of liability and availability conditions applicable are those set out in that agreement, not in this notice, which is for information purposes only.

9. Service Evolution

IDECSI reserves the right to evolve MyDataBot’s features, in particular to improve it, fix issues, or adapt it to changes in the Microsoft 365 or Microsoft Teams platform.

10. Amendments to this Notice

IDECSI may amend this notice at any time, in particular to reflect changes to the service or applicable regulations. The version in effect is the one published as of the date of access.

11. Governing Law and Jurisdiction

This notice is governed by French law. It forms part of the agreement entered into between IDECSI and the customer organization, which determines the competent jurisdiction in the event of a dispute.

12. Contact

For any question relating to MyDataBot, please refer to help.idecsi.com or contact the organization’s MyDataSecurity administrator.