Privacy & security
Welcome to our Privacy & Security page. Here, you can learn about Majoto’s privacy and security model, and the architecture and features that bring it to life.
Security dashboard
First things first, our dashboard feed from TrustCloud, showing our current security status. You can read more about our security compliance programme via TrustCloud below.
Our approach
Majoto has a unique architecture which follows the same core principles as our product. It helps us to make things simpler and safer.
Reduce
We apply thoughtful reduction to what we hold & process
Organise
We structure systems & processes in smart new ways
Enhance
We find simple ways to enhance safety and privacy
We brought our principles to life by building on top of Google Workspace which gives our customers industry leading security, access controls and continuity. We build additional measures on top as required and as our product and the third party service we use evolve. You can learn more about Google’s security features at the Google Workspace Security & Trust Center, and about our own privacy and security measures through the resources below.
Privacy and security model
Majoto reduces touch points with customer content and data, gives the customer possession and control of assets, and provides simple yet granular access controls to enable safe collaboration. We invite you to explore our privacy and security model using the Miro window below. (Try viewing it in full screen - hover your cursor over the bottom right hand corner.)
InfoSec compliance on TrustCloud
You can explore our security and compliance programme at https://majoto.trustshare.com/. We use TrustCloud (formerly Kintent) to develop and manage our compliance programme. The Majoto platform is in private beta and is continuously developing, so our programme is a work in progress reflecting those changes and our journey towards an ISO 27001 certification.
Business continuity
Majoto builds and keeps its core system files (code, templates, databases) on Google Workspace. Building on top of Google Workspace means continuity and access to content irrespective of any failures in Majoto code or processes - so long as Google is up and running (that’s 99.9% of the time - see here).
Your privacy and data
Majoto’s Google Workspace plan allows us to choose the geographic location of the Google servers that host our content and data. We have selected EU servers. This means that any data or content of yours that we collect (including our email exchanges) stay within the EU. See our privacy notice for more information about how we process your data and your rights.
The following additional information is relevant for individual users who install Majoto on their Google Workspace. Doing so requires you to authorise Majoto, which is a Google verified app.
Authorising Majoto to work with your Google apps
To install and use Majoto, we ask you to allow Majoto to work with your Google Drive and Gmail. We do this so that Majoto can run the installation process, automatically create and file your agreements and templates, notify you of events via email, and send files to you and your collaborators when you ask it to.
You authorise Majoto through this Google consent dialogue. This mechanism is used by Google as a way for users to grant websites or applications access to their Google apps without giving access to their passwords.
You have to allow Majoto to access your Google apps - Majoto cannot work without it.
This does not give Majoto access to your login credentials. Majoto will only access a minimum level of data (your admin and maker email addresses) as explained in our privacy policy. Majoto does not collect, record or process your data or content except for those few exceptions.
You can turn Majoto access off any time by going to to the Security section of your Google Account or directly to Security Checkup.
If you see an unverified app screen
If, when using or installing Majoto, you see a “This app isn’t verified” screen, let us know. It shouldn’t happen because Majoto is verified by Google. You can read more about what that means here.
If you are the administrator of a Google Workspace enterprise user, you can whitelist Majoto in your Google admin console so that other users in your organisation do not see this screen - see here. Google permits unverified applications where the app is used only by enterprise users (as opposed to members of the public).